www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-we...
Submission: On May 14 via api (May 14th 2023, 2:39:14 pm UTC) from US — Scanned from DE

Summary HTTP 240 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 52 IPs in 9 countries across 35 domains to perform 240 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	84.17.37.44 84.17.37.44	60068 (CDN77 ^_^) (CDN77 ^_^)
11	2a00:1450:400... 2a00:1450:4001:808::2001	15169 (GOOGLE) (GOOGLE)
3 7	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
9	2606:4700:20:... 2606:4700:20::ac43:47fe	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a5	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:350... 2a02:26f0:3500:12::1730:1786	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
38	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	54.238.54.124 54.238.54.124	16509 (AMAZON-02) (AMAZON-02)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
9	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	108.157.4.15 108.157.4.15	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
27	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:224... 2600:9000:224a:5800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:891f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a00:1450:400... 2a00:1450:4001:829::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.64 108.138.7.64	16509 (AMAZON-02) (AMAZON-02)
2 7	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	2a05:d018:d29... 2a05:d018:d29:3601:be75:5bfe:4248:e5a4	16509 (AMAZON-02) (AMAZON-02)
1	3.122.25.124 3.122.25.124	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:224... 2600:9000:224a:2a00:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	23.37.63.179 23.37.63.179	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:24e... 2600:1f18:24e6:b900:1dd6:ce45:ce0f:be7b	14618 (AMAZON-AES) (AMAZON-AES)
6	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
5	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	54.168.149.197 54.168.149.197	16509 (AMAZON-02) (AMAZON-02)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
3	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 1	164.92.213.94 164.92.213.94	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	169.197.150.8 169.197.150.8	398989 (DEEPINTENT) (DEEPINTENT)
1 1	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
2	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	141.226.230.50 141.226.230.50	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
1	87.248.100.137 87.248.100.137	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2a00:1288:110... 2a00:1288:110:c204::b000	34010 (YAHOO-IRD) (YAHOO-IRD)
240	52

1 84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 192.96.203.13 (Fort Scott, United States) 3 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
agent.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:12::1730:17a5 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:12::1730:1786 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.238.54.124 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-238-54-124.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.4.15 (Germany)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-15.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:5800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Hagerstown, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-42900428993550500720.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:891f (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c::5c7b:680f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-64.fra56.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d018:d29:3601:be75:5bfe:4248:e5a4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.25.124 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-25-124.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:2a00:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

adx.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.37.63.179 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-63-179.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b900:1dd6:ce45:ce0f:be7b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.168.149.197 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-168-149-197.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 164.92.213.94 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com

match.deepintent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.31.142.95 (Itasca, United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.50 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com

ads.yap.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:110:c204::b000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)

geo.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 990 trc.taboola.com — Cisco Umbrella Rank: 657 vidstat.taboola.com — Cisco Umbrella Rank: 2777 am-trc-events.taboola.com — Cisco Umbrella Rank: 16166 images.taboola.com — Cisco Umbrella Rank: 2040 imprammp.taboola.com — Cisco Umbrella Rank: 14139 am-match.taboola.com — Cisco Umbrella Rank: 14462 wf.taboola.com — Cisco Umbrella Rank: 2914 am-vid-events.taboola.com — Cisco Umbrella Rank: 13263 vidstatb.taboola.com — Cisco Umbrella Rank: 5371 pips.taboola.com — Cisco Umbrella Rank: 1646 cds.taboola.com — Cisco Umbrella Rank: 1909 am-wf.taboola.com	1 MB
44	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 107 a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143 40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com	660 KB
15	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 googleads.g.doubleclick.net — Cisco Umbrella Rank: 41	455 KB
12	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 2017 adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	16 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 375	220 KB
10	aralego.com 3 redirects ads.aralego.com — Cisco Umbrella Rank: 28405 sync.aralego.com — Cisco Umbrella Rank: 2738 agent.aralego.com — Cisco Umbrella Rank: 292256	6 KB
9	rubiconproject.com eus.rubiconproject.com — Cisco Umbrella Rank: 589 token.rubiconproject.com — Cisco Umbrella Rank: 600 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1113 pixel.rubiconproject.com — Cisco Umbrella Rank: 352	13 KB
9	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 12981	148 KB
6	yahoo.com pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 448 ups.analytics.yahoo.com — Cisco Umbrella Rank: 301 ads.yap.yahoo.com — Cisco Umbrella Rank: 11906 geo.yahoo.com — Cisco Umbrella Rank: 1469	2 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	890 B
6	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 17233 e3.adpushup.com — Cisco Umbrella Rank: 19040	247 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 356	1 KB
3	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 106230	29 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 61315 sync.logly.co.jp — Cisco Umbrella Rank: 69744	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 28289 audiencedata.im-apps.net — Cisco Umbrella Rank: 29201	4 KB
2	holmesmind.com adx.holmesmind.com — Cisco Umbrella Rank: 595155	2 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1044	702 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	81 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1129 pixel.quantserve.com — Cisco Umbrella Rank: 945	10 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 164	3 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 775	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 27728	11 KB
1	yimg.com s.yimg.com — Cisco Umbrella Rank: 535	30 KB
1	zemanta.com 1 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 562	339 B
1	deepintent.com match.deepintent.com — Cisco Umbrella Rank: 1098	44 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 881	164 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2301	516 B
1	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 10042	253 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 324	147 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 23135	2 KB
1	ampproject.net d-42900428993550500720.ampproject.net
1	criteo.com gum.criteo.com — Cisco Umbrella Rank: 429	288 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1077	634 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 98637	16 KB
1	bg3.co www.bg3.co static.bg3.co Failed	17 KB
240	35

	Domain	Requested by
27	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.bg3.co tpc.googlesyndication.com ad.sitemaji.com
17	cdn.taboola.com	www.bg3.co cdn.taboola.com
15	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	images.taboola.com	www.bg3.co
9	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net
9	cdn.aralego.net	www.bg3.co ads.aralego.com adx.holmesmind.com agent.aralego.com
6	am-trc-events.taboola.com	www.bg3.co
6	adservice.google.com	cdn.ampproject.org securepubads.g.doubleclick.net pagead2.googlesyndication.com
5	www.google.com	tpc.googlesyndication.com
5	googleads.g.doubleclick.net	2 redirects cdn.ampproject.org pagead2.googlesyndication.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
5	ads.aralego.com	1 redirects ads.aralego.com agent.aralego.com
4	match.adsrvr.org	am-match.taboola.com imprammp.taboola.com eus.rubiconproject.com
4	www.google-analytics.com	www.bg3.co cdn.ampproject.org
3	am-wf.taboola.com	vidstat.taboola.com
3	pixel.rubiconproject.com	eus.rubiconproject.com
3	ad.sitemaji.com	adx.holmesmind.com agent.aralego.com
3	token.rubiconproject.com	eus.rubiconproject.com
3	pr-bh.ybp.yahoo.com	am-match.taboola.com imprammp.taboola.com
3	am-vid-events.taboola.com	www.bg3.co
3	sync.aralego.com	ads.aralego.com www.bg3.co
3	trc.taboola.com	cdn.taboola.com
2	agent.aralego.com	2 redirects
2	region1.google-analytics.com	www.googletagmanager.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	eus.rubiconproject.com	imprammp.taboola.com eus.rubiconproject.com
2	adx.holmesmind.com	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com
2	sb.scorecardresearch.com	cdn.taboola.com www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	delivery.adrecover.com	www.bg3.co
1	geo.yahoo.com	adx.holmesmind.com
1	ads.yap.yahoo.com	s.yimg.com
1	s.yimg.com	ad.sitemaji.com
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	ups.analytics.yahoo.com	am-match.taboola.com
1	vidstatb.taboola.com	www.bg3.co
1	b1sync.zemanta.com	1 redirects
1	match.deepintent.com	eus.rubiconproject.com
1	bttrack.com	eus.rubiconproject.com
1	match.adsby.bidtheatre.com	1 redirects
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	http-intake.logs.datadoghq.com	cdn.adpushup.com
1	audiencedata.im-apps.net	dmp.im-apps.net
1	40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	x.bidswitch.net	am-match.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	l.logly.co.jp	nt.compass-fit.jp
1	stats.g.doubleclick.net	cdn.ampproject.org
1	amp.analytics-debugger.com	cdn.ampproject.org
1	d-42900428993550500720.ampproject.net	cdn.ampproject.org
1	pixel.quantserve.com	www.bg3.co
1	gum.criteo.com	cdn.taboola.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	cdn.adpushup.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	e3.adpushup.com	www.bg3.co
1	nt.compass-fit.jp	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
240	68

This site contains links to these domains. Also see Links.

Domain
search.mynewsdealer.com
popup.taboola.com
perfectadd.art
cooltips.org
075cbc.pzzqvpjlfkbmb.com
www.sport1.de

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G2	`2022-05-20` - `2023-06-21`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
cdn.adpushup.com R3	`2023-04-05` - `2023-07-04`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2023-04-14` - `2023-07-13`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-12` - `2023-08-10`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.analytics-debugger.com GTS CA 1P5	`2023-03-22` - `2023-06-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2022-05-19` - `2023-06-20`	a year	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-04-10` - `2023-07-09`	3 months	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
feebee.com.tw R3	`2023-05-02` - `2023-07-31`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-04` - `2024-04-21`	a year	crt.sh
*.deepintent.com Go Daddy Secure Certificate Authority - G2	`2022-11-30` - `2024-01-01`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-02-21` - `2023-08-16`	6 months	crt.sh
*.api.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
*.pubgw.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-10` - `2023-05-31`	2 months	crt.sh
yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-05-02` - `2023-10-25`	6 months	crt.sh

This page contains 30 frames:

Primary Page: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Frame ID: F9FE462CD50CE09974BBC0B12CF5F746
Requests: 135 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 4E4DA0F55BA883D0E682CA15EB0918FB
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D7ECE43F8C49756158377963D39DD6E9
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: FEF305516BCE7FDDE3AE7BE18F3B74D7
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 19851C57EE83BD02E9E793B1A5E8FAD2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16438836261933780192&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3149&oid=2&is_amp=5&amp_v=2304262219000&d_imp=1&c=4573002321&ga_cid=amp-_qkd45hBlIVTHBKJADA73g&ga_hid=2321&dt=1684075139318&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&bdt=1101&dtd=24&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: AA55611DBCE2AC33FD954948E3F8E0F2
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1684075139465&uv=3275&tms=1684075139465&abt=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5a992ba7-2d56-4ce9-aa32-b828b32f9a06&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8B521397B9F1A1696EC97FC76AE7BA37
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 2E9AC5FD2C046309D2D95319A89B852A
Requests: 4 HTTP requests in this frame

Frame: https://a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D826E796485C9A0C46019103B6C60283
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Frame ID: 8077916DE529E5A6B1919B059D913D4E
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: B229F3FD5A482444BB22F2FF6837BC32
Requests: 12 HTTP requests in this frame

Frame: https://40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 32CDDC67019CD5C22830AB3F54F25B8D
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Frame ID: E1352F6DE0A743154C791C53255CAAF8
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CEA98DCA97C3AFA01B9347203285A7E0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 48F076FC7D1B74E3AD0AAB51A5E43BF1
Requests: 2 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: BFABB4D3AD5372BE8277D907416D584C
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6800CC795BD3041AD0659AE9843A4340
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 91378BFFE9129BF1D8C55E43A8D4AD14
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 38E054DF9D859B592E1E50398804ADA1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9073B4BC821049310C522E57D291A597
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Frame ID: 0E2A3A201872F441748B47B8FAE813BD
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D6DACA34C0DE39FEE1A8B6AA08CC11FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E40046ABDEE836ECF61E2AF50B5E1DC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html
Frame ID: F98A076432F8ADB4928FBD6CCB8576CB
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 09FA73BDD5DD4460C96E22EDC424F54A
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=2152568021&adf=552093718&pi=t.ma~as.9099904862&w=300&lmt=1684075140&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230307%2FnyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684075140229&bpp=5&bdt=161&idt=310&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&correlator=6185193062188&frm=8&ife=1&pv=2&ga_vid=76906887.1684075141&ga_sid=1684075141&ga_hid=1461657887&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1851353548&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759926%2C42532090%2C44773810%2C44759837%2C31071756%2C31073763%2C44782468%2C44788441%2C44789923%2C44789815%2C44769661&oid=2&pvsid=945336301871319&tmod=1853591055&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9wk10ywkazz3&fsb=1&dtd=344
Frame ID: A6CBAC524B0703A73794B4D0485858C9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CC5C585B9B9B2BFCF3D5D7988F591835
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7EBC9D4B1C097E4BD497BE78B5096F33
Requests: 2 HTTP requests in this frame

Frame: https://ad.sitemaji.com/ysm_bg3.js
Frame ID: 3AEAACC49BA9D6445048E190291A10DE
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/house/housead-55c83e0ac8eed1df04c1e6d6-1679070193476.gif
Frame ID: D5F313DAF270D4F5DD61F59320A52966
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

快訊／在野黨團不敵綠營人數優勢　《地制法》罵聲中順利付委 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

240
Requests

88 %
HTTPS

55 %
IPv6

35
Domains

68
Subdomains

52
IPs

9
Countries

3473 kB
Transfer

9840 kB
Size

13
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://search.mynewsdealer.com/search
Title: Solaranlagen | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://perfectadd.art/click_taboola.php
Title: Carports | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://cooltips.org/promo.php
Title: Ferienhaus in Dänemark | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://075cbc.pzzqvpjlfkbmb.com/
Title: Treppenlift | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://www.sport1.de/tv-video/video/lionel-messi-nach-dem-sieg-mit-argentinien-uber-mexiko-uber-seine-verletzung__63B8D087-DB71-4725-B44A-75515AF275FF
Title: Sport1 GmbH

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 132

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684075139&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684075139342&bpp=23&bdt=605&idt=224&shv=r20230510&mjsv=m202305090101&ptt=5&saldr=sa&correlator=7506868214600&frm=23&ife=1&pv=2&ga_vid=2136969095.1684075140&ga_sid=1684075140&ga_hid=136022070&ga_fc=0&ga_cid=amp-_qkd45hBlIVTHBKJADA73g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2329501920&scr_x=0&scr_y=0&eid=44773810%2C44759842%2C44759875%2C44759926%2C42532090%2C42532186%2C44782466%2C44788441%2C44790154&oid=2&pvsid=1316282628454826&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.pz9a9hdm6r85&fsb=1&dtd=282 HTTP 302
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Request Chain 146

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1684075139&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684075139397&bpp=11&bdt=641&idt=320&shv=r20230510&mjsv=m202305090101&ptt=5&saldr=sa&cookie=ID%3D7ad52a14d3c8d53d-22835a83a5df00c9%3AT%3D1684075139%3ART%3D1684075139%3AS%3DALNI_MYbgWaE8CwDuoFyFzJZPwTHC3R6Gw&gpic=UID%3D00000c1588940d1a%3AT%3D1684075139%3ART%3D1684075139%3AS%3DALNI_Ma9s0piz55QDLXgkXlUhIbCNvl4Tw&correlator=7506868214600&frm=23&ife=1&pv=1&ga_vid=1852983450.1684075140&ga_sid=1684075140&ga_hid=373697524&ga_fc=0&ga_cid=amp-_qkd45hBlIVTHBKJADA73g&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3344&biw=1600&bih=1200&isw=336&ish=280&ifk=4278124023&scr_x=0&scr_y=0&eid=44759842%2C44759876%2C44759927%2C44773810%2C31074469%2C44785292%2C44788442%2C44789779&oid=2&pvsid=1231526386261522&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.kvcj6n7kvcm0&btvi=1&fsb=1&dtd=355 HTTP 302
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Request Chain 171

https://match.adsby.bidtheatre.com/rubiconmatch?gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=1&gdpr_consent=&put=d29497ab-2874-4d6e-862b-053f8cc82df8

Request Chain 174

https://b1sync.zemanta.com/usersync/rubicon/?gdpr=1&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---

Request Chain 183

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 230

https://agent.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

240 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html Show response
www.bg3.co/a/ 58 KB
17 KB 2186ms
1314ms Document
text/html 84.17.37.44
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: unn-84-17-37-44.cdn77.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 112e7b09cec34f556940e2fc64c6a3c1118b027c3f77b3809208bb72d503f913

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=900
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Sun, 14 May 2023 14:38:57 GMT
ETag: "e68e-+XFxN8ChR6rzi3SyH5kOJ/vwgn8"
Expires: Sun, 14 May 2023 14:53:57 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 136ms
64ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

edcfddd81e044f1f01beb69b5224a8a3f9913a456a06c4025b97458c40c3b677

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 14 May 2023 14:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72834
x-xss-protection: 0
server: sffe
etag: "c158f1ffbc9a288c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 14:38:58 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 134ms
63ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9b4ddda16364d41b44d0e83b2b9f60d1e810d96f9e9078c1a5fae8e16e497b88

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 14 May 2023 14:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9669
x-xss-protection: 0
server: sffe
etag: "94af10a30687371b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 14:38:58 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 111ms
61ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7e79e05f378e7ee1eaf703981ac7f5ac32c4c410b2084c2e270a26d88b52ff1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Sun, 14 May 2023 14:38:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7579
x-xss-protection: 0
server: sffe
etag: "1949638f3ef2fc93"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 14 May 2023 14:38:58 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

62ms
17ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 8752
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=md6OAh1d%2BlMPtzExRt3WQSZpQXjX5N7fpgyCMN4yTbEVp%2F1iIvBXDM2umC9z4BiKOhFA93Qr7KbQqR7OLhRACB4H9bHscT4vkDgaxOAoVufThsSDjVC%2B3Ot02ddFy9y52urFwzOKNsBuEvcz2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c73e350ecb02baf-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 36 KB
10 KB 71ms
16ms Script
application/javascript 2a02:26f0:3500:12::1730:17a5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 5bc07768431d2ec9c8b0b65600665b425cc63c3d647f8d244e6c05368171a280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
last-modified: Sun, 14 May 2023 07:00:23 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-cf-geodata: DE
content-length: 9883
expires: Sun, 14 May 2023 15:38:58 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 625 KB
133 KB 66ms
17ms Script
application/javascript 2a02:26f0:3500:12::1730:1786
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: e2ea3c887c50e622ba0352874317044fdf4c0d6e0b4a2e02d9df0ee3bd31634e

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
last-modified: Fri, 12 May 2023 14:25:52 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="467798_389027462_586829989_727_1639_6_0";dur=1
x-cf-geodata: DE
content-length: 135986
expires: Sun, 14 May 2023 15:38:58 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 269 KB
45 KB 140ms
41ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0784d3f74f0cb7e5d0f19792278244486048e75a16daa57ad3ccd942af61a5c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: xigTuDeEhn9CKGPWXuhhdh0AoZWJQiPM
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: 0ZDPGPHZS0H9W0RR
age: 1276
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 7
x-amz-replication-status: FAILED
content-length: 45132
x-amz-id-2: Kt+Db08k063M/Dk3l/o0zKmAHn83Ju5L3/ySZNI/1d1YNyy/0sIjwwaYzqnprewfqw5DuThmaFY=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 14 May 2023 14:17:42 UTC
server: nginx
x-timer: S1684075138.344292,VS0,VE2
etag: "5fb698c4e9e02e0c24aa6404d904fd12a580e98a"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 17
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 77 KB
16 KB 1056ms
516ms Script
text/javascript 54.238.54.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.238.54.124 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-238-54-124.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: f944e47531068ae80f68fedd4993359c077908a54be94e006ab44f553ea79c06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 65ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1684075138.dop125.fr8.t,1684075138.cds255.fr8.hn,1684075138.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 44ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1684075138.dop125.fr8.t,1684075138.cds255.fr8.hn,1684075138.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
868 B 8ms
8ms Image
image/jpeg 2a02:26f0:3500:12::1730:17a5
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1684075138405
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a5 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:58 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Sun, 14 May 2023 15:38:58 GMT

GET
H2 200 pb.42753.1674819540207.js Show response
cdn.adpushup.com/prebid/ 349 KB
94 KB 47ms
23ms Script
application/javascript 2a02:26f0:3500:12::1730:1786
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1674819540207.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
last-modified: Fri, 27 Jan 2023 11:39:13 GMT
server: nginx/1.18.0
etag: W/"63d3b7e1-5744c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=7, ak_p; desc="467798_389027462_586830285_769_1386_6_0";dur=1
content-length: 95255
expires: Mon, 13 May 2024 14:38:58 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
563 B 17ms
17ms Script
application/javascript 2a02:26f0:3500:12::1730:1786
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467798_389027462_586830294_30_1629_6_0";dur=1
content-length: 211
expires: Mon, 13 May 2024 14:38:58 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 27ms
27ms Script
application/javascript 2a02:26f0:3500:12::1730:1786
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="467798_389027462_586830303_160_1516_6_0";dur=1
content-length: 18371
expires: Sun, 14 May 2023 15:38:58 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 74 KB
25 KB 173ms
105ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f0e1aafab4a6623cef9a3bc652031a50a56d78e7ac511695db9355bc7ce045aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25234
x-xss-protection: 0
server: cafe
etag: 503 / 19491 / m202305090101 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:58 GMT

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
366 B 88ms
16ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:38:58 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 27 KB
11 KB 131ms
87ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d2494c415ce0b63180b5280065eabfe0003826d65fd2db16b402bba50f27da90

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O4twFdIE3TyrsXQ5eD--aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-security-policy: script-src 'report-sample' 'nonce-O4twFdIE3TyrsXQ5eD--aw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js Show response
cdn.taboola.com/libtrc/ 763 KB
159 KB 39ms
39ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 8b6e94f802f11887b48bf88c4d1a3c81315382cb9b780f4fa2aff74732160372

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: sbk29jltFl14g6Iw6GzVLSHRCSFr93z8
content-encoding: br
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: 3P8JSEG2CQM8E7S5
age: 22135
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 162624
x-amz-id-2: enVLI7ktPgMDmipAp3Iu4isCIikTBPW17VxaLNksyWKqB3Ye4CO70w8NMPxRWmnO8DB9j97TFac=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:58:57 GMT
server: AmazonS3-br
x-timer: S1684075138.468867,VS0,VE0
etag: "b3f80c511a26de89d345c34e3a37559d"
vary: Accept-Encoding
content-type: application/javascript
abp: 81
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1155

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 43ms
11ms Script
application/javascript 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 06:03:53 GMT
content-encoding: gzip
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 09:22:40 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 30905
x-amz-server-side-encryption: AES256
etag: W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 3LjBV4SQz1y259RTBhNLr66hwhydYzd6kKkLCyXKVrQw3uSkgDN3SA==

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
79 B 108ms
108ms Image
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=cropping-v3_var
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230100-FRA
date: Sun, 14 May 2023 14:38:58 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1684075138.471136,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 60ms
10ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Sun, 21 May 2023 14:38:58 GMT

GET 7775f627c3fdb95f70494f37eddbd84d.jpg
static.bg3.co/imgs/202112/ 0
0

GET ba18c5e0b68d4906215bc0b43325d36a.jpg
static.bg3.co/imgs/202106/ 0
0

GET 54a6c7cc85550f828db27264e59ba98f.jpg
static.bg3.co/imgs/202110/ 0
0

GET 0dbc8cb2f3b056da1e7aa11c22596764.jpg
static.bg3.co/imgs/202112/ 0
0

GET 03c212c7133a5ab7e94b6e7c139f0e02.jpg
static.bg3.co/imgs/202106/ 0
0

GET 4f4519d1f67c5f1bfe1ee43bde887f55.jpg
static.bg3.co/imgs/202109/ 0
0

GET 2305875f9abeb17a4ba8e8ed4ab05262.jpg
static.bg3.co/imgs/202106/ 0
0

GET 85a32288d0785c690fda1a8b79d9181d.jpg
static.bg3.co/imgs/202105/ 0
0

GET e2237e7e69848306b474a8892ee15791.jpg
static.bg3.co/imgs/202112/ 0
0

GET 134a6e815179bc31a295b59f51f66d5f.jpg
static.bg3.co/imgs/202112/ 0
0

GET aa11b384bee0097c017faf8e57c58709.jpg
static.bg3.co/imgs/202112/ 0
0

GET e2237e7e69848306b474a8892ee15791.jpg
static.bg3.co/imgs/202112/ 0
0

GET 16dc5542bccbb207743969296e24d59b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 246faf547a77cbd34b25f3046d70be0a.jpg
static.bg3.co/imgs/202105/ 0
0

GET bf5c56ebecdac6203be646fb317abfb6.jpg
static.bg3.co/imgs/202106/ 0
0

GET cc14e2a195d84466017809cf84aa6187.jpg
static.bg3.co/imgs/202105/ 0
0

GET 44997cf383c344ded36891dbbf6e456c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 16fdaa2400646cfb81e4e988b7f14a8e.jpg
static.bg3.co/imgs/202105/ 0
0

GET 75a5af625cb6c0b24cec13fd2cce1775.jpg
static.bg3.co/imgs/202106/ 0
0

GET 29df5d2131fbf9c9035b8c8273933929.jpg
static.bg3.co/imgs/202112/ 0
0

GET 0dccf0152029624356d5b3dee0b24671.jpg
static.bg3.co/imgs/202204/ 0
0

GET 75d879899dea9a8def7c3e75dddd2c15.jpg
static.bg3.co/imgs/202201/ 0
0

GET 8164a9ddc13f1a56e1023b16c1e397e0.jpg
static.bg3.co/imgs/202112/ 0
0

GET 6f6588ab0c264b40d4b33fb75cf537f0.jpg
static.bg3.co/imgs/202107/ 0
0

GET
H2 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 8 KB
4 KB 84ms
55ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5d5c8cc50cf0377951ada6a7602f54ea87fc0014898d6f80d1be2b7273ef2b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 13 May 2023 01:31:03 GMT
age: 133675
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2993
x-xss-protection: 0
server: sffe
etag: "80572a9372124496"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 12 May 2024 01:31:03 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 82 KB
23 KB 81ms
57ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4189eed67d24cf577ee7521b01980c1c76874f2ca7830c761b383215656230b3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:32 GMT
age: 412646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23125
x-xss-protection: 0
server: sffe
etag: "a783e6619a690963"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:32 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
825 B 113ms
44ms Fetch
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25e6714659af0c54d76700b623a6931eed20bea903b8875d935e9e2a83c4e68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0

GET
H2 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 12 KB
4 KB 128ms
110ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea369b57f0c666e908689cd3d672a6636958094d2d1bf6620cb2de468ffdcd2

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:32 GMT
age: 412646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3935
x-xss-protection: 0
server: sffe
etag: "ef1a1904dcb0cee5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:32 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
227 B 17ms
16ms Image
text/plain 108.157.4.15
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1684075138559&ns_c=UTF-8&c3=1&c7=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&c8=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&c9=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.15 , Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-15.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
via: 1.1 7dc1e6ca5d933ea10694c61d8475b502.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: JI7NFjD_9VhHNdlJJsrZZcoEPoU_DX6V5WjyfgOU4c5mNBEKlgbtzQ==
x-cache: Miss from cloudfront

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 201ms
49ms Script
application/javascript 2600:9000:224a:5800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 13:45:45 GMT
via: 1.1 6ee47dd27ca379a812104b559e9a5a22.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
age: 3194
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: jX1Q8kWJj6IMIfT270nCegbZhrS2Fj_GBG1Yg6vyEV4eI5SDBO0dzA==

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 182ms
57ms Script
text/javascript 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 329439
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 73 KB
20 KB 364ms
350ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=14%3A38%3A58.608&lti=cropping-v3_var&data=%7B%22id%22%3A944%2C%22ii%22%3A%22%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1683798986961%2C%22vi%22%3A1684075138604%2C%22cv%22%3A%2220230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A11259%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html%22%2C%22vpi%22%3A%22%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3249%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A3039.515625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22cropping-v3_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a86fed9a6a02253b89289991a3e86a1cfff8b9c86c7a4c45b50ca2f42f62a873

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 306
date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230100-FRA
server: nginx
x-timer: S1684075139.622829,VS0,VE306
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ 402 KB
124 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 11:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10562
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 May 2024 11:42:56 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 114 B
622 B 103ms
77ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77
x-xss-protection: 0
expires: Sun, 14 May 2023 14:38:58 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 40 KB
10 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd1e988c31d1963cd1d2813571485232a6687e960466a86ca4cd3d8eef72ab8f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:32 GMT
age: 412646
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10285
x-xss-protection: 0
server: sffe
etag: "2320e5b2e82da2b8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:32 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 214 KB
57 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4da2872473cf32bbc42de664d1b0aece2263bff56a204f67dcfc9333518a7db8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:41 GMT
age: 412637
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57955
x-xss-protection: 0
server: sffe
etag: "77f449b73afe6f4d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:41 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
636 B 20ms
19ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4102
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=meNXbMV%2F7nV5dMmw%2BkvnmR5q3AcNrcHEUKad4JsC1zLt0ittSHSXF3QfhkQaSZv%2Fqx0etP87zQexqGzTDfser%2BqTCH0hX1nARE62%2FvLAh7ZDPTjUaD%2BGWycSK0gqWaxpNtsvReeRH%2FXxXirq%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c73e3511ce22baf-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 429ms
103ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 95bdf60d99113a7678a44fa0eef7ce8f640f5b312be1a7a914466a7325385171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 412ms
102ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 95bdf60d99113a7678a44fa0eef7ce8f640f5b312be1a7a914466a7325385171

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 383ms
177ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7865111298357068&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 14:38:59 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 513

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 513 B
1 KB 385ms
181ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.5131378524499774&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 14:38:59 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 513

GET
H2 200 pixel;r=1322467695;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html;uh=e51ed67dfb8d91dc...
pixel.quantserve.com/ 35 B
373 B 23ms
9ms Image
image/gif 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1322467695;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2092328928-1684075138580;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1684075138787;tzo=0;ogl=;ses=362cbe9a-9696-48e4-a681-93cc8bfbb867;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:38:58 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012304262219000/v0/ 110 KB
31 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d126806fb8446a0c0a359295c6706b4e82c2de595c5dab9505b82b2e76f2e33e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 08 May 2023 19:10:27 GMT
age: 502111
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32107
x-xss-protection: 0
server: sffe
etag: "a4272cdf93e6e0f7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 07 May 2024 19:10:27 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
480 B 58ms
17ms Fetch
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 nameframe.html
d-42900428993550500720.ampproject.net/2304262219000/ 0
0 115ms
41ms Other
text/html 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-42900428993550500720.ampproject.net/2304262219000/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/ 2 KB
812 B 57ms
56ms Fetch
application/json 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:01:35 GMT
age: 412643
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 782
x-xss-protection: 0
server: sffe
etag: "c331f834e77c69a1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:01:35 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 5 KB
2 KB 249ms
113ms Fetch
application/json 2606:4700:e2::ac40:891f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:e2::ac40:891f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Frame-Options	SAMEORIGIN, SAMEORIGIN
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: master-only, master-only
age: 11162
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block, 1; mode=block
referrer-policy: same-origin, same-origin
last-modified: Sun, 14 May 2023 11:32:57 GMT
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FdLyHLU5PK6wmF7qgTfwyONrIPGli8hEl5OevGGCerrCaaKDx9gjHVVMxorNwUBotiME5X8vPVMEe5BNWs6cbkIlgabCDCAs21zxs1EdEhfeL%2FZJz%2FFPEsUUhZwgh3Smcvo6Uh13mfiygy%2BdUDHb4HosMAbaVloeA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230423b
cf-ray: 7c73e3538ff137e9-FRA

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/ 2 KB
931 B 56ms
55ms Fetch
application/json 2a00:1450:4001:808::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012304262219000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 09 May 2023 20:02:03 GMT
age: 412615
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 901
x-xss-protection: 0
server: sffe
etag: "753be08e58acf9ea"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 08 May 2024 20:02:03 GMT

GET
H2 200 floating-unit.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 47ms
47ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06ccfc34b2f53bdbc50d20836e266eeacc1429ea5b460a895246ae779e0aeb57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: MPqJ0npWaNUisA4AMLLM_a5CX3po1nqx
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: 3QKAQZET2R625ZX4
age: 40
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 2506
x-amz-id-2: /sLcOMCebEbUqx8qTqsNIOfwJ4MiSR6EHnenUrFt0JigBuF0LgL/EMSgcO/1uXIEedcnHDdO/yY=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:59:07 GMT
server: AmazonS3
x-timer: S1684075139.984140,VS0,VE2
etag: "89446259176fc4bc260daf5e7e792113"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 36
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 taboola-vignette-new-scanning.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 26 KB
8 KB 48ms
48ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2cd4626b8b6e6bcefc6156d57006f1ae4666b0244b41498c50ab7cb3a9472aba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: ZiAjHguNVL7HiCZYXdbdoHTIXUGuC1kG
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: 011263YQ3JR7RH1W
age: 100
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 7762
x-amz-id-2: 77KllQeAtOkvV5bHO7jwxFiAXT7NIgL8TtJvcTSRJLfs/nCaSqMctMEB1THAp0q0mtCzRzaYdfQ=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:59:27 GMT
server: AmazonS3
x-timer: S1684075139.984583,VS0,VE2
etag: "88cd805ee3279bd7b76597728f46eec9"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 32
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 distance-from-article.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 45ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c4f9df929e6d5ebf356a4329516d9c16c3c04888733f3be0312ada2ddd6c8236

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: PPJSNyOjqq_bDlmb7kd3gC5LPBRuiOJ2
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: ZCWDRBGS39310QBC
age: 35
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1171
x-amz-id-2: FHNhrhoyzWHEFwCX72w6wccsQ20lVLrDIsOxzRrSz/qCjNWyjTIhf4oVk6S0l1LPPuQMNKVecVg=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:58:57 GMT
server: AmazonS3
x-timer: S1684075139.995822,VS0,VE0
etag: "881f5b5dd2b07689b4d518be11ce2cfe"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 3

GET
H2 200 article-detection.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 46ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d32b07d3d05899d327407e0ebfc90da1699544b830317a46e527f1b62b2ee00

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: P0jKISK_nFkKijf6oNF83ZJQXZ5uk0RY
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: KQN2C3JBFZQDGY5T
age: 69
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1270
x-amz-id-2: ZTEyG1DNsU5s7y0Cm8NumvUmA8gcyX/WogDWAu8EU8OOc2MHHyuyU45c1Tvp0xq5Lpwsc8rdTeE=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:58:51 GMT
server: AmazonS3
x-timer: S1684075139.996155,VS0,VE0
etag: "3ede35fbc4d83f3cdfd467e432592abd"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 share-buttons-detection.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 1 KB
972 B 46ms
46ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/share-buttons-detection.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 25a17fb25ca9cace7ff6fde2e42cb9ee50f6bdf6acaacb0b82953bcef3ef9d77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: szGQ5sooSiwtmN_aqRX5qYD8Bj1Jry4E
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:58 GMT
x-amz-request-id: 3K19P1JP1BDDTPTC
age: 73
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 712
x-amz-id-2: sdbiTlCqDpXxpAKmppv5ialNx1a+7kHmxjpB8ocNSwJrmTWN+JQ4ySnCmqq7sIiJtx7No2wzd0c=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:59:15 GMT
server: AmazonS3
x-timer: S1684075139.996274,VS0,VE0
etag: "808756bb6afc6c945c373d037a058702"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 7

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.0.1/ 111 KB
31 KB 141ms
140ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 36cd2d0f34e25c2dc5099656a60bedac.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 451929
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront, HIT
content-length: 31023
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Tue, 09 May 2023 09:06:26 GMT
server: AmazonS3
x-timer: S1684075139.003156,VS0,VE0
etag: "f42b894e197d2128ee7d3b438e0ac56d"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Vhm6dOEKajN0FRv5wq0rnJkAbon7mYzOuY27F6XguPOQ7eVWctdV0A==
x-cache-hits: 47312

GET
H2 200 feed-card-placeholder.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 141ms
140ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dee6aac20645f16fa48753fbc6b61dd34705ae3d45602cb77ef74bf46946ec40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: gceIL9Y8m6ghrGldCQvSMRHzcmXm1JSg
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:59 GMT
x-amz-request-id: 7PHFBK2WJ5S8PAPM
age: 103
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 1290
x-amz-id-2: aTx+jSb2blvWXYg0hQmUYtVSDwarb29Rsu4Uo5HKBN+69+pixvn3T/AtO+iZPPVLYmYPok/6TY0=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:59:02 GMT
server: AmazonS3
x-timer: S1684075139.003141,VS0,VE0
etag: "472dfea764703a11f6548cab8bff9483"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 80
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 5

GET
H2 200 userx.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 137ms
136ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fd15387389792c5019758a9a239e1176061b7564c38903aeb5016b246fe2020d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: UxUVlUiVfV5Ugl.0nHV4jXA462E_eInN
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:59 GMT
x-amz-request-id: 490YF2YB68C6TT98
age: 88
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5431
x-amz-id-2: VWVNay5m/bo6Nd/Kot+53kqLTgcocEVwMeZDfz+7sKA4x+nl6tKPGNbTym5Ep6WWRVPtQIO+AqQ=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:59:31 GMT
server: AmazonS3
x-timer: S1684075139.005159,VS0,VE1
etag: "9de8c596f10c00d8de073a2eed045891"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 66
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 108ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=cropping-v3_var&ri=51f4d35d432fa1832c6c062d00998629&sd=v2_2b8ac652b5d2bb83bd09858e4960f041_75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802_1684075138_1684075138_CNawjgYQ2YJdGKyczdWBMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802&pi=/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&wi=4192435433039974098&pt=text&vi=1684075138604&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=14%3A38%3A58.983&id=2250&llvl=2&cv=20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
232 B 106ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=cropping-v3_var&ri=51f4d35d432fa1832c6c062d00998629&sd=v2_2b8ac652b5d2bb83bd09858e4960f041_75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802_1684075138_1684075138_CNawjgYQ2YJdGKyczdWBMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802&pi=/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&wi=4192435433039974098&pt=text&vi=1684075138604&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1684075138983%7D&tim=14%3A38%3A58.984&id=2051&llvl=2&cv=20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 108ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=cropping-v3_var&ri=51f4d35d432fa1832c6c062d00998629&sd=v2_2b8ac652b5d2bb83bd09858e4960f041_75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802_1684075138_1684075138_CNawjgYQ2YJdGKyczdWBMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802&pi=/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&wi=4192435433039974098&pt=text&vi=1684075138604&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1684075138990%7D&tim=14%3A38%3A58.990&id=1854&llvl=2&cv=20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 84ms
84ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:59 GMT
x-amz-request-id: TVRHNHYBPQ9HMG0X
age: 13
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: uFbaSJk9yktyAUFgMlgPkVbCzqgaR0HXe4qprVaC8AF1ppw4MYEqjVCkDKZnUzIdcOL0Pli8bIw=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1684075139.058601,VS0,VE1
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 27
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 21

GET
H2 200 81b0729bada37132dbbc2f3157781bf8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_825%2Cw_1100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 72 KB
73 KB 107ms
106ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_825%2Cw_1100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1303c8b20c7e1963d57fc9e1810276814d632d7f9a30398905e2a12bdb628778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_825%2Cw_1100%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
age: 869274
edge-cache-tag: 357954298713990155053928992510195782714,380557120827242204309196295110066286773,29ecf9b93bbf306179626feeda1fab70
cache-tag: 357954298713990155053928992510195782714,380557120827242204309196295110066286773,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time: 401
req-referer: https://www.rheinische-anzeigenblaetter.de/
content-length: 73696
x-request-id: ab4e36e0301dfd762880d8dbe90ee6fc
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000101-IAD, cache-iad-kjyo7100059-IAD, cache-chi-kigq8000135-CHI, cache-iad-kiad7000174-IAD, cache-fra-eddf8230100-FRA
last-modified: Thu, 04 May 2023 11:23:59 GMT
server: nginx
x-timer: S1684075139.082807,VS0,VE2
etag: "efcf3aa069b0ba1617c4eb4524cdc9cf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 0, 1

GET
H2 200 81b0729bada37132dbbc2f3157781bf8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
51 KB 106ms
105ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 178e68b23fc6d0aa3d1d62f75e80dbc1ee57fbfc47988c47f4497d1683e21847

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
age: 871496
edge-cache-tag: 357954298713990155053928992510195782714,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 357954298713990155053928992510195782714,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 253
req-referer: https://www.gazzetta.it/
content-length: 51110
x-request-id: 0fdeb63a3b757c1536bd306592501cd2
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000083-IAD, cache-iad-kcgs7200037-IAD, cache-lga21922-LGA, cache-iad-kjyo7100113-IAD, cache-fra-eddf8230100-FRA
last-modified: Thu, 04 May 2023 11:23:59 GMT
server: nginx
x-timer: S1684075139.082787,VS0,VE2
etag: "f0f5fe585ef836ab384744b72906579d"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 9, 1

GET
H2 200 835b943a4f664dcd8b7482f44d43da8a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
25 KB 159ms
159ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/835b943a4f664dcd8b7482f44d43da8a.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: fa5dfc00ef2bdd2b13c2bbf741d4099cd90555dc04bbe7ddfedb19b74fb07616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/835b943a4f664dcd8b7482f44d43da8a.jpeg
age: 1650743
edge-cache-tag: 614245524730591771025438463568420871953,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
cache-tag: 614245524730591771025438463568420871953,400943418252675406674416846973572213176,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 208
expiration: expiry-date="Mon, 22 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 24212
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kiad7000165-IAD, cache-iad-kjyo7100070-IAD, cache-lax10648-LGB, cache-iad-kiad7000027-IAD, cache-fra-eddf8230100-FRA
last-modified: Fri, 21 Apr 2023 23:00:10 GMT
server: nginx
x-timer: S1684075139.128237,VS0,VE0
etag: "c8f013d76f4667d37e1b493d7e878545"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 21, 2

GET
H2 200 ee9b8ec282dbd0407256ee8f3f26f45a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 24 KB
24 KB 154ms
154ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee9b8ec282dbd0407256ee8f3f26f45a.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b9577734e8b47d2b0d83e0558e5e6d0ea4ff6cb18030e9f7260fa7f1a4d0faac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ee9b8ec282dbd0407256ee8f3f26f45a.jpeg
age: 2712731
edge-cache-tag: 302203516539033536820280278780036335168,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag: 302203516539033536820280278780036335168,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 124
expiration: expiry-date="Tue, 09 May 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tippsundtricks.co/
content-length: 24234
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000091-IAD, cache-iad-kcgs7200101-IAD, cache-lga21950-LGA, cache-iad-kiad7000140-IAD, cache-fra-eddf8230100-FRA
last-modified: Sat, 08 Apr 2023 11:52:17 GMT
server: nginx
x-timer: S1684075139.129411,VS0,VE0
etag: "6b31961ffbbaf97dd398eb0c9a4adc4b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 202, 4

GET
H2 200 dc923f08150194ed8d418794ce746cd3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 148ms
148ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc923f08150194ed8d418794ce746cd3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d48767f7c83c518e49be6471eb36c89cd7d3853c2d92bc88e83be66b1e411efe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc923f08150194ed8d418794ce746cd3.jpg
age: 4081389
edge-cache-tag: 308274417031467530350602575602634612732,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308274417031467530350602575602634612732,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 291
expiration: expiry-date="Fri, 28 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 32242
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100050-IAD, cache-iad-kjyo7100176-IAD, cache-lga21931-LGA, cache-iad-kjyo7100159-IAD, cache-fra-eddf8230100-FRA
last-modified: Tue, 28 Mar 2023 07:48:18 GMT
server: nginx
x-timer: S1684075139.129536,VS0,VE2
etag: "e3839c96e71e22ac682c5ff317babc07"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 600, 1

GET
H2 200 1200x630
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reshape.sport1.de/c/t/4a411b00-1408-4bf9-aef3-6e90194bf56f/ 21 KB
22 KB 183ms
182ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reshape.sport1.de/c/t/4a411b00-1408-4bf9-aef3-6e90194bf56f/1200x630
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 65fe52b81ee7e70565fc15d971658261cc738b7f0cc60370bd69e187d1cfeefe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//reshape.sport1.de/c/t/4a411b00-1408-4bf9-aef3-6e90194bf56f/1200x630
age: 2771560
edge-cache-tag: 338168089218948569840762274326942961286,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 338168089218948569840762274326942961286,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 748
expiration: expiry-date="Fri, 21 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.kicker.de/
content-length: 21738
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100086-IAD, cache-iad-kjyo7100084-IAD, cache-lax10654-LGB, cache-iad-kcgs7200035-IAD, cache-fra-eddf8230100-FRA
last-modified: Tue, 21 Mar 2023 01:47:18 GMT
server: nginx
x-timer: S1684075139.146300,VS0,VE1
etag: "3a53101287b029c46743d49a1f4768e3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 74, 1

GET
H2 200 97d04b61b417c398c07250416a6cf1f9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 87ms
82ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97d04b61b417c398c07250416a6cf1f9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 4043344bf3b19b80718d228deba3f5bbcfa05d37e0c9bc762c2d13e29b99ad21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/97d04b61b417c398c07250416a6cf1f9.jpg
age: 2815839
edge-cache-tag: 526010110373893354730524046152538847729,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
cache-tag: 526010110373893354730524046152538847729,455878024602911829126398966848825622128,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 183
expiration: expiry-date="Sun, 23 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ouest-france.fr/
content-length: 5348
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200054-IAD, cache-iad-kcgs7200067-IAD, cache-lga21926-LGA, cache-iad-kcgs7200163-IAD, cache-fra-eddf8230100-FRA
last-modified: Thu, 23 Mar 2023 18:16:37 GMT
server: nginx
x-timer: S1684075139.248224,VS0,VE1
etag: "a55f442e9e51fed8b56a7ab80e73f046"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 4, 1

GET
H2 206 uog0uujzkhhiwve7qcv0.mp4
cdn.taboola.com/libtrc/static/video/v1676287299/ 278 KB
279 KB 145ms
145ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1676287299/uog0uujzkhhiwve7qcv0.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c928d9d5bd7954e0b9efb991a3afe7abf8909559a026437efa4715539962ffe

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bCmHP3rKx8EiYjXh_lTzJIMNKlZ3l8SJ
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish
x-amz-request-id: 3JP9FHHJEJAF63MP
age: 68
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-284873/284874
x-amz-replication-status: COMPLETED
Content-Length: 284874
x-amz-id-2: zpdlZBBi3zyIPVo7delqOGHhkSHqoBSoZ+pWZFx7m1LnVtl90Cif+QXojSictopzSM8COXDlfxc=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Mon, 13 Feb 2023 11:21:44 GMT
server: AmazonS3
x-timer: S1684075139.130358,VS0,VE2
etag: "5037312da17110f3f1c0f58637a7f0dc"
content-type: video/mp4;codecs=avc1
abp: 92
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 613 B
717 B 95ms
45ms Fetch
application/json 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 259
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 next-up-widget.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 138ms
138ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87f6fdefdbf4f0b54d38fe6d810bc3f4c04e2d5dd730e2942646807b9d9c88e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: yE6HmLhGNnuzEPNXr4ylevtK176PSzQH
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:38:59 GMT
x-amz-request-id: NP0P3HMMJSQSJY4F
age: 32
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 4655
x-amz-id-2: PdWb8Qo/J7aG9W0EWGgI6ISgBy8SjISufi6/vEcumNfF5GOJ5/oLURC5+9YEpFIga1dn5XYpidI=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 07 May 2023 07:59:10 GMT
server: AmazonS3
x-timer: S1684075139.131832,VS0,VE1
etag: "6c51c34a6509e8f60afa8a96b4d05815"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 70
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 23ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=cropping-v3_var&ri=51f4d35d432fa1832c6c062d00998629&sd=v2_2b8ac652b5d2bb83bd09858e4960f041_75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802_1684075138_1684075138_CNawjgYQ2YJdGKyczdWBMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802&pi=/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&wi=4192435433039974098&pt=text&vi=1684075138604&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22feed-distance-from-article-end%22%2C%22type%22%3A%22344.625%22%2C%22eventTime%22%3A1684075139121%7D&tim=14%3A38%3A59.121&id=1143&llvl=2&cv=20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 0
231 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=cropping-v3_var&ri=51f4d35d432fa1832c6c062d00998629&sd=v2_2b8ac652b5d2bb83bd09858e4960f041_75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802_1684075138_1684075138_CNawjgYQ2YJdGKyczdWBMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABo_5unsoL-6_KlAXAA&ui=75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802&pi=/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&wi=4192435433039974098&pt=text&vi=1684075138604&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A931%7D%22%2C%22eventTime%22%3A1684075139146%7D&tim=14%3A38%3A59.146&id=2940&llvl=2&cv=20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame 4E4D 91 KB
32 KB 128ms
104ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

146b70521c71144b861cc0401c641c76bb64db4e09b4e6b1ff8819610bb19cc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32519
x-xss-protection: 0
server: cafe
etag: 3584729748456338654
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame D7EC 91 KB
32 KB 188ms
165ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83d66328b71e54ee0ce47d67fcf4ccc6c29819e34a18fa8bfcd89971f5c92bd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32511
x-xss-protection: 0
server: cafe
etag: 8178942835601287442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame FEF3 714 B
812 B 20ms
19ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c73e353ecee694f-FRA
content-encoding: br
content-type: text/html
date: Sun, 14 May 2023 14:38:59 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k3FcmVR%2B488gugzdyB7T5VGMZB85%2BZs6Jks0TmXGMXDpZeO8Ps5El9ir6SS4u1v%2Bi3iQJ5oEO9vDBtXM2k%2BTlBewKyLcMegSuZVYQeci0ZxTu43x%2BNdMjtyQi0k7NPcyqO9x4GzfqtTSDYF6tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 292ms
96ms Image
image/gif 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Hagerstown, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
connection: close
content-length: 35
content-type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 1985 714 B
778 B 21ms
20ms Document
text/html 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 172
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7c73e353ecef694f-FRA
content-encoding: br
content-type: text/html
date: Sun, 14 May 2023 14:38:59 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2FX06nCUpPtvEnbOnICS5GToLeWRzqf260AVu0bL2ew7Vf3o34sr%2Bm%2BHDSzcVf%2FOL2Pyco6A7PDuxZ%2FLCXk0zUs6jEgUdL0ZS%2FD7a1QW8XvzC1MCYzxY%2F5tpYB901VdhxqTSouA23V6xqPgNXg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 204 debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 18ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=14%3A38%3A59.193&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=7088&cv=20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27&lt=cropping-v3_var&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 22963

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame FEF3 75 KB
25 KB 166ms
166ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e7c5bcb65d097abd06c44562816bf1f40b78aa29809f457485ac5e1b3f58c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25242
x-xss-protection: 0
server: cafe
etag: 119 / 19491 / 31074558 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1985 74 KB
25 KB 222ms
221ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cbb229f3301f45fb2d2898017e941591023e1f6ffcdfa0d858d9be85cfee3e08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25235
x-xss-protection: 0
server: cafe
etag: 964 / 19491 / m202305090101 / config-hash: 12209807291441061903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
159 B 97ms
55ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-_qkd45hBlIVTHBKJADA73g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.1659056178053877&gjid=0.9896077483263226&_r=1&a=2321&z=0.09855554163482783&gtm=45De000

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
252 B 62ms
55ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=2321&cid=amp-_qkd45hBlIVTHBKJADA73g&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&dr=&dt=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=page_view&sid=1684075139&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
252 B 186ms
62ms Ping
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-_qkd45hBlIVTHBKJADA73g&aip=1&sid=1684075139&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame 4E4D 356 KB
120 KB 74ms
73ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41bddf112c04ba0340e767c918444878ab48e3ac606e1f2f5468e77946741d5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122679
x-xss-protection: 0
server: cafe
etag: 16458210838354053615
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H2 200 81b0729bada37132dbbc2f3157781bf8.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 45ms
45ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1fbeebf311facfd988e082b95747850d9d168718cef1c13acc061f8f33aa55a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81b0729bada37132dbbc2f3157781bf8.jpeg
age: 868879
edge-cache-tag: 357954298713990155053928992510195782714,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 357954298713990155053928992510195782714,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 244
req-referer: https://www.stiripesurse.ro/
content-length: 7000
x-request-id: 23ffcab2052a30a62ebe20f1112e45ae
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200117-IAD, cache-iad-kjyo7100024-IAD, cache-chi-klot8100103-CHI, cache-iad-kcgs7200156-IAD, cache-fra-eddf8230100-FRA
last-modified: Thu, 04 May 2023 11:23:59 GMT
server: nginx
x-timer: S1684075139.372426,VS0,VE1
etag: "38ab7da4ef81557173b5cdb062b9f294"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 dc923f08150194ed8d418794ce746cd3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 48ms
48ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc923f08150194ed8d418794ce746cd3.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d8bd228e594576ac253bdf885d335805dcf6be5cbe1ffb8282ea4b3d35cb1e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dc923f08150194ed8d418794ce746cd3.jpg
age: 3979367
edge-cache-tag: 308274417031467530350602575602634612732,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 308274417031467530350602575602634612732,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 17
expiration: expiry-date="Wed, 19 Apr 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://nufooz.com/5-restaurants-specially-designed-for-unusual-dining-experiences/?utm_source=sevenwestmedia-7news&utm_medium=7news.com.au&utm_term=1243548&utm_campaign=Ann-O.P-DSK-Sub-5-restaurants-specially-designed-for-unusual-dining-cats-slap-each-other&utm_content=23829085|sevenwestmedia-7news|3664841236&tblci=GiCQ-87UBjNxlNzX1fDC3FL9KlLD2ivZtlzsuYCMn1T51SCf5Fko1fe51NW2mtPAAQ
content-length: 5728
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kiad7000072-IAD, cache-iad-kjyo7100098-IAD, cache-lax10641-LGB, cache-iad-kiad7000084-IAD, cache-fra-eddf8230100-FRA
last-modified: Sun, 19 Mar 2023 01:05:25 GMT
server: nginx
x-timer: S1684075139.373329,VS0,VE1
etag: "27a0863ffed8004dd576ddf34f34c8ab"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 1, 66, 1

GET
H2 200 835b943a4f664dcd8b7482f44d43da8a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 7 KB
8 KB 47ms
47ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/835b943a4f664dcd8b7482f44d43da8a.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d77cd4b06cb52f4fd250207f84ed457dc4058ac33d18414fba45d9dd875cf70a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/835b943a4f664dcd8b7482f44d43da8a.jpeg
age: 1734783
edge-cache-tag: 614245524730591771025438463568420871953,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 614245524730591771025438463568420871953,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 37
req-referer: https://dekoking.com/
content-length: 7056
x-request-id: b8275db252f87b1e6223359d99e2cc79
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000151-IAD, cache-iad-kjyo7100086-IAD, cache-lga21973-LGA, cache-iad-kiad7000118-IAD, cache-fra-eddf8230100-FRA
last-modified: Mon, 10 Apr 2023 17:05:44 GMT
server: nginx
x-timer: S1684075139.372887,VS0,VE1
etag: "0ba67cc48af4ca9a565ec13ce65a7974"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 8, 1

GET
H/1.1 200
OK im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
700 B 176ms
45ms Script
text/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 14:38:59 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
Content-Type: text/javascript
Cache-Control: public, max-age=3600, s-maxage=10800
Connection: keep-alive
Content-Length: 445

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 301ms
237ms Script
text/plain 108.138.7.64
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY4NDA3NTEzOF8xNjg0MDc1MTM5X2JkNjk3M2MzMzAxNw%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-64.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 14 May 2023 14:38:59 GMT
Via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: FRA56-P6
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: 4pBchEnzcWJ93e-cXG5JfCbUgGh7avT7uuz6E-8KbdKXlFbxJc-AlQ==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 206 uog0uujzkhhiwve7qcv0.mp4
cdn.taboola.com/libtrc/static/video/v1676287299/ 127 KB
0 44ms
43ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1676287299/uog0uujzkhhiwve7qcv0.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bCmHP3rKx8EiYjXh_lTzJIMNKlZ3l8SJ
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish
x-amz-request-id: 3JP9FHHJEJAF63MP
age: 69
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-284873/284874
x-amz-replication-status: COMPLETED
Content-Length: 284874
x-amz-id-2: zpdlZBBi3zyIPVo7delqOGHhkSHqoBSoZ+pWZFx7m1LnVtl90Cif+QXojSictopzSM8COXDlfxc=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Mon, 13 Feb 2023 11:21:44 GMT
server: AmazonS3
x-timer: S1684075139.394305,VS0,VE1
etag: "5037312da17110f3f1c0f58637a7f0dc"
content-type: video/mp4;codecs=avc1
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame D7EC 356 KB
120 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0937bcdcb19b6578aaf18f3b016c6983acbdeea488be791e0fb926781cf4f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122675
x-xss-protection: 0
server: cafe
etag: 7934644247131785943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/ Frame FEF3 406 KB
125 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 10:36:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14562
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128048
x-xss-protection: 0
server: cafe
etag: 352811828592807000
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 May 2024 10:36:17 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA55 603 B
392 B 173ms
119ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16438836261933780192&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3149&oid=2&is_amp=5&amp_v=2304262219000&d_imp=1&c=4573002321&ga_cid=amp-_qkd45hBlIVTHBKJADA73g&ga_hid=2321&dt=1684075139318&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&bdt=1101&dtd=24&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
expires: Sun, 14 May 2023 14:38:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 8B52 577 B
451 B 106ms
90ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1684075139465&uv=3275&tms=1684075139465&abt=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5a992ba7-2d56-4ce9-aa32-b828b32f9a06&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8419ce102a9b56c504701fe8e1d1c9a4dcd44d59d026a532f96b5bb5bcbbef2a

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Sun, 14 May 2023 14:38:59 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230100-FRA
x-timer: S1684075139.487436,VS0,VE10

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 2E9A 422 B
517 B 33ms
18ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 19f916143838bd6e3989eefc983a0dad7f74fa92a855e19c629e163c621038db

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 14 May 2023 14:38:59 GMT
machineid: 3407
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
671 B 769ms
757ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684075139472&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1518&pt=1313153609&tz=0&viewable=true&ddast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 572ba2b14a11ebd90520c179077d3b615721a628a6df6d1bee262d7bd01c7a10

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1485
x-cache: MISS
x-served-by: cache-fra-eddf8230100-FRA
pragma: no-cache
server: nginx
x-timer: S1684075139.489798,VS0,VE711
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 29ms
19ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=31589837&cb=1684075139465&uv=3275&tms=1684075139465&abt=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1684075136028.6!ts:1684075139465&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-length: 0
server: nginx

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/ Frame 1985 402 KB
124 KB 17ms
13ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 11:42:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10563
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127184
x-xss-protection: 0
server: cafe
etag: 3263738860219486170
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 13 May 2024 11:42:56 GMT

GET
H2 206 uog0uujzkhhiwve7qcv0.mp4
cdn.taboola.com/libtrc/static/video/v1676287299/ 278 KB
278 KB 49ms
46ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/static/video/v1676287299/uog0uujzkhhiwve7qcv0.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c928d9d5bd7954e0b9efb991a3afe7abf8909559a026437efa4715539962ffe

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bCmHP3rKx8EiYjXh_lTzJIMNKlZ3l8SJ
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 varnish
x-amz-request-id: 3JP9FHHJEJAF63MP
age: 69
x-amz-server-side-encryption: AES256
x-cache: HIT
Content-Range: bytes 0-284873/284874
x-amz-replication-status: COMPLETED
Content-Length: 284874
x-amz-id-2: zpdlZBBi3zyIPVo7delqOGHhkSHqoBSoZ+pWZFx7m1LnVtl90Cif+QXojSictopzSM8COXDlfxc=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Mon, 13 Feb 2023 11:21:44 GMT
server: AmazonS3
x-timer: S1684075139.487413,VS0,VE1
etag: "5037312da17110f3f1c0f58637a7f0dc"
content-type: video/mp4;codecs=avc1
abp: 89
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 2E9A 70 B
266 B 218ms
64ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 2E9A 43 B
426 B 174ms
36ms Image
image/gif 2a05:d018:d29:3601:be75:5bfe:4248:e5a4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:be75:5bfe:4248:e5a4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 2E9A 43 B
147 B 50ms
11ms Image
image/gif 3.122.25.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.25.124 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-25-124.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FEF3 107 B
197 B 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FEF3 492 B
264 B 38ms
37ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=877655688934425&correlator=1058194036613787&eid=31073866%2C31074474%2C31074558%2C21065724&output=ldjh&gdfp_req=1&vrg=202305110101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1684075139541&lmt=1644386353&dlt=1684075139216&idt=280&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=jdv7mrdzob51&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1675362732.1684075140&ga_sid=1684075140&ga_hid=885793011&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

153f40df7bb2d0bba777d5929fd61b826e8fa981b1d6b12dedf617a2d3d02c43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FEF3 15 KB
11 KB 56ms
55ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

148c35e0ef243bc21e1a51624465017d2755a53f57141538ec1b137c3ce2100f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11239
x-xss-protection: 0

GET
H2 200 container.html Show response
a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D826 6 KB
3 KB 94ms
16ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
expires: Mon, 13 May 2024 14:38:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 8B52 70 B
265 B 153ms
65ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1684075139465&uv=3275&tms=1684075139465&abt=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5a992ba7-2d56-4ce9-aa32-b828b32f9a06&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 14 May 2023 14:38:59 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8B52 43 B
427 B 106ms
34ms Image
image/gif 2a05:d018:d29:3601:be75:5bfe:4248:e5a4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1684075139465&uv=3275&tms=1684075139465&abt=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5a992ba7-2d56-4ce9-aa32-b828b32f9a06&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:be75:5bfe:4248:e5a4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 4E4D 379 B
601 B 17ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba96e716a74504dee51d20708558ecbe495d93ac9b8dd80ebcb1d844bb88d375

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4E4D 107 B
122 B 19ms
18ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html Show response
adx.holmesmind.com/adx-file/20230307/ Frame 8077
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134190&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168407...
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

463 B
876 B

74ms
19ms

Document
text/html

2600:9000:224a:2a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 327
content-length: 463
content-type: text/html
date: Sun, 14 May 2023 14:33:33 GMT
etag: "291c872afa27e30cecfbd80c44ce20b8"
last-modified: Tue, 07 Mar 2023 12:41:13 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-id: IIELzNTaftIbVrsGPUNm5RP39gumW7XHQDtz3r6ul3T7J_L9A2tEVw==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: L7mKK4pQTVO2vey7TX8zPKwpCVXg3Qid
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
location: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E4D 15 KB
11 KB 100ms
100ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

52c2d47e9994585e7ee7393364fc12bf984fd113cc3cea3bb616996b6ec6fcd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11273
x-xss-protection: 0

GET
H2 404 L2Eva3VhaS14dW4temFpLXllLWRhbmctdHVhbi1idS1kaS1sdS15aW5nLXJlbi1zaHUteW91LXNoaS1kaS16aGktZmEtbWEtc2hlbmctemhvbmctc2h1bi1saS1mdS13ZWkuaHRtbA==.json Show response
cdn.adpushup.com/42753/ 555 B
878 B 119ms
119ms XHR
text/html 2a02:26f0:3500:12::1730:1786
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2Eva3VhaS14dW4temFpLXllLWRhbmctdHVhbi1idS1kaS1sdS15aW5nLXJlbi1zaHUteW91LXNoaS1kaS16aGktZmEtbWEtc2hlbmctemhvbmctc2h1bi1saS1mdS13ZWkuaHRtbA==.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:1786 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-akamai-country: DE
date: Sun, 14 May 2023 14:38:59 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=6, origin; dur=103, ak_p; desc="467798_389027462_586832563_10898_1604_6_0";dur=1
content-length: 555
expires: Sun, 14 May 2023 15:38:59 GMT

GET
H/1.1 200
OK im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 51ms
51ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
Content-Encoding: gzip
Date: Sun, 14 May 2023 14:38:59 GMT
Last-Modified: Fri, 21 Apr 2023 06:05:08 GMT
ETag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
Vary: Accept-Encoding
Content-Type: application/javascript
P3P: CP="NOI PSD OTR"
Cache-Control: max-age=10800
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2434

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame B229 281 B
554 B 71ms
15ms Document
text/html 23.37.63.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=undefined&cb=1684075139465&uv=3275&tms=1684075139465&abt=id5mc_vB!nonrv_vA!t45!testmsn_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5a992ba7-2d56-4ce9-aa32-b828b32f9a06&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-179.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://imprammp.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sun, 14 May 2023 14:38:59 GMT
ETag: "403b9-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FEF3 17 KB
7 KB 206ms
97ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305110101/pubads_impl.js?cb=31074558

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1985 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1985 492 B
266 B 55ms
53ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2464739662275845&correlator=2012823758819761&eid=31074474&output=ldjh&gdfp_req=1&vrg=202305090101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1684075139688&lmt=1644386353&dlt=1684075139217&idt=366&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=4nnbqokgyubs&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=837160277.1684075140&ga_sid=1684075140&ga_hid=1017413552&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

274ed3f2d0e0566230e2a2814809b12bf047343b5bf1f2866e69243a4b27b6cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1985 15 KB
11 KB 106ms
106ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305090101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e07e4cf626e1348a5f046efd300264f4f1005d12e7381a632538f57ae191cbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11258
x-xss-protection: 0

GET
H2 200 container.html Show response
40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 32CD 6 KB
3 KB 36ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
expires: Mon, 13 May 2024 14:38:59 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E4D 17 KB
6 KB 162ms
134ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame B229 34 KB
10 KB 23ms
23ms Script
text/html 23.37.63.179
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.63.179 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-63-179.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 530443fa0d332e8d7d6d4ec2c7ad756144c3be42d1120125ab13016b7bb8a34e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 14:38:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 14 May 2023 07:12:43 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=59668
Connection: keep-alive
Content-Length: 10019
Expires: Mon, 15 May 2023 07:13:27 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame D7EC 12 B
101 B 23ms
16ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D7ad52a14d3c8d53d-22835a83a5df00c9%3AT%3D1684075139%3ART%3D1684075139%3AS%3DALNI_MYbgWaE8CwDuoFyFzJZPwTHC3R6Gw&gpic=UID%3D00000c1588940d1a%3AT%3D1684075139%3ART%3D1684075139%3AS%3DALNI_Ma9s0piz55QDLXgkXlUhIbCNvl4Tw

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame D7EC 107 B
122 B 18ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2

200

nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html Show response
adx.holmesmind.com/adx-file/20230307/ Frame E135
Redirect Chain

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134191&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=168407...
https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

463 B
875 B

13ms
13ms

Document
text/html

2600:9000:224a:2a00:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:2a00:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 327
content-length: 463
content-type: text/html
date: Sun, 14 May 2023 14:33:33 GMT
etag: "291c872afa27e30cecfbd80c44ce20b8"
last-modified: Tue, 07 Mar 2023 12:41:13 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-amz-cf-id: tCgrHh53_RCBmv1JfDS4Z66H8iXOCUQHfB7qH6ZE_iWDuU0l5Djltg==
x-amz-cf-pop: DUS51-P1
x-amz-server-side-encryption: AES256
x-amz-version-id: L7mKK4pQTVO2vey7TX8zPKwpCVXg3Qid
x-cache: Hit from cloudfront

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
location: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D7EC 15 KB
11 KB 101ms
100ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e83c2d4aeaa217881ec92da81bfaee5fead29d56af8a96514965df390c2fb836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11288
x-xss-protection: 0

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
181 B 336ms
297ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H0DB6MNQ1QHH3C5Y1DP81MN1
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Sun, 14 May 2023 14:38:59 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 234 KB
81 KB 62ms
61ms Script
application/javascript 2a00:1450:4001:829::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

46bd62920d56089fe60024f534199630bf0273af5c416bc903c1d43c8b533b9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82428
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 14 May 2023 14:38:59 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 378ms
151ms Fetch
application/json 2600:1f18:24e6:b900:1dd6:ce45:ce0f:be7b
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:1dd6:ce45:ce0f:be7b Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame B229 284 B
536 B 68ms
9ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1985 17 KB
6 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305090101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D7EC 17 KB
6 KB 164ms
163ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:38:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 14:38:59 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CEA9 13 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 13:21:37 GMT
expires: Mon, 13 May 2024 13:21:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 48F0 783 B
1 KB 42ms
18ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ba188c214f875de9123587cda78315ba0836c103740be523e744d991b9e91087

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qdwm0ZVXukFhDdPBwC9Z4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-qdwm0ZVXukFhDdPBwC9Z4g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
expires: Sun, 14 May 2023 14:38:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame BFAB 495 B
664 B 1158ms
607ms Document
text/html 54.168.149.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.149.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-149-197.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sun, 14 May 2023 14:39:00 GMT
etag: "6460cb8d-1ef"
last-modified: Sun, 14 May 2023 11:52:45 GMT
server: nginx

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame B229 0
239 B 444ms
101ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c57992b917a1c5de787b922c662fdf18
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6800 13 KB
5 KB 43ms
42ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 13:21:37 GMT
expires: Mon, 13 May 2024 13:21:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9137 783 B
741 B 20ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5085f2282331e7a59831cb998511660b9f09ca03a3d33035095c4e91fac86ce8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PR22I0ClR9FyREeEIEybfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-PR22I0ClR9FyREeEIEybfw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
expires: Sun, 14 May 2023 14:38:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 48F0 0
0 159ms
159ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305110101&jk=877655688934425&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame CEA9 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209296
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 04:30:43 GMT

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 8077 31 KB
10 KB 83ms
43ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 09:11:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Apr 2023 09:02:38 GMT
server: nginx/1.12.1 (Ubuntu)
age: 19675
etag: W/"6435222e-7a34"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9891
expires: Mon, 15 May 2023 09:11:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9137 0
0 152ms
151ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=1316282628454826&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 38E0 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4642
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 13:21:37 GMT
expires: Mon, 13 May 2024 13:21:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9073 783 B
739 B 22ms
20ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5516de0a9feb8a99b5dc597ce540bb061defb721e5ec79d93aeb79b610ac1ae9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-liC0Mr-tjZvC0kcTaVsqYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-liC0Mr-tjZvC0kcTaVsqYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:38:59 GMT
expires: Sun, 14 May 2023 14:38:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 51ms
16ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35a0&_p=2321&cid=1216671624.1684075140&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684075139&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&dt=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame B229 0
214 B 11ms
11ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame B229 70 B
264 B 89ms
88ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 14 May 2023 14:39:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame B229 0
214 B 28ms
16ms Image
text/plain 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame B229 0
239 B 224ms
49ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=a9us&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B229
Redirect Chain

https://match.adsby.bidtheatre.com/rubiconmatch?gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=1&gdpr_consent=&put=d29497ab-2874-4d6e-862b-053f8cc82df8

0
239 B

166ms
46ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=1&gdpr_consent=&put=d29497ab-2874-4d6e-862b-053f8cc82df8
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&gdpr=1&gdpr_consent=&put=d29497ab-2874-4d6e-862b-053f8cc82df8
Date: Sun, 14 May 2023 14:39:00 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 200 cookiesync
bttrack.com/pixel/ Frame B229 35 B
164 B 310ms
103ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/pixel/cookiesync?source=c91bfcce-bb43-46f7-b14e-567c0a4332b3&gdpr=1&us_privacy=1---

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

46.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-servername: Track003-iad
pragma: no-cache
date: Sun, 14 May 2023 14:38:35 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2 200 143
match.deepintent.com/usersync/ Frame B229 0
44 B 314ms
98ms Image
text/plain 169.197.150.8
DEEPINTENT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.deepintent.com/usersync/143?gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS: g.deepintent.com
Software: b /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-length: 0
server: b

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame B229
Redirect Chain

https://b1sync.zemanta.com/usersync/rubicon/?gdpr=1&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---

0
239 B

52ms
52ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: cc9654c54e9aa67bf2b10be1073297a8
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=144598&nid=3992&expires=30&put=&gdpr=1&us_privacy=1---
Pragma: no-cache
Date: Sun, 14 May 2023 14:39:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 140
Content-Type: text/html; charset=utf-8

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame E135 31 KB
10 KB 41ms
41ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 09:11:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Apr 2023 09:02:38 GMT
server: nginx/1.12.1 (Ubuntu)
age: 19676
etag: W/"6435222e-7a34"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9891
expires: Mon, 15 May 2023 09:11:04 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0E2A 136 KB
46 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb3048a2e2391fecd629b011888c8c5f5b672fb631a95f3dbb5999d0b65a342e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47477
x-xss-protection: 0
server: cafe
etag: 5008976756667037027
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:39:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9073 0
0 150ms
150ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305090101&jk=2464739662275845&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 6800 37 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 04:30:43 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D6DA 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 13:21:37 GMT
expires: Mon, 13 May 2024 13:21:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1E40 783 B
533 B 26ms
25ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b357457dd7df165c64175bbf7068ba920a1970136d57d0aa65f8598eaa171962

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FMxYmefcIcsbuko1_M_XFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-FMxYmefcIcsbuko1_M_XFA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:39:00 GMT
expires: Sun, 14 May 2023 14:39:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
268 B 88ms
87ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AAM%3AV&lti=cropping-v3_var&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230100-FRA
server: nginx
x-timer: S1684075140.126729,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame 38E0 37 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 04:30:43 GMT

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame E135
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

16ms
16ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14366
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1Wfep4MLlNnZW%2FVGBpzKZx34QRPksfMxk%2FVCDDjHncrVgR4pFRuMNa875cQHL2DoA647A5g4fYMku67fj5cpQBaNFRqN%2Bd3y0Vzi6KjO3EJ6Aik78rg2PPK7OecyTI47wYeOPHdLSmEeRg3SA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c73e35d298d694f-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CEA9 0
10 B 12ms
11ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?I8s5dQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1E40 0
0 152ms
151ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=1231526386261522&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame D6DA 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 04:30:43 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
758 B 45ms
45ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 766
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1684075140.219464,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 72
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 329

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/ Frame 0E2A 356 KB
120 KB 118ms
118ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2d56a927eec00e70e6fc3fd5932726193c4a29dfab8fca210c24fe3259f156d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122678
x-xss-protection: 0
server: cafe
etag: 8898533874521057423
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 May 2023 14:39:00 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/ Frame F98A 10 KB
4 KB 8ms
8ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230510/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7895
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 12:27:25 GMT
etag: 15057649708203361565
expires: Sun, 28 May 2023 12:27:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/32_7_5/infra/ 889 KB
147 KB 29ms
8ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime: 1683645037
date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DHE3YFBR9C371DM4
age: 429987
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683645038
x-amz-meta-mode: 33188
content-length: 150092
x-amz-id-2: TSPi4hy8klMSUYX+62A2TtDU2EqOS+hhsZkWCpqN7zIF6Spl2vCNmo37lYMwlzB1R5ZyklS6RTQ=
x-served-by: cache-fra-eddf8230054-FRA
last-modified: Tue, 09 May 2023 15:10:39 GMT
server: AmazonS3-br
x-timer: S1684075140.303285,VS0,VE0
etag: "934c1e6fbf5772076a7263bc17ab3780"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 305246

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/32_7_5/assets/css/ 60 KB
8 KB 46ms
46ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/32_7_5/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime: 1683645054
date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: DHE2VXK3PJN8GENE
age: 429987
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683645055
x-amz-meta-mode: 33188
content-length: 7877
x-amz-id-2: yTh0Ox0mfNrsocU39U8EEvXj+DI+Zq0aL09rEePORePaxI1ubuEsUETss6Q5lFp1ohxeaAQPJeE=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Tue, 09 May 2023 15:10:56 GMT
server: AmazonS3-br
x-timer: S1684075140.282844,VS0,VE0
etag: "92502277b3d6d05481ffd7687771377e"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 395043

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6800 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?sQ0rGg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 36ms
36ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 4251681
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1684075140.449335,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits: 327850

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/ 436 KB
83 KB 38ms
37ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.1.8/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-meta-mtime: 1683622864
date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: KQ9SQXKNBRPJ2W7W
age: 452204
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1683622879
x-amz-meta-mode: 33188
content-length: 84209
x-amz-id-2: lXX05OzzyjXzMGZ/1vCY4D7rW14TUA4AuVj/vw+uZxRyuC1rLMtgYz7V99pwbRXOldQ85LYslNc=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Tue, 09 May 2023 09:01:20 GMT
server: AmazonS3-br
x-timer: S1684075140.462318,VS0,VE0
etag: "5b7fa2993f4635dad5e1ba884ca41236"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 425302

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 09FA 439 B
524 B 16ms
15ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/32_7_5/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 9773ffdf09705ad06d06aacb00577d3f8e46b087ea38da23b5c706a079b7dd42

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Sun, 14 May 2023 14:39:00 GMT
machineid: 3401
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 18ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=120&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=&cb=1684075140443&uv=3275&tms=1684075140443&su=&abt=id5mc_vB!nonrv_vA!t120!t45!testmsn_vB!ufm_vG&ft=0&unm=FEED_MANAGER&mntl=1&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-length: 0
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 26ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&cmcv=&pix=31579697&cb=1684075140463&uv=3275&tms=1684075140463&su=3&abt=id5mc_vB!nonrv_vA!t120!t45!testmsn_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-length: 0
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 38E0 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?XGo2HA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 42ms
40ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Sun, 14 May 2023 14:39:00 GMT
via: 1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: FRA60-P1
age: 1084900
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1684075141.514671,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: npduzmsBCTInKS4xiVDpNaDedmMD0lXz2htxNJCf5T4Pqvm9JpF6qQ==
x-cache-hits: 695911

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 09FA 70 B
264 B 66ms
65ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 14 May 2023 14:39:00 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 09FA 43 B
425 B 42ms
42ms Image
image/gif 2a05:d018:d29:3601:be75:5bfe:4248:e5a4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:be75:5bfe:4248:e5a4 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58785/ Frame 09FA 0
125 B 60ms
11ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.57 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.57
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0E2A 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 403 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A6CB 603 B
66 B 185ms
182ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=2152568021&adf=552093718&pi=t.ma~as.9099904862&w=300&lmt=1684075140&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230307%2FnyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684075140229&bpp=5&bdt=161&idt=310&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&correlator=6185193062188&frm=8&ife=1&pv=2&ga_vid=76906887.1684075141&ga_sid=1684075141&ga_hid=1461657887&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1851353548&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759926%2C42532090%2C44773810%2C44759837%2C31071756%2C31073763%2C44782468%2C44788441%2C44789923%2C44789815%2C44769661&oid=2&pvsid=945336301871319&tmod=1853591055&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9wk10ywkazz3&fsb=1&dtd=344

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:39:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0E2A 15 KB
11 KB 103ms
101ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230510&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542c026da7f7e8da8161d8c7d8c40f9c87d30900a928f7aafdda9433ced20ba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11263
x-xss-protection: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D6DA 0
10 B 8ms
8ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?qb82hg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E2A 17 KB
6 KB 75ms
75ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305090101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 May 2023 14:39:00 GMT

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame E135 975 B
780 B 19ms
18ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1665
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Fhk80oR7hR7MzPUIVIm0POAvObrduo44KS%2BXrNBIYvDJiDU9uq8%2F1ZyDCj6tSkXK2unuTXluMiZgaClSSfsuKzxSBpu82VZ5IRGFI2cAUKFcI%2BIKx8Gydi9Onbij3TvSqaoyGyunZv7jTS7MQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c73e35d69d4694f-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame E135 375 B
1 KB 365ms
173ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.1284246140329166&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 487f9625d6d17402d2907c65a39e0b5044a1188bab736fe3775b5a4abde12930

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 14:39:01 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 4b4678ea-abdb-350c-bb24-20f13a796291
X-Adtype: html
Connection: close
Content-Length: 375

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CC5C 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4643
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 13:21:37 GMT
expires: Mon, 13 May 2024 13:21:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7EBC 783 B
536 B 20ms
19ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

90ec16d89b30e7c85f2606d93c883528e97a47afa5157a8689f465c12fd4732e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZML00XPUlz-al2Q6W0LnMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://adx.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-ZML00XPUlz-al2Q6W0LnMg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 14:39:00 GMT
expires: Sun, 14 May 2023 14:39:00 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js Show response
pagead2.googlesyndication.com/bg/ Frame CC5C 37 KB
14 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/A6DkqFxHDGl7nKslapf_JwSgNLk5S51nxKr2xdQhtdg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Fri, 12 May 2023 04:30:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 209297
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14779
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 11 May 2024 04:30:43 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7EBC 0
0 157ms
151ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230510&jk=945336301871319&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame FEF3 0
0 158ms
158ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305110101&jk=877655688934425&bg=!BAelB1PNAAYldGN0BXQ7ADkAdvg8WpilR1Jzyn1LDv6sXlCbN4_w0pr3oGyumGe2_bR8G8o269JW2QKXF1TSeu-EKDw0IR6Sm7ACAAABD1IAAAAFaAEHCgBUbPpGn86WnAa77TcA_YnlN1GzYaDY8z13YmdUTlzJYvZ_cgOJ7PvyTL0op6AlFnTgH7-PT28JpBpJb9aX8LN88gjdONun9nbDwJ7cometgDVOyjjvmQKnF5wzsc3tpvUHSt_DX60VkXPsccW6WVvvN_AdP0KguCWxKlLFoEVmnrxogdsGOfVFaCw9qrqz2_ChYtWQAoGisYIKZJaQRQrK4NVGdpbO0MsJC0JOitKZz5XPaU4u8fzVtUiXBz0Ym-S_11wZ8k4CeODSLVy0yNAVxAf9n2WLWIZVK911nELCh-R5gwklXZoTL6rGSpWmYHeWUzBlO-rgAFKjstcZZ0o3mO8BRv7wEaqzaSf8LzYbBkjL2PVCc2hd1_ECEYjx28bSJhFRpGKCt6A8Q8qgcxDBAFmOuKOCugp0fXyTt5Fs7tP192iS8ebikpQxt_Tfg9G-y92wPUVULG-st3G0DWz7VUbPsG7n7i49crRg2Wp0WUiRuCpL8B7E7OeycfkfHs4diE68t0SxQBL7F752XVazNAOzlC0r0N4t5u1JmezAimlO2oGTohFJ6jmiWDp6n--HnvSk1OtsIgplq4nM2Jua3WS4lQEfjMwE7wMBaKRJ0CO-ST6l1C5FbCWNSVYS-GD1a-xVINHqOstL-jrEl2S7IXJknDxLtKyYzN8uPdh_Tkk6Ik2eWOjZKG1m9FmCqlKv2XOLi1h1H77ZXvn9MWmgcgB_QAWyj-tkuLL6lsWfFLqzSN3fPGMwFdNNMBMzGekiM_ITa_X8vOpaS9QrIBYITIQb188EttwhSt0p7aAYAVoQHeFmviml2aZJzDB27RH_o2qIh7dZXhxAgi3Xs6GSCWMFLj___b1i4FgCn-x57VWxKc4kNAv4QkI5zrPshufn-MYfnL_eNKstg7qZPWKasUSHxLKOPPIqMxCmFRrBlTkzFNysIVuriOXu5YoM4AiH9IR3nFaDzlH6nwkwPx6_PW0qPISh46NwBvEIelC0cabw_wxyFgErT4Lkuh_X9A
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CC5C 0
10 B 8ms
7ms Image
text/plain 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?f4Oxaw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:00 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 46ms
45ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Sun, 14 May 2023 14:39:00 GMT
x-amz-request-id: 1V3JN4Z08BWJNCK3
age: 3583
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by: cache-fra-eddf8230100-FRA
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1684075141.982217,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 9
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 16561

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 21ms
7ms XHR
text/plain 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230054-FRA
date: Sun, 14 May 2023 14:39:01 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 511ms
162ms XHR
text/plain 141.226.230.50
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.50 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 14 May 2023 14:39:01 GMT
cache-control: no-store
server: nginx

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame BFAB 0
268 B 264ms
263ms Script
text/plain 54.168.149.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.168.149.197 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-168-149-197.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 14 May 2023 14:39:01 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1985 0
0 158ms
157ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305090101&jk=2464739662275845&bg=!cXKlcibNAAYldGN0BXQ7ADkAdvg8WsAXKkK6XzSQA1ffluuVkPIjJTia3bFninNziU6sbYHtAQmOr5un0OZaE4Ez5L1Wl6ZA-00CAAABalIAAAACaAEHmQK0xRwr7VEZpGkX_VyO5wT5wcjInhLi1ouf_-mMB1kDvWY6kjlJ7UmCZWCT7MfiIr0ikuovt4nUWe1AOMUuVu_6W2NmAQ0xyasTCTAzWxQTk81j0Iv5yXHAmdUaYfw97Iwiq3AjNxgS9UNBwDHd_tMckcUkuissLhxGHqJiVwVCQetXqGakW8w_J-4HVSZSrknzcmxaOgDLhKD8P8FVTeBHdUYfZQkLJYxgV0T5eyyoeHwYCPaP-6yEAZ_q-Y0cwGZKx_PNSex_M0ZNn1wU-yfOZqN7FyQar6Lg__6iM73esZG85ArPAQatLENx0pwBi7F2jEsSLvnD_s3QM2Doz8nPYUgClVQc9V0hwVq1eUaVeSmXWBb8oFfjavaJPGnNDfW7ASqnZcobpDa77km5DkHX6-n2vlDd9lRrRsNm7KOW2KTmZ3F7a5gmfnSydjos_raKoGYTUsyYWpczWmhYl5Oo3cChdh_4VVfwtoxR9BTk0Ojg_UVtFA9eT5DImMq2LYBFf30JpysqbhlsxPRI911Iwztx9XoCAiDSn481NG-MV4ocPr5CGy2q0-Xa8sA0FVE0rXhXG7fUsGLjqBeOBJ7Kq8CUf8PoU_IKUTOdGANxviNZcgRWn-LRCTbq45ZJFG4PkMfXSF8jssx8cSZJo-GHDBoYt0nvMAkJH3rC6zNUB9cwcZ07tI4cSRFCkd3pFuVB9HD6Ex3O4eq6HrZg0zp69VZRl4LKWziWGXZi2dzUW2izkmirkAzSMgJqm7XxdP8iULlU6s0hvKXh0Cbd6hW0RH6d4XvjxAsQtJ-wcWIiK5cl1M2GUCJSOVUXQUIcooil1rY6LELqSBo9tLVk1L6Zm3zBGUM4dHkcIU9FLfoL2IDDPYq3BL4WiWceuMgFhQ0RTqPAGXCTw5FEePdSyTxFnNEg_94
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4E4D 0
0 158ms
157ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=1316282628454826&bg=!5eal5rLNAAYldGN0BXQ7ADkAdvg8WujTuJDRz-g8vqTyjnByYdGWtb0KWfonDhTsA88-QyVsn3sKxSStM1V6fpgglh2fL-90iJcCAAABqVIAAAADaAEHmQLHH4_rd8mO-ZUWDbF75bjSd794cxOsOKRMkwaMdnb0SwdKxnWhaaU4fDx2sCWAQvDU7oRnaZNqLLV6HsK9-5AXP3jzmytpi4hSlzZCwFfk2I0keUkH6Z7DyOZc-N7LddwWT58AM5EPwbtaf7bZoXQmQuSGW0EvqyJ0kHSAn_QwMT19RYNsQk1QzmWF0rwqu-ArxhQVQZNoqLbqkntoLWoikwSgm4PN2a8a2O1jke_A8xWvyKRF3nIU4WAs-lKuJGz2rAT6qJ0YE4RTgzL7wQ98ZxTUS74W9bN5zeShaEFM0F2E6hfXYVVBC6CyCA8JlReBsb03BX-SvEIup7INS3_9TxqK_ZHR2D1cWbhrASXurbF0_RvXg7L0CBQe1roI5gwA62mRwV2iCS0Zz209SwuIM4AZOSS5q9meBjodeNxpY_WRI_uoddf5gqGE9c0FxEgrhi18ilAITpkfNYdsM_2swSjUP82MFUPfS183_ScfGeURg9-AkshnRsoH7Cj_M0sk9qmJsFNRQYbZs9UdoXzGv5V_s2DgyJ9Mbr5kDTE7pSx2n9zcV1RHbSpYtY1OQRc-cCWgcC9WxJsDxjH001YuknSO8CX36_tywPWhif9beejytNVcJsR728A-2tYx-4_3dRhcr8khYSaiKZiGdN49kL8LLGYD7ODW_VuCa9LDU3Wn5BjMXBvKypIR92vLGx6UpCeSB2Bhv7-svIjxppcqd5LZUok3NzMGH_Yytgh_zJNxt7Fi2sIyHIT7NWR35EZmkABZjZL485STs7YteuhSHxLplzJZlumT5ceYz19xzfb1j78FsdCPw49E8jkChmcspihy32CuaynnTNrAXNXpNuCPGdSHb7L2HHXSLJ4h0yZ56WIfnseDqyU_fllerC4IR1pEkCEHfpYO1PGDbtMbHqBiO3NygtQWA5LCeF7UhP8oqt1MnQHV
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 ysm_bg3.js Show response
ad.sitemaji.com/ Frame 3AEA 31 KB
10 KB 44ms
44ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_bg3.js
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 09:11:04 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 11 Apr 2023 09:02:38 GMT
server: nginx/1.12.1 (Ubuntu)
age: 19677
etag: W/"6435222e-7a34"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9891
expires: Mon, 15 May 2023 09:11:04 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D7EC 0
0 158ms
157ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=1231526386261522&bg=!ICOlI3fNAAYldGN0BXQ7ADkAdvg8WgRMWwrM2pHkCRuMAuaUXhuaS5MK_Be3yJK67qBixNWwy9UtgVB80CNskgSJzyloDeEKeB8CAAABTVIAAAAFaAEHCgCAa6w7bE8ytY5VXNPK4_o_rGmyGy0Rqo46FKjxIadkNeQgQ45-UHwKe3zluQ6dP3Aj2w_5VTPROuXmD7uCH_uqtQAkyhFPaikACN88yRayS5k8IcbKyPIzuvZ3YQqLFupiN9frKMGR7VW7ucsXJtiDmeny4w667wKp7g4LWijnapGZAsBp2ySpkuTpxdz-aE1xeHcgMPDrPJP2MPafpQiJmvbYvSb9Oug2b8vVWyRSU0E7SRXLrX8SNfcQDN4CXeMZLQrMEr5AUonp8h5x85CyCA6hzu0zrN3KoDLqjjTaL2KG7H5oE4q97IP-kUeQ4tg72RKI30yfLqXvPcqCOK483M4V_9xaoc1yeeGylozIUZH4E03UwKY_pb01Zui9S-OaEZIGJYk5q19d_zcrMtZn4JniVTcBhxJfVY9DnN6mrLOgfcDdQQH4uTLKhiVe3sgKV85suJvpzco_eJnj37OLPnolg7Lnt6tQHma4zLnI33TNZoV5MPksvin2xytTy2M2FdtaFUSjD-mcd8z3Xy-LFpEHCANz3V2w9dtmDf2Z8SWxSBYfjICcPoiYM0GSLWItSgugTJ5u3fvD8TzZJvedGLrl2dYydwVJUAg3E6XIxMerWk2FEJxqJZ9sUv44c87nuxUZhSLSZFkxyd56UVRXD5k8c3nmM_6b7Zs2Grro1PuNCGceGqdOTdLWCeye3Ez-Ka46lagknO2epFbVi0LblE1LsllVve69weVmX1uNcliWjBdFcK300gmDTflDFAtIv1pwlGFJawyWwDRN1zKsB-6ozSzMI4oWbbz14SzqV-ClcK2CWjTy_SIMNEW-xxxkit3KpY301ITtE-3h1tzyXAjfRafs-4tUKQpHDQJeFnfn3JNF262lj-OLUpJ_dOXENYeF9hvKG7HKzY1rmVMOdbHByATaYqjaNXzPjadcPebe8NLqr3zqdwNerlDwHPmlA1kWm6MkZ9JBticC6FfFqI5n7ErT0DjkpF39k5BqcbK16dDabpDutyDK4rq1F7HdBMzpCb5L3cKo3jxbxq5D8V694umQLCMdTk3sYRuBNainPDlVxbTDbgy9qvggf6nxFbQdDu3fLYObDMqNDx6nv2WhXA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/kuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H2 200 native.js Show response
s.yimg.com/dy/ads/ Frame 3AEA 80 KB
30 KB 89ms
21ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/dy/ads/native.js

Requested by

Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:34:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: G6PA6J09DA5MPXDX
age: 256
x-amz-server-side-encryption: AES256
content-length: 30196
x-amz-id-2: rtFcyPGFxqhvZrkXGqfgCCtxvobtYyO8RIJ+hxob+YeamrDqKL/DzNIMBeToVwaXNYv+3+y9RMTfB2inynH1dXqX3vMOFCBVfozgCA4AePU=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 09 Feb 2023 17:58:02 GMT
server: ATS
etag: "1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
accept-ranges: bytes

GET
H2 200 getAds.do Show response
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 3AEA 290 B
614 B 264ms
85ms Script
application/javascript 87.248.100.137
YAHOO-IRD

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

o2.ycpi.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
referrer-policy: no-referrer-when-downgrade
date: Sun, 14 May 2023 14:39:01 GMT
server: ATS
age: 0
x-content-type-options: nosniff
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Accept-Encoding, User-Agent
content-type: application/javascript; charset=UTF-8
x-envoy-upstream-service-time: 12
x-xss-protection: 1; mode=block
x-request-id: 9b0a689e-1d01-4851-8e01-d3654d931ce5

GET
H2 200 b
geo.yahoo.com/ Frame 3AEA 43 B
366 B 153ms
44ms Image
image/gif 2a00:1288:110:c204::b000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://geo.yahoo.com/b?t=xhkd7&9sdk8454

Requested by

Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:110:c204::b000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:01 GMT
strict-transport-security: max-age=31536000
server: ATS
age: 0
content-type: image/gif
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control: no-cache, no-store, private
x-envoy-upstream-service-time: 0
content-length: 43

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 67ms
66ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=2321&cid=amp-_qkd45hBlIVTHBKJADA73g&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&dr=&dt=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&en=performance_timing&sid=1684075139&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&epn.page_load_time=5309&epn.domain_lookup_time=16&epn.tcp_connect_time=856&epn.redirect_time=0&epn.server_response_time=1314&epn.page_download_time=0&epn.content_download_time=2219&epn.dom_interactive_time=2219
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
119 B 60ms
59ms Image
image/gif 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-_qkd45hBlIVTHBKJADA73g&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=5309&dns=16&tcp=856&rrt=0&srt=1314&pdt=0&clt=2219&dit=2219&a=2321&z=0.18875085399928793&gtm=45De000&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 01:10:25 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 48516
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E2A 0
0 158ms
157ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230510&jk=945336301871319&bg=!IyClIHTNAAYldGN0BXQ7ADkAdvg8WlT7V2eQtEQHCBfDkty-y4jRrBRf3ggV0UKuITk1T7mHZP9Dqc_7aIVVV_JwH1nqLic1UcgCAAAAZlIAAAADaAEHmQLYvJMy-tnNmkRm-pjBX6xu1qSeFKGozBERCOwqFZC4ybBiOAcSvThLtQdgH9QwqAWP792HvAmH3ftl9-pL3Rez0pNCPHV-XXMjPcXYuvehJMiRF6tuFaNnY7qts1xj0ABZ9uQnohX4zyMNfvl7FiNaWn2FMNsL5-IO--OuF_VHQg24jp5JvePfCCiUCwEGGe8jIXXpKaVp3E9fkOnyQXxOmh9PunJ6E4eTzGwbFuCLfvK5j8Ja71l9GYopwOdNpMdARkyqRWUSKr8JlUSFZKh9yneJ2aw2-NEGqy6f5m36_qPHwJ8LyXUsCauunytDvvfvrkuGzdgM-U-Wsr7kyAVyoBJN5NoiHm0LAEVbphPFcaFuefsClTPDTx7UZcIBP0-n82PKCSwbRsGALinuCSgufLH8IBWkBNYG_CPNi5_7WRB5OPtMDNc0gdvMQHgFokdB3s3FbWuJhfZYAyb0TTF2_1Owyh9S4IB2xDBqNbO2-a8C--nXEwcg1FC9eh0_uLLo8zCUEx5G-0neNoQr8WUpAoIL4Caf4vvbxdKwfMd4WH5vkVRcws6B3iBrhzO59whTt4baIl1H7hrZbhCXgguGhyWr8NQ-TFu054UmNzkDMPZatFCxH2lXEkk7gh36t1M-eNIE6QSRpo63-y5JmXM2kgf9wie9g6eEmOVTZUeS4AGl4fTpQkTCi2nBYu9GcTcikC3tDk-NkDV7oaT_EmIzFc3pZeJEXv0X8kNzZnbQ7BiX1TJS3X9M4uoU3rE-QjpHVhB13JNmdOpDPpazbs5VhIYwJInKbr5qzukJIL-17zXwH8HgA6ZYRCAkQpbmwEmVwR12L63-ZFx49Q3Z_bB64KjvDf1ZTiWyQEeSs822CVlinSaqAHuzLt7suHyuqgC8Umz81pEu-9HfQKSAUfIXk2Ij-fQmKNbopfZNiOObUNtPxUl3TKHgEXiod9BPf3bGQaQ3Ut8mVic
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/ Frame 3AEA
Redirect Chain

https://agent.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
39 KB

24ms
23ms

Script
application/octet-stream

2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H3
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:01 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 14367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 39829
last-modified: Tue, 25 Apr 2023 05:37:58 GMT
server: cloudflare
etag: "64476736-9b95"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naVe%2F85SOxKD6ZtkEYZindnrgle5hwN03%2BEzJqHItgnT6xGejqcUFTzs57vMM%2FcLX%2FotxMecfpYCWithPJJbTmTl4wEt%2BG5OSyVQ3%2Frks6tTsgLvD6U261PnqJuacajzz%2BJkBhiT9EuefZ5fJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c73e3647ade694f-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H3 200 ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 3AEA 975 B
780 B 22ms
21ms Stylesheet
text/css 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:01 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1666
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WLzmHAK4mtqUUW%2FrQIA2s%2FYnLUmn%2B9jpgz3rT1XNP07262xUWqeNVGJRYsKOvFagvdrEVfiNmzDdmWyxNN1PaZogiTekJ7o0MFMoGDTnrEqa5iB7vyuEtU0O7ZvsJ%2Fr0jaB4ptVyYmPijJCFWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7c73e364bb3b694f-FRA

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ Frame 3AEA 621 B
1 KB 411ms
210ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.6815043816555917&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by: Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Fort Scott, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 90b113c50a648a32426c5ce512c51f7214beb6ba8c9196ead2d0fe68882130f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Sun, 14 May 2023 14:39:02 GMT
X-Width: 300
X-Height: 250
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://adx.holmesmind.com
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-SspId: 4b4678ea-abdb-350c-bb24-20f13a796291
X-Adtype: html
Connection: close
Content-Length: 621

GET
H3 200 housead-55c83e0ac8eed1df04c1e6d6-1679070193476.gif
cdn.aralego.net/ucfad/house/ Frame D5F3 26 KB
26 KB 32ms
31ms Image
image/gif 2606:4700:20::ac43:47fe
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.aralego.net/ucfad/house/housead-55c83e0ac8eed1df04c1e6d6-1679070193476.gif
Requested by: Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230307/nyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9e4737205f2b3458ef9db3e5c8c18eab619f8d374c706ad9452bd0340f6c62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://adx.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sun, 14 May 2023 14:39:02 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7278
cf-polished: origSize=34575
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26336
cf-bgj: imgq:85,h2pri
last-modified: Fri, 17 Mar 2023 16:23:14 GMT
server: cloudflare
etag: "641493f2-870f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pm6AweIhXTg28QRP8JTl5qH0oRKBPaUeh0zqpRQT1%2BBC8h17NZbmfQOjIfFLowM%2BMCOro0wqveygU8xmDIDTr2sYw7Bvyzta2XxaVLy47b47%2BX42TDHOyeVwb0hnGKDwrZIEKJA6N12aspVfuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c73e3675e6c694f-FRA

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
843 B 89ms
88ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684075142824&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1518&pt=-1572410604&tz=0&viewable=true&ddast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!t120!t45!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 576a798915b7af25d8f32aa6901518d1fbd6b5d9a2a2d4a28003d36786efa4f2

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Sun, 14 May 2023 14:39:02 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1465
x-cache: MISS
x-served-by: cache-fra-eddf8230100-FRA
pragma: no-cache
server: nginx
x-timer: S1684075143.826152,VS0,VE44
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je35a0&_p=2321&cid=1216671624.1684075140&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=2&sid=1684075139&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fkuai-xun-zai-ye-dang-tuan-bu-di-lu-ying-ren-shu-you-shi-di-zhi-fa-ma-sheng-zhong-shun-li-fu-wei.html&dt=%E5%BF%AB%E8%A8%8A%EF%BC%8F%E5%9C%A8%E9%87%8E%E9%BB%A8%E5%9C%98%E4%B8%8D%E6%95%B5%E7%B6%A0%E7%87%9F%E4%BA%BA%E6%95%B8%E5%84%AA%E5%8B%A2%E3%80%80%E3%80%8A%E5%9C%B0%E5%88%B6%E6%B3%95%E3%80%8B%E7%BD%B5%E8%81%B2%E4%B8%AD%E9%A0%86%E5%88%A9%E4%BB%98%E5%A7%94%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:05 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
846 B 61ms
52ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684075145826&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1518&pt=-1572410604&tz=0&viewable=true&ddast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!t120!t45!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: beb732565b74c427bd5853418dd05aee837218a6866fbb27d2d45a9523de0a76

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:05 GMT
content-encoding: gzip
server: nginx
machineid: 1436
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
215 B 53ms
52ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AAM%3AV&lti=cropping-v3_var
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230507-3_b5-PR-55848-DEV-131233--cropping-728a0b67b27.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Sun, 14 May 2023 14:39:05 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230100-FRA
server: nginx
x-timer: S1684075146.986757,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.bg3.co
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
834 B 51ms
51ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684075148827&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1518&pt=-1572410604&tz=0&viewable=true&ddast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!t120!t45!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: cd1e7833ba5cc7fed12b6a1f24a2571b27d6c362a35a4ab083eac71c1667cac6

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:08 GMT
content-encoding: gzip
server: nginx
machineid: 1472
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 VideoBidRequestHandlerServlet Show response
am-wf.taboola.com/ 1 KB
845 B 50ms
49ms XHR
application/json 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1684075151829&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=5&pv=1518&pt=-1572410604&tz=0&viewable=true&ddast=V8w40CLAa0cV52Mf1HSBFo47zsYvqPkCoAAABgYID-AEktnMvJxOFbS0au2Vq0cTnXCodnspYYJ8OJZzJzLgyzISCphXM5mTh8a8nINVuLNi7nWuHwTNYS42Q48UxmzoVhNgUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ5aDodPte9Xvf73SU-z1zj9yv8WtfD6Ra-7m7pw-lWvtwih93nFr0edrfE9RY53WLXW_m0-9ySl92tObreyr_rrTk63SKnW3p0umUOt9rh1hxddp9bevTbfW7N0XV3i51umeutezntQtPbbAcAAAAAD_7___8hAAAAAEQAAAAAkAAAAABAIaDCvwWBCwAAAAAY_v___zUAQHFIqLvJZTe6nG5_AAAAAAABAAAAQAIAAf2wBECM8d6J__________8YA_SZNzL-____bxj0AHjwAfAgBAAA4GOIJhc-tWGCcwWRAssijAAAAACU6OjQH5mkE1Qsqvz___dbAbgCABCAqDHr5JdFd1DiLQwAAIDAmAV6WPx-s8Ou8btd5v_________fzP-ZfzRCR1wpaYIGCj_U_AICAKz5BQQAYKNuAADeCMAJOgStGAxWJyBmBwAAAODO____vx4QmRgXHttqMnGNLBOLcTMxGZbD1XBlWs4GM8NosT0AHkq-0d_Wgn02hGX2-w4KyunpMbsMMpbLZBAfNAzLySCYnwlbjFaTyWY5nC0Xk8FwNByN9mcgFpsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMLdaGCeb2cKtsBhma9Fk4nErZ8bZWrmwOCwT33I4W67cotfHdHEtfMPBZIsEA_72InlapBPRwjGbbBaOyWIx8u0WJpfHYht5JibLbjDcuGa7iViiOVmkE9llX5kYFx7bajJxjSwTi3EzMRmWw9VwZVrOBjPDaLHvrRbGyWa2cCsshtlaNJl43MqZcbZWLiwOy8S3HM6WK7fo9TFdXAvfcDDZN2bD0WC3WmyG-8ZsOBrsVovNcN-hM3xXn7NRWVZJPi7zYz35KmxOg8JlsHh_EtNi2p0dTGff0WlTbpudndHv9_v9fr_f7_f7DVrPwWxQ-P7W6u75m9myfZfsIDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4ta6H0y183d3Sh9OtfLlFDrvPLXo97G6J6y1yusWut_Jp97klL7tbc3S9lX_XW3N0ukVOt_TodMscbrXDrTm67D639Oi3-9yao-vuFjvdMtdb93Lahaa32SKWCE4X6UT0Mp4u6j9imN1cNZyrhnPJaLRKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAMAuHZdCaK0NZ-lijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAlKouP____9xAAAAZOTQAwAAoN8HlAUAAAAAAMCPIHeT5f4BqBBrtVrdbqzVagE!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=id5mc_vB!nonrv_vA!t120!t45!testmsn_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.0.1/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: beb732565b74c427bd5853418dd05aee837218a6866fbb27d2d45a9523de0a76

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sun, 14 May 2023 14:39:11 GMT
content-encoding: gzip
server: nginx
machineid: 1481
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
expires: Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/7775f627c3fdb95f70494f37eddbd84d.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/ba18c5e0b68d4906215bc0b43325d36a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202110/54a6c7cc85550f828db27264e59ba98f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/0dbc8cb2f3b056da1e7aa11c22596764.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/03c212c7133a5ab7e94b6e7c139f0e02.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202109/4f4519d1f67c5f1bfe1ee43bde887f55.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/2305875f9abeb17a4ba8e8ed4ab05262.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/85a32288d0785c690fda1a8b79d9181d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/e2237e7e69848306b474a8892ee15791.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/134a6e815179bc31a295b59f51f66d5f.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/aa11b384bee0097c017faf8e57c58709.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/e2237e7e69848306b474a8892ee15791.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/16dc5542bccbb207743969296e24d59b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/246faf547a77cbd34b25f3046d70be0a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/bf5c56ebecdac6203be646fb317abfb6.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/cc14e2a195d84466017809cf84aa6187.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/44997cf383c344ded36891dbbf6e456c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/16fdaa2400646cfb81e4e988b7f14a8e.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/75a5af625cb6c0b24cec13fd2cce1775.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/29df5d2131fbf9c9035b8c8273933929.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202204/0dccf0152029624356d5b3dee0b24671.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202201/75d879899dea9a8def7c3e75dddd2c15.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202112/8164a9ddc13f1a56e1023b16c1e397e0.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/6f6588ab0c264b40d4b33fb75cf537f0.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

138 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quantserve.com/	1970-01-20 21:18:09	Name: mc Value: 6460f282-c4646-8541a-5ab4e
.bg3.co/	1970-01-20 21:12:23	Name: __qca Value: P0-2092328928-1684075138580
www.bg3.co/	1970-01-20 20:33:31	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D75a8236a-ab06-42bc-9f86-9aba2b79869e-tuctb5a7802
.aralego.com/	1970-01-20 20:33:31	Name: sspid Value: 4b4678ea-abdb-350c-bb24-20f13a796291
.aralego.com/	1970-01-20 20:33:31	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 20:33:31	Name: gdpr Value: 1
.bg3.co/	1970-01-20 21:09:31	Name: __gads Value: ID=7ad52a14d3c8d53d-22835a83a5df00c9:T=1684075139:RT=1684075139:S=ALNI_MYbgWaE8CwDuoFyFzJZPwTHC3R6Gw
.bg3.co/	1970-01-20 21:09:31	Name: __gpi Value: UID=00000c1588940d1a:T=1684075139:RT=1684075139:S=ALNI_Ma9s0piz55QDLXgkXlUhIbCNvl4Tw
.www.bg3.co/	1970-01-20 12:31:07	Name: _im_vid Value: 01H0DB6MNQ1QHH3C5Y1DP81MN1
.doubleclick.net/	1970-01-20 21:23:55	Name: IDE Value: AHWqTUnQOeyHhWw7Z9FyvKaKP4jzW1Z4Aa8xj4EZMg4-Lk1XzYWUAhzPXRVNBYtHUlA
.bg3.co/	1970-01-20 21:23:55	Name: _ga Value: GA1.1.1216671624.1684075140
.bg3.co/	1970-01-20 21:23:55	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1684075139.1.0.1684075139.0.0.0
.adsby.bidtheatre.com/	1970-01-20 11:57:59	Name: __kuid Value: d29497ab-2874-4d6e-862b-053f8cc82df8.453289140

26 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202105/85a32288d0785c690fda1a8b79d9181d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/03c212c7133a5ab7e94b6e7c139f0e02.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202109/4f4519d1f67c5f1bfe1ee43bde887f55.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/0dbc8cb2f3b056da1e7aa11c22596764.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/2305875f9abeb17a4ba8e8ed4ab05262.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/ba18c5e0b68d4906215bc0b43325d36a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/7775f627c3fdb95f70494f37eddbd84d.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202110/54a6c7cc85550f828db27264e59ba98f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/e2237e7e69848306b474a8892ee15791.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/134a6e815179bc31a295b59f51f66d5f.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/16dc5542bccbb207743969296e24d59b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/aa11b384bee0097c017faf8e57c58709.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/e2237e7e69848306b474a8892ee15791.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/bf5c56ebecdac6203be646fb317abfb6.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/75a5af625cb6c0b24cec13fd2cce1775.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/cc14e2a195d84466017809cf84aa6187.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/44997cf383c344ded36891dbbf6e456c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/246faf547a77cbd34b25f3046d70be0a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202201/75d879899dea9a8def7c3e75dddd2c15.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202204/0dccf0152029624356d5b3dee0b24671.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/29df5d2131fbf9c9035b8c8273933929.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/16fdaa2400646cfb81e4e988b7f14a8e.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/6f6588ab0c264b40d4b33fb75cf537f0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202112/8164a9ddc13f1a56e1023b16c1e397e0.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2Eva3VhaS14dW4temFpLXllLWRhbmctdHVhbi1idS1kaS1sdS15aW5nLXJlbi1zaHUteW91LXNoaS1kaS16aGktZmEtbWEtc2hlbmctemhvbmctc2h1bi1saS1mdS13ZWkuaHRtbA==.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=2152568021&adf=552093718&pi=t.ma~as.9099904862&w=300&lmt=1684075140&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230307%2FnyQwbaQQp9wCmpxe94aczgnfLS02D23rBfwFyaDl.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1684075140229&bpp=5&bdt=161&idt=310&shv=r20230510&mjsv=m202305090101&ptt=9&saldr=aa&correlator=6185193062188&frm=8&ife=1&pv=2&ga_vid=76906887.1684075141&ga_sid=1684075141&ga_hid=1461657887&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=1851353548&scr_x=-12245933&scr_y=-12245933&eid=42532186%2C44759875%2C44759926%2C42532090%2C44773810%2C44759837%2C31071756%2C31073763%2C44782468%2C44788441%2C44789923%2C44789815%2C44769661&oid=2&pvsid=945336301871319&tmod=1853591055&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.9wk10ywkazz3&fsb=1&dtd=344 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

40ec74c0a8c632b0fb731b1bfacdaddb.safeframe.googlesyndication.com
a8535b4f9aa0221c5866a7a6dbdb3651.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
audiencedata.im-apps.net
b1sync.zemanta.com
bttrack.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cds.taboola.com
code.jquery.com
d-42900428993550500720.ampproject.net
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
eus.rubiconproject.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
images.taboola.com
imprammp.taboola.com
l.logly.co.jp
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
stats.g.doubleclick.net
sync.aralego.com
sync.logly.co.jp
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
x.bidswitch.net
static.bg3.co
108.138.7.64
108.157.4.15
141.226.228.48
141.226.230.50
151.101.1.44
151.101.65.44
162.210.196.208
164.92.213.94
169.197.150.8
192.132.33.46
192.96.203.13
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1a
23.37.63.179
23.97.225.52
2600:1901:0:e207::
2600:1f18:24e6:b900:1dd6:ce45:ce0f:be7b
2600:9000:224a:2a00:0:e06c:e940:93a1
2600:9000:224a:5800:6:44e3:f8c0:93a1
2606:4700:20::ac43:47fe
2606:4700:e2::ac40:891f
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1288:110:c204::b000
2a00:1288:80:807::1
2a00:1450:4001:803::2002
2a00:1450:4001:808::2001
2a00:1450:4001:809::2001
2a00:1450:4001:812::200e
2a00:1450:4001:813::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:829::2008
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a02:2638:d::d
2a02:26f0:3500:12::1730:1786
2a02:26f0:3500:12::1730:17a5
2a02:26f0:3500:c::5c7b:680f
2a05:d018:d29:3601:be75:5bfe:4248:e5a4
3.122.25.124
3.71.149.231
35.186.215.140
50.31.142.95
52.223.40.198
54.168.149.197
54.238.54.124
69.173.144.139
8.43.72.98
84.17.37.44
87.248.100.137
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03a0e4a85c470c697b9cab256a97ff2704a034b9394b9d67c4aaf6c5d421b5d8
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
06ccfc34b2f53bdbc50d20836e266eeacc1429ea5b460a895246ae779e0aeb57
0784d3f74f0cb7e5d0f19792278244486048e75a16daa57ad3ccd942af61a5c0
0937bcdcb19b6578aaf18f3b016c6983acbdeea488be791e0fb926781cf4f250
0ca78e8d1923a071bc5fa4b68044bc5644a11b856668a24814f1e9a56e9bf8d0
0d32b07d3d05899d327407e0ebfc90da1699544b830317a46e527f1b62b2ee00
112e7b09cec34f556940e2fc64c6a3c1118b027c3f77b3809208bb72d503f913
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1303c8b20c7e1963d57fc9e1810276814d632d7f9a30398905e2a12bdb628778
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
146b70521c71144b861cc0401c641c76bb64db4e09b4e6b1ff8819610bb19cc8
148c35e0ef243bc21e1a51624465017d2755a53f57141538ec1b137c3ce2100f
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
153f40df7bb2d0bba777d5929fd61b826e8fa981b1d6b12dedf617a2d3d02c43
1724b4bef54c6783a92933aad501fd9fe01ceb5225301c744ff0883030e72f00
178e68b23fc6d0aa3d1d62f75e80dbc1ee57fbfc47988c47f4497d1683e21847
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
19f916143838bd6e3989eefc983a0dad7f74fa92a855e19c629e163c621038db
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d8bd228e594576ac253bdf885d335805dcf6be5cbe1ffb8282ea4b3d35cb1e1
1fbeebf311facfd988e082b95747850d9d168718cef1c13acc061f8f33aa55a8
25a17fb25ca9cace7ff6fde2e42cb9ee50f6bdf6acaacb0b82953bcef3ef9d77
25e6714659af0c54d76700b623a6931eed20bea903b8875d935e9e2a83c4e68a
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
274ed3f2d0e0566230e2a2814809b12bf047343b5bf1f2866e69243a4b27b6cd
28d37801802871b7c6943726da07f06110bc3b1400e050b8b86c82deefc635a3
29cc5de7fd369d7e63e38cae1c883c52af46b8e6fb1b886d9bd861e5561f2533
2b7f11f6fe02925277f4a8140b880da74d24172ff6f1336c94f0701936eaa5a0
2cd44846a39785c52945088d743082784cb33b5c08c7cc2f369ae2275a3ab91d
2cd4626b8b6e6bcefc6156d57006f1ae4666b0244b41498c50ab7cb3a9472aba
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4043344bf3b19b80718d228deba3f5bbcfa05d37e0c9bc762c2d13e29b99ad21
4189eed67d24cf577ee7521b01980c1c76874f2ca7830c761b383215656230b3
41bddf112c04ba0340e767c918444878ab48e3ac606e1f2f5468e77946741d5f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46bd62920d56089fe60024f534199630bf0273af5c416bc903c1d43c8b533b9a
487f9625d6d17402d2907c65a39e0b5044a1188bab736fe3775b5a4abde12930
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
494747d7ec60d95b26eca76338de89444b60dbe33e2aa3ee7a8ed53dd36022ca
4da2872473cf32bbc42de664d1b0aece2263bff56a204f67dcfc9333518a7db8
4dc80fcaf6db01fa29ced797dbb0947bb3bb95b1a88f893f389cf17144166075
5085f2282331e7a59831cb998511660b9f09ca03a3d33035095c4e91fac86ce8
52c2d47e9994585e7ee7393364fc12bf984fd113cc3cea3bb616996b6ec6fcd1
530443fa0d332e8d7d6d4ec2c7ad756144c3be42d1120125ab13016b7bb8a34e
542c026da7f7e8da8161d8c7d8c40f9c87d30900a928f7aafdda9433ced20ba1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5516de0a9feb8a99b5dc597ce540bb061defb721e5ec79d93aeb79b610ac1ae9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572ba2b14a11ebd90520c179077d3b615721a628a6df6d1bee262d7bd01c7a10
576a798915b7af25d8f32aa6901518d1fbd6b5d9a2a2d4a28003d36786efa4f2
5bc07768431d2ec9c8b0b65600665b425cc63c3d647f8d244e6c05368171a280
5c500a4a8147509f043186a7bad1ed59c4e00f85330b9621489af4497e504151
5e7c5bcb65d097abd06c44562816bf1f40b78aa29809f457485ac5e1b3f58c50
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
65fe52b81ee7e70565fc15d971658261cc738b7f0cc60370bd69e187d1cfeefe
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c928d9d5bd7954e0b9efb991a3afe7abf8909559a026437efa4715539962ffe
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d66328b71e54ee0ce47d67fcf4ccc6c29819e34a18fa8bfcd89971f5c92bd2
8419ce102a9b56c504701fe8e1d1c9a4dcd44d59d026a532f96b5bb5bcbbef2a
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87f6fdefdbf4f0b54d38fe6d810bc3f4c04e2d5dd730e2942646807b9d9c88e7
8b6e94f802f11887b48bf88c4d1a3c81315382cb9b780f4fa2aff74732160372
8b9398ab64bc9156916fad30afd43cf47074b593f85b9dba81d666c7c471aae1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e07e4cf626e1348a5f046efd300264f4f1005d12e7381a632538f57ae191cbd
90b113c50a648a32426c5ce512c51f7214beb6ba8c9196ead2d0fe68882130f2
90ec16d89b30e7c85f2606d93c883528e97a47afa5157a8689f465c12fd4732e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
95bdf60d99113a7678a44fa0eef7ce8f640f5b312be1a7a914466a7325385171
9773ffdf09705ad06d06aacb00577d3f8e46b087ea38da23b5c706a079b7dd42
9b4ddda16364d41b44d0e83b2b9f60d1e810d96f9e9078c1a5fae8e16e497b88
9ca5693ab1367385316b393108533e59a741f2fcc302fd13c2fafd34990b34b8
9ea369b57f0c666e908689cd3d672a6636958094d2d1bf6620cb2de468ffdcd2
a05b4715b24ccaa8ce73e4e65b7294852eb28ce89f148341edf670882f52c20f
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6571199455f009b27bb8719e76ab06240bb4c9246f6b8915e3119ced168c132
a86fed9a6a02253b89289991a3e86a1cfff8b9c86c7a4c45b50ca2f42f62a873
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a9e4737205f2b3458ef9db3e5c8c18eab619f8d374c706ad9452bd0340f6c62f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b357457dd7df165c64175bbf7068ba920a1970136d57d0aa65f8598eaa171962
b9577734e8b47d2b0d83e0558e5e6d0ea4ff6cb18030e9f7260fa7f1a4d0faac
ba188c214f875de9123587cda78315ba0836c103740be523e744d991b9e91087
ba96e716a74504dee51d20708558ecbe495d93ac9b8dd80ebcb1d844bb88d375
bb3048a2e2391fecd629b011888c8c5f5b672fb631a95f3dbb5999d0b65a342e
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc5d5c8cc50cf0377951ada6a7602f54ea87fc0014898d6f80d1be2b7273ef2b
beb732565b74c427bd5853418dd05aee837218a6866fbb27d2d45a9523de0a76
c4f9df929e6d5ebf356a4329516d9c16c3c04888733f3be0312ada2ddd6c8236
cbb229f3301f45fb2d2898017e941591023e1f6ffcdfa0d858d9be85cfee3e08
cd1e7833ba5cc7fed12b6a1f24a2571b27d6c362a35a4ab083eac71c1667cac6
d126806fb8446a0c0a359295c6706b4e82c2de595c5dab9505b82b2e76f2e33e
d2494c415ce0b63180b5280065eabfe0003826d65fd2db16b402bba50f27da90
d48767f7c83c518e49be6471eb36c89cd7d3853c2d92bc88e83be66b1e411efe
d77cd4b06cb52f4fd250207f84ed457dc4058ac33d18414fba45d9dd875cf70a
d7e79e05f378e7ee1eaf703981ac7f5ac32c4c410b2084c2e270a26d88b52ff1
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dee6aac20645f16fa48753fbc6b61dd34705ae3d45602cb77ef74bf46946ec40
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2d56a927eec00e70e6fc3fd5932726193c4a29dfab8fca210c24fe3259f156d
e2ea3c887c50e622ba0352874317044fdf4c0d6e0b4a2e02d9df0ee3bd31634e
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e83c2d4aeaa217881ec92da81bfaee5fead29d56af8a96514965df390c2fb836
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
edcfddd81e044f1f01beb69b5224a8a3f9913a456a06c4025b97458c40c3b677
f0e1aafab4a6623cef9a3bc652031a50a56d78e7ac511695db9355bc7ce045aa
f45619358bd0a3adcc3194ccbdd56ed12ac78950c862d6840d21b43a231f89e7
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f944e47531068ae80f68fedd4993359c077908a54be94e006ab44f553ea79c06
fa5dfc00ef2bdd2b13c2bbf741d4099cd90555dc04bbe7ddfedb19b74fb07616
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd15387389792c5019758a9a239e1176061b7564c38903aeb5016b246fe2020d
fd1e988c31d1963cd1d2813571485232a6687e960466a86ca4cd3d8eef72ab8f
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 84.17.37.44 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

240 Requests

88 %HTTPS

55 %IPv6

35 Domains

68 Subdomains

52 IPs

9 Countries

3473 kBTransfer

9840 kBSize

13 Cookies

10 Outgoing links

Redirected requests

240 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
84.17.37.44 Public Scan

Screenshot
Live screenshot

Full Image

240
Requests

88 %
HTTPS

55 %
IPv6

35
Domains

68
Subdomains

52
IPs

9
Countries

3473 kB
Transfer

9840 kB
Size

13
Cookies

240 HTTP transactions
1 data transactions