www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Submission: On September 14 via api (September 14th 2023, 5:47:59 pm UTC) from US — Scanned from DE

Summary HTTP 176 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 44 IPs in 10 countries across 39 domains to perform 176 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
6	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
2	104.20.219.77 104.20.219.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
3	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	152.199.21.70 152.199.21.70	15133 (EDGECAST) (EDGECAST)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3a	20446 (STACKPATH...) (STACKPATH-CDN)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
22	190.2.150.148 190.2.150.148	49981 (WORLDSTREAM) (WORLDSTREAM)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
2 3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
1 5	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1 1	51.83.220.94 51.83.220.94	16276 (OVH) (OVH)
3 3	52.57.217.9 52.57.217.9	16509 (AMAZON-02) (AMAZON-02)
2 2	188.42.34.64 188.42.34.64	7979 (SERVERS-COM) (SERVERS-COM)
1	212.8.243.91 212.8.243.91	49981 (WORLDSTREAM) (WORLDSTREAM)
1	2600:9000:223... 2600:9000:223c:d800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:810::2006	15169 (GOOGLE) (GOOGLE)
31	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
5	175.110.113.214 175.110.113.214	49981 (WORLDSTREAM) (WORLDSTREAM)
1 1	104.79.25.60 104.79.25.60	16625 (AKAMAI-AS) (AKAMAI-AS)
2	184.30.22.30 184.30.22.30	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:ad5e:1111:f66a:1a0c	16509 (AMAZON-02) (AMAZON-02)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
5	2a00:1450:400... 2a00:1450:4009:81f::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	185.84.60.21 185.84.60.21	198622 (ADFORM) (ADFORM)
2	2600:1f18:24e... 2600:1f18:24e6:b900:1345:3f18:137:8913	14618 (AMAZON-AES) (AMAZON-AES)
13	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4 10	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
2 4	172.64.148.101 172.64.148.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	78.46.111.106 78.46.111.106	24940 (HETZNER-AS) (HETZNER-AS)
1 4	138.201.63.117 138.201.63.117	24940 (HETZNER-AS) (HETZNER-AS)
1 2	142.250.186.134 142.250.186.134	15169 (GOOGLE) (GOOGLE)
1	85.114.131.235 85.114.131.235	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	98.98.134.242 98.98.134.242	21859 (ZEN-ECN) (ZEN-ECN)
1 1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	35.214.147.34 35.214.147.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
176	44

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
501d58268e413771edb4538db9194981.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.20.219.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.96.203.13 (Manassas, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 152.199.21.70 (United States)

ASN15133 (EDGECAST, US)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 190.2.150.148 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 190-2-150-148.hosted-by-worldstream.net

ad.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Clinton, United States) 2 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 51.89.9.252 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.83.220.94 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: app-ngx-pl-03.adpartner.pro

a4p.adpartner.pro	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.217.9 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-217-9.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.42.34.64 (Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.8.243.91 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-243-91.hosted-by-worldstream.net

ad.vidver.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:d800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 175.110.113.214 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-214.hosted-by-worldstream.net

cdn.vidverto.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.25.60 (Glattbrugg, Switzerland) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-25-60.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.22.30 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-22-30.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:ad5e:1111:f66a:1a0c (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4009:81f::2003 (London, United Kingdom)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.84.60.21 (Denmark)

ASN198622 (ADFORM, DK)

adx3.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:1345:3f18:137:8913 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.162 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.148.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.21 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.111.106 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.106.111.46.78.clients.your-server.de

hal9000.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.201.63.117 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.117.63.201.138.clients.your-server.de

hal90003.redintelligence.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f6.1e100.net

5994599.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.131.235 (Weil am Rhein, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: srv21039.dus4.fastwebserver.de

cdn.contentspread.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
PTR: ddos.com

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ius.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.147.34 (Groningen, Netherlands) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 34.147.214.35.bc.googleusercontent.com

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 501d58268e413771edb4538db9194981.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152	422 KB
31	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 googleads.g.doubleclick.net — Cisco Umbrella Rank: 47 pubads.g.doubleclick.net — Cisco Umbrella Rank: 412 cm.g.doubleclick.net — Cisco Umbrella Rank: 255 5994599.fls.doubleclick.net — Cisco Umbrella Rank: 128227	361 KB
27	vidverto.io ad.vidverto.io — Cisco Umbrella Rank: 34699 cdn.vidverto.io — Cisco Umbrella Rank: 45591	496 KB
7	gstatic.com fonts.gstatic.com csi.gstatic.com	38 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 15795 e3.adpushup.com — Cisco Umbrella Rank: 18665	280 KB
6	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1542 www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 121	12 KB
5	redintelligence.net 1 redirects hal9000.redintelligence.net — Cisco Umbrella Rank: 37741 hal90003.redintelligence.net — Cisco Umbrella Rank: 247854	11 KB
5	rubiconproject.com 2 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1174 eus.rubiconproject.com — Cisco Umbrella Rank: 669 token.rubiconproject.com — Cisco Umbrella Rank: 657 pixel.rubiconproject.com — Cisco Umbrella Rank: 402	12 KB
5	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 884	939 B
5	aralego.com 3 redirects ads.aralego.com — Cisco Umbrella Rank: 39510 sync.aralego.com — Cisco Umbrella Rank: 3092	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 658	2 KB
4	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 501	818 KB
4	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 389	89 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 268	2 KB
3	bidswitch.net 3 redirects x.bidswitch.net — Cisco Umbrella Rank: 373	1 KB
3	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 17835	41 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 980 s.tribalfusion.com — Cisco Umbrella Rank: 2310	1 KB
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9244	507 B
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 478	1 KB
2	betweendigital.com 2 redirects ads.betweendigital.com — Cisco Umbrella Rank: 1630	2 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1343 pixel.quantserve.com — Cisco Umbrella Rank: 1130	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	114 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 918	60 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2288	306 B
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 29728	11 KB
2	statcounter.com www.statcounter.com — Cisco Umbrella Rank: 16331 c.statcounter.com — Cisco Umbrella Rank: 10650	15 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	178 KB
1	loopme.me 1 redirects csync.loopme.me — Cisco Umbrella Rank: 1104	461 B
1	ctnsnet.com 1 redirects ius.ctnsnet.com — Cisco Umbrella Rank: 8166	666 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 873	187 B
1	contentspread.net cdn.contentspread.net — Cisco Umbrella Rank: 87436	77 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1183	551 B
1	adform.net adx3.adform.net — Cisco Umbrella Rank: 72546	657 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 406	266 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 331	17 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1253	634 B
1	vidver.to ad.vidver.to — Cisco Umbrella Rank: 60322	156 B
1	adpartner.pro 1 redirects a4p.adpartner.pro — Cisco Umbrella Rank: 10776	260 B
1	bg3.co www.bg3.co static.bg3.co Failed	15 KB
176	39

	Domain	Requested by
27	pagead2.googlesyndication.com	imasdk.googleapis.com ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net
22	ad.vidverto.io	www.bg3.co ad.vidverto.io imasdk.googleapis.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com www.bg3.co googleads.g.doubleclick.net
10	cm.g.doubleclick.net	4 redirects googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	www.bg3.co securepubads.g.doubleclick.net www.googletagservices.com cdn.aralego.net
7	pubads.g.doubleclick.net	imasdk.googleapis.com
5	csi.gstatic.com	imasdk.googleapis.com
5	cdn.vidverto.io	www.bg3.co
5	onetag-sys.com	1 redirects ad.vidverto.io googleads.g.doubleclick.net
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	hal90003.redintelligence.net	1 redirects googleads.g.doubleclick.net hal90003.redintelligence.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	imasdk.googleapis.com	ad.vidverto.io imasdk.googleapis.com
4	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	x.bidswitch.net	3 redirects
3	sync.aralego.com	2 redirects ads.aralego.com
3	cdn.aralego.net	www.bg3.co ads.aralego.com
2	5994599.fls.doubleclick.net	1 redirects www.bg3.co
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	fonts.gstatic.com	ad.vidverto.io
2	pr-bh.ybp.yahoo.com	2 redirects
2	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com
2	ads.betweendigital.com	2 redirects
2	www.googletagservices.com	securepubads.g.doubleclick.net googleads.g.doubleclick.net
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	delivery.adrecover.com cdn.adpushup.com
2	region1.google-analytics.com	www.googletagmanager.com
2	delivery.adrecover.com	www.bg3.co
2	ads.aralego.com	1 redirects ads.aralego.com
2	www.googletagmanager.com	www.bg3.co www.googletagmanager.com
1	adservice.google.com	5994599.fls.doubleclick.net
1	csync.loopme.me	1 redirects
1	ius.ctnsnet.com	1 redirects
1	pixel.rubiconproject.com	1 redirects
1	pixel-sync.sitescout.com	googleads.g.doubleclick.net
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	cdn.contentspread.net	hal90003.redintelligence.net
1	hal9000.redintelligence.net	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	501d58268e413771edb4538db9194981.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	adx3.adform.net	imasdk.googleapis.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	match.adsrvr.org	www.bg3.co
1	secure-assets.rubiconproject.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	pixel.quantserve.com	www.bg3.co
1	rules.quantcount.com	secure.quantserve.com
1	ad.vidver.to	www.bg3.co
1	a4p.adpartner.pro	1 redirects
1	secure.quantserve.com	cdn.adpushup.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	c.statcounter.com	www.statcounter.com
1	www.statcounter.com	www.bg3.co
1	www.bg3.co
0	static.bg3.co Failed	www.bg3.co
176	60

This site contains links to these domains. Also see Links.

Domain
vidverto.io

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-24` - `2023-12-24`	a year	crt.sh
*.adpushup.com GeoTrust TLS RSA CA G1	`2023-08-11` - `2024-07-12`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
ad.vidverto.io R3	`2023-07-26` - `2023-10-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
quantserve.com R3	`2023-08-29` - `2023-11-27`	3 months	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-28` - `2024-01-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
cdn.vidverto.io R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
redintelligence.net R3	`2023-08-11` - `2023-11-09`	3 months	crt.sh
contentspread.net R3	`2023-08-24` - `2023-11-22`	3 months	crt.sh
*.sitescout.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1	`2023-01-09` - `2024-02-02`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Frame ID: 8800A4D27CDE985130E47DE593A4205F
Requests: 77 HTTP requests in this frame

Frame: https://ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 9467B668709D23DD879B16367DA5E693
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8eC5ZyDKhbXCEl71oj1gX_mI-sdi-q5tQD8RDTS_yfcXEgpIXfgDlQrjXjn9d2bGJiUNfDrBl-M5fz26rBB8NhUnN__Y32Whn5XgtsmI_qifzJGrLMpLaZ3nrGTh6i8ThAlgrhtp4pvezz1M2Vb7hzgYY73dwsIfac8hB2ha1RqYd2FiDTefoGMF6pQy-VCymxlxxV3_5Rbot0PgQ0uWnYYtFIYUFKLNFPqD0k6uTv3MaqPEA0ZFF-ZyLVhDKyTL_keGBhi3HhuR1mDfuyK2P1a_O7-WqlVVGuvtiwM0cFLZz9H7H5ISzTlKgsU3GvInCAm0J&sai=AMfl-YTMxYOrZLOE8wWz85T_sxJNeCzuu-0kyhQZjJDQ_Qv070z2e8irKrCgl1VKeDhZpzYjmmwBrlPXIKKmPK0NzNLUIZobZxISeK5fVXD0etmHkFDcPVxZd61VMtxIQPPnh8r7Aus4d_tzqv6sfdnW&sig=Cg0ArKJSzGoZxJd3_I_dEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 879DD8B0BEC9CF8E422E75FF004F71A9
Requests: 4 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: E88D754AC7E1F246E307557072B10ACE
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: 83A36E764FBB46D29B835BDDE02633A8
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4212DE462303628DB23E4CE95E276B98
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F2E703403B19D971B54D9C274260095F
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8208763F2218DE42FE4E4FA4553EA0F4
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 7D17E673F660C473E695277150CB3D50
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: 3F97AA6AB2B44D859D802271780AFBB6
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 61C95826C070E08C20A2259089C86041
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html
Frame ID: A536B72FD392CE7E1401894BD6C9B467
Requests: 1 HTTP requests in this frame

Frame: https://501d58268e413771edb4538db9194981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 5C537CABD8E6BA60C3399B09B2536A93
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Frame ID: 6BEE844B787A4AE137675D7CC9CD3BF1
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A5B9D36B1D9B8128F9E162BAA8E76361
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 13696327FD8646CEE2D80C5E8FFE8D81
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1C43786A7688101B2D4C088BA799A8BA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E69DC4BBBBB508B441A43F0F23E8F44
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUo1t13JC2zEChDmE2cYlIDJGoJxAVuRfUB8UZ1I6tl1oms3lVzR1XW7NFin1EB4-XYwU7jRh2RDtgNGzV8bZba2FlCvjE-ETvfZAI6FiCZunjkxZ0-pJqS5Sx0efZS372WZq7ivmFcjkf8PVpkWoZ58hwIz3gsfFs24T6dLTShnhFbrso
Frame ID: A81FBB03A34DA04C7FAD1C9779EAD9F3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A089442407146B60657F987F12BE132
Requests: 3 HTTP requests in this frame

Frame: https://5994599.fls.doubleclick.net/activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727
Frame ID: 6CCD32ED1EDB6D64FCA526F30F618E46
Requests: 2 HTTP requests in this frame

Frame: https://hal90003.redintelligence.net/request_content.php?s=66596700151096404444994012447003&a=96f6fe9e
Frame ID: 423020AD1BB865703984284248B84B93
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 857818A5F7FD4E9474B6550739621D1D
Requests: 9 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Frame ID: D4BFB92643816481A6319D72136B188C
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 198601C790629C306C72B3A5DC4085D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8DEF70FD4BECB43F632ED0EEFA2CC287
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C0575B5FF52BDCAE65BF0AF4571FF3E8
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

《中國美術教育年度發展報告2022》發佈 - 天天要聞

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

/prebid\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Statcounter (Analytics) Expand

Overall confidence: 100%
Detected patterns

statcounter\.com/counter/counter

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

176
Requests

87 %
HTTPS

43 %
IPv6

39
Domains

60
Subdomains

44
IPs

10
Countries

3079 kB
Transfer

12745 kB
Size

42
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://vidverto.io/

Search URL Search Domain Scan URL

URL: https://vidverto.io/?utm_source=vidverto.io_branding&&utm_medium=www.bg3.co

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 50

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D44b6f1b4-e013-4910-a940-b171d27d75e0%26p_id%3D23 HTTP 302
https://ad.vidverto.io/delivery/v2/sync?userid=44b6f1b4-e013-4910-a940-b171d27d75e0&p_id=23

Request Chain 51

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=44b6f1b4-e013-4910-a940-b171d27d75e0&gdpr=0&gdpr_consent= HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=44b6f1b4-e013-4910-a940-b171d27d75e0&gdpr=0&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%26user_group%3D%24%7BUSER_GROUP%7D%26gdpr%3D0%26gdpr_consent%3D&crf=1&rts=-8823276476342326397 HTTP 302
https://x.bidswitch.net/sync?dsp_id=429&user_id=8affa2f3-de40-5201-8b89-666fee8a2126&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent= HTTP 302
https://ad.vidver.to/delivery/v2/sync?userid=94f62c9b-d97f-41f1-8918-a881e2f58e05&p_id=15

Request Chain 66

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 67

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/d4a5cba6-ea29-3aea-b402-3fe89eb8137f?gdpr=0&euconsent= HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0D1t3blE2oU0oL1YQuu1jVGrkR9h1V4_Y84iTn8-~A&redirect= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

Request Chain 127

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1

Request Chain 128

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQNHSieLlu2JsjO2VFH3NwAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxnrPXG-DBIZB9XbCCoBIE&google_cver=1

Request Chain 130

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNDg1NDgyNjU4MDIwMTgzNw%3D%3D

Request Chain 140

https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0iAoSkcDZYvhD42BngW6t6SwB6blvaBpvZOcp8kP8C4QASDSzIEaYJXikIKgB8gBCakCsC-WgVUAsj6oAwHIA5sEqgSKAk_QqNu93v9nwOoS4XGwnbuTbdKf4557THRXND8-x2XRugGwHdcVCIaUo93Y3KUSjsCIPkp4RxOxTGaYFv5bfrNUTg1xJRGLSnzSFVOWdtVkonPIlQFwB9dUfDIRwjoItMKVlLzFivr35ht_AfrK-M-5XnCbMyPFcUGW99JMMnW59HYTpXSgn_LrKCddljpIpP9n1Vut6kKUt-Gwbz9bYn8gVkdsQHrG1zx8kw6V6Rbt-d0bujtUQ9v7ndWTT1yPGSfjTNz9N5L2TAohJKYeBMqzYNdaekELPNWmbJDXpvgQf1dE4mfSy-RfVka54NQlGNFOFSPPIF96v74jSn7-dcrKAYEZLPs5QjghwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIi66ztNSqgQMVjYCnCh26Gwl2EAEYASAAEgI2UvD_BwE%26num%3D1%26cid%3DCAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB%26sig%3DAOD64_3PqMKcN_eTks2hCOc-4MZNBI8PMQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Ad1JPJ40yvc7rP_DGz3hNS9-br4cwuJc6noSp2Gj4VZNG4QK7iQKv21IkQDD-n_2WJb3ObG0_0bfTjN0rSvF_BqEQsYvDGxSQSSU4l6vQI_dVVU3fLCTM6aTK8D4KgMV5BF1mxTkUUfIwsuxjmZneV3RZPChEf0tM414L7t002dcWy5z4%26cry%3D1%26dbm_d%3DAKAmf-CEPU-BSitvUEq5Pjz2iGzN9yitY7MAeycy7rAQVC67-kREHEYqVJXVrBOXj5E6Ziy71PChTHJi-xzFewBwEXPshsKy00Ey-gt1hJCIclFZBeXTFHxG7PIH1uOWmjxKAAbM3sXMGN4bnPIDbNayY21Av_stzKSpGVC03YTg-vzIX_aO2K18t4eEV2DZh6G38JHXbQBnhlfsAmWvy9cPSEN1E6R93FLsldO_M9ysWAQpZ-d-u2ZuGdjzErzY1LUpKbGypw1lM5UEiNekvcGWaYihX-0zkd1EuhtLx-RFdyDDKr8uzzPibF1L8WVeXUcKRHc8et-260jpsiTAd3YMcKBXG3tXOTw99sHuy6SW8yHn3H8TGqdEpAyIQjBBOzOqskpy3Nt0l7Rv9DhAWc-hO8FZSafFtI7CO5nTr0pZpJdEyVmMW1Ma2gbRyMQnspqR3f8xVzQQX6pqQ1JMT-adNRMBqiSPLZYDAdR6kFeGHiNoTMywUdKOeE7C8a600VcsIwspX3TNDiL929B1WYeQaZt3TTas8ZnU4CzSCqC9jibLURmZNPt0_yOfdt5wZAw_dvKApoLWtVz2ILg1dj5CsRKUF1d0tBxE1jrY_7-xuG7x0SkXmkJY_-Elk7g2niKTOeb-CLiM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=7951422904576&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0iAoSkcDZYvhD42BngW6t6SwB6blvaBpvZOcp8kP8C4QASDSzIEaYJXikIKgB8gBCakCsC-WgVUAsj6oAwHIA5sEqgSKAk_QqNu93v9nwOoS4XGwnbuTbdKf4557THRXND8-x2XRugGwHdcVCIaUo93Y3KUSjsCIPkp4RxOxTGaYFv5bfrNUTg1xJRGLSnzSFVOWdtVkonPIlQFwB9dUfDIRwjoItMKVlLzFivr35ht_AfrK-M-5XnCbMyPFcUGW99JMMnW59HYTpXSgn_LrKCddljpIpP9n1Vut6kKUt-Gwbz9bYn8gVkdsQHrG1zx8kw6V6Rbt-d0bujtUQ9v7ndWTT1yPGSfjTNz9N5L2TAohJKYeBMqzYNdaekELPNWmbJDXpvgQf1dE4mfSy-RfVka54NQlGNFOFSPPIF96v74jSn7-dcrKAYEZLPs5QjghwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIi66ztNSqgQMVjYCnCh26Gwl2EAEYASAAEgI2UvD_BwE%26num%3D1%26cid%3DCAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB%26sig%3DAOD64_3PqMKcN_eTks2hCOc-4MZNBI8PMQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Ad1JPJ40yvc7rP_DGz3hNS9-br4cwuJc6noSp2Gj4VZNG4QK7iQKv21IkQDD-n_2WJb3ObG0_0bfTjN0rSvF_BqEQsYvDGxSQSSU4l6vQI_dVVU3fLCTM6aTK8D4KgMV5BF1mxTkUUfIwsuxjmZneV3RZPChEf0tM414L7t002dcWy5z4%26cry%3D1%26dbm_d%3DAKAmf-CEPU-BSitvUEq5Pjz2iGzN9yitY7MAeycy7rAQVC67-kREHEYqVJXVrBOXj5E6Ziy71PChTHJi-xzFewBwEXPshsKy00Ey-gt1hJCIclFZBeXTFHxG7PIH1uOWmjxKAAbM3sXMGN4bnPIDbNayY21Av_stzKSpGVC03YTg-vzIX_aO2K18t4eEV2DZh6G38JHXbQBnhlfsAmWvy9cPSEN1E6R93FLsldO_M9ysWAQpZ-d-u2ZuGdjzErzY1LUpKbGypw1lM5UEiNekvcGWaYihX-0zkd1EuhtLx-RFdyDDKr8uzzPibF1L8WVeXUcKRHc8et-260jpsiTAd3YMcKBXG3tXOTw99sHuy6SW8yHn3H8TGqdEpAyIQjBBOzOqskpy3Nt0l7Rv9DhAWc-hO8FZSafFtI7CO5nTr0pZpJdEyVmMW1Ma2gbRyMQnspqR3f8xVzQQX6pqQ1JMT-adNRMBqiSPLZYDAdR6kFeGHiNoTMywUdKOeE7C8a600VcsIwspX3TNDiL929B1WYeQaZt3TTas8ZnU4CzSCqC9jibLURmZNPt0_yOfdt5wZAw_dvKApoLWtVz2ILg1dj5CsRKUF1d0tBxE1jrY_7-xuG7x0SkXmkJY_-Elk7g2niKTOeb-CLiM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=7951422904576&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1

Request Chain 143

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727 HTTP 302
https://5994599.fls.doubleclick.net/activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727

Request Chain 151

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIlZg0jfNYccS4dKdXqtpXA&google_cver=1&google_push=AXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIlZg0jfNYccS4dKdXqtpXA&google_cver=1&google_push=AXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 153

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEDzMNXJlv50WXlE6zFIOEE&google_cver=1&google_push=AXcoOmSM0OZ5FbZRyhZ-CkzfAoDHMchOMhkNLymYGJR5bVXCagyej2lmg8Cfq5ZPb4wSSyILLVdH-yKg6DiVHiXnSgfgvf_6vAtL2wDW2HmdPCwyvdlAa1aG3Rk8ejFnaO5HYThttXgdpAbtkJMNkBRKiRua HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM0OZ5FbZRyhZ-CkzfAoDHMchOMhkNLymYGJR5bVXCagyej2lmg8Cfq5ZPb4wSSyILLVdH-yKg6DiVHiXnSgfgvf_6vAtL2wDW2HmdPCwyvdlAa1aG3Rk8ejFnaO5HYThttXgdpAbtkJMNkBRKiRua&google_hm=eS1pZ2w4VkhCRTJwRmN0dDlZUGx4OWMyUG5JWGRDWFQuan5B

Request Chain 154

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIH9uRDyhaDy-EYuh2Jj9rY&google_cver=1&google_push=AXcoOmRdcB6RfhtlMUFNLBUmrXrjzuR2n_Pt482rTc7hHJkRgCJrWikEDxdk67FuddnlcZk4AZ89EW_-ZuMUBP8m43Og4mxmKJ4q-akXtXd6oosEZiiBYlpb6b5X7OaNwcKfFE5Tt9kYsUGSukII7gynlLut HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1KR1JLVk8tMTgtOUw0VQ==&google_push=AXcoOmRdcB6RfhtlMUFNLBUmrXrjzuR2n_Pt482rTc7hHJkRgCJrWikEDxdk67FuddnlcZk4AZ89EW_-ZuMUBP8m43Og4mxmKJ4q-akXtXd6oosEZiiBYlpb6b5X7OaNwcKfFE5Tt9kYsUGSukII7gynlLut

Request Chain 155

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEgPUkDDmI1iLUC9S8NJHw0&google_cver=1&google_push=AXcoOmTFBYhTua_etg1s7lonM2Bj4YODHMo1PqoLBuIgpYsPao7uYSfK00Lz_5CYrBdCnr01avPtgIaWpAHGEsZ_ws_EAwyqTcBBUEhLIOD9bwgWme7EJb5amMdw9gI--5oQlzxwD2Dm7J-gdG6vrE2SKd0_Qg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTFBYhTua_etg1s7lonM2Bj4YODHMo1PqoLBuIgpYsPao7uYSfK00Lz_5CYrBdCnr01avPtgIaWpAHGEsZ_ws_EAwyqTcBBUEhLIOD9bwgWme7EJb5amMdw9gI--5oQlzxwD2Dm7J-gdG6vrE2SKd0_Qg&google_hm=FIz2TmD9QAKoXmFopU5hxUg

Request Chain 156

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENcoBfK15_dbfIIzXKhMo8o&google_cver=1&google_push=AXcoOmSM0H74mGoILFNKye1QeS7ASWQKt9r60okEXpQzg0uWBO1YsnfsgoOBsprKS7wLknVILUeTL5WnokhB7WoJOcW3REpiVsf8ykNXUEi7F-lEKypg2g6w8YdfNyb1X8V4C8j6wjF7ANGhNWgYwinIdtJtbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSM0H74mGoILFNKye1QeS7ASWQKt9r60okEXpQzg0uWBO1YsnfsgoOBsprKS7wLknVILUeTL5WnokhB7WoJOcW3REpiVsf8ykNXUEi7F-lEKypg2g6w8YdfNyb1X8V4C8j6wjF7ANGhNWgYwinIdtJtbg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 157

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_gid=CAESEB2gfuT1Vsy4jrNP401d0Ok&google_cver=1&google_push=AXcoOmRzbOKWJZK0qEeqL14kGI7PnwrgGFQXaGWl_vP9wibQ_Gio5BX6kt22RLNFvV6Om8bAs_xRePy1mjmWLeOG5vrl1Y6HZ5S75RJ9a6jgfd6egP95-5wJNkd20V0x-eBFaYpW0lloR-TrmRGziJPV2PlQOA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=2521df61-5b06-499a-9139-11266ed3534d&google_cver=1&google_gid=CAESEB2gfuT1Vsy4jrNP401d0Ok&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRzbOKWJZK0qEeqL14kGI7PnwrgGFQXaGWl_vP9wibQ_Gio5BX6kt22RLNFvV6Om8bAs_xRePy1mjmWLeOG5vrl1Y6HZ5S75RJ9a6jgfd6egP95-5wJNkd20V0x-eBFaYpW0lloR-TrmRGziJPV2PlQOA&gdpr=${GDPR}

176 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html Show response
www.bg3.co/a/ 53 KB
15 KB 1489ms
742ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 0586aea59699c08c45bbbcdb3c0d528935c401fdd7427f2627e9d117fc11e3c2

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Thu, 14 Sep 2023 17:47:52 GMT
etag: "d42f-3e5aQKesDpOmLN2FbIk5Vbwk/I4"
expires: Thu, 14 Sep 2023 17:48:52 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
72 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

abb10cb48ee591b0c9f225840cbe5db42325f2b8a6e6de024d42f1b35d2c05fb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 17:47:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72928
x-xss-protection: 0
server: sffe
etag: "f87f507b897b58e2"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 14 Sep 2023 17:47:52 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 55ms
34ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f35b509903f221a7819018ff7ce28b855c6460cd07132d2169f41b48ca541f41

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Thu, 14 Sep 2023 17:47:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9647
x-xss-protection: 0
server: sffe
etag: "3b7e1e9cd7df2156"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 14 Sep 2023 17:47:52 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 117ms
68ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

adbc41b9b5d99a13ea8b238c0afc32a94b888abc531a6d479cdef72a33487fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28855
x-xss-protection: 0
server: cafe
etag: 992 / 19614 / m202309110101 / config-hash: 12885940056693379628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:52 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
89 KB 48ms
25ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f58314d7c3a75163d4d6a55af37da678ba721a25c887b0acd8f5ba65fe938a65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90890
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 17:47:52 GMT

GET
H2 200 counter.js Show response
www.statcounter.com/counter/ 40 KB
15 KB 51ms
21ms Script
application/javascript 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.statcounter.com/counter/counter.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 14 Sep 2023 13:46:01 GMT
server: cloudflare
age: 12000
etag: W/"65030e99-a067"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 806a75252c379a41-FRA
expires: Fri, 15 Sep 2023 02:27:52 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

81ms
25ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 7176
alt-svc: h3=":443"; ma=86400
content-length: 40188
last-modified: Mon, 28 Aug 2023 06:02:11 GMT
server: cloudflare
etag: "64ec3863-9cfc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7ks4dkScHH5eBWDzns%2BWG2hpd11fcwmvCQwZVO4BeNJEUJRQ0%2FXX4ZpBB4rBwpeFGqknAUBSVOtApowBHk5rGTPOceG6uXENnR8DQZreiQbQmBCv93l%2B1YuiTnKG082clWwGVwZn%2BD0Nbj8jQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 806a7527ad7e365d-FRA

Redirect headers

Location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection: close
Content-length: 0

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 86ms
14ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48D0) /
Resource Hash: 9794ad3cb438c8b85aa002e5a401debddcc6436fe916a9be359dce69ad4b029a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-client-geo: DE
date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
age: 31055
x-cache: HIT
x-client-device: desktop
content-length: 10033
x-ap-device: DESKTOP
last-modified: Thu, 14 Sep 2023 07:00:35 GMT
server: ECAcc (ama/48D0)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: DE
accept-ranges: bytes
expires: Thu, 14 Sep 2023 18:47:52 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 678 KB
142 KB 87ms
15ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F2) /
Resource Hash: 1009fd29410a9be345dbf79db26a520e23358f097a98436923cfefdecb305118

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-client-geo: DE
date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
age: 3843
x-cache: HIT
x-client-device: desktop
content-length: 144615
x-ap-device: DESKTOP
last-modified: Thu, 14 Sep 2023 15:56:35 GMT
server: ECAcc (ama/48F2)
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-ap-geo: DE
accept-ranges: bytes
expires: Thu, 14 Sep 2023 18:47:52 GMT

GET
H2 200 t.php Show response
c.statcounter.com/ 192 B
567 B 150ms
140ms XHR
application/json 104.20.219.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://c.statcounter.com/t.php?sc_project=12918656&u1=5E7048486C534FC6CB9B09CD3DD76133&java=1&security=dd738f34&sc_snum=1&sess=c49b29&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&t=%E3%80%8A%E4%B8%AD%E5%9C%8B%E7%BE%8E%E8%A1%93%E6%95%99%E8%82%B2%E5%B9%B4%E5%BA%A6%E7%99%BC%E5%B1%95%E5%A0%B1%E5%91%8A2022%E3%80%8B%E7%99%BC%E4%BD%88%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=1551&sc_rum_e_e=1556&sc_rum_f_s=0&sc_rum_f_e=1548&get_config=true
Requested by: Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.219.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials: true
cf-ray: 806a75256c989a41-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET 707e98c717efe8624aa8c3f833d4d5ed.jpg
static.bg3.co/imgs/202302/ 0
0

GET 46ce95feb84219b31d6b2e37e07b86ee.jpg
static.bg3.co/imgs/202307/ 0
0

GET fc16eb61010e50c24d5e9437bc5270c7.jpg
static.bg3.co/imgs/202111/ 0
0

GET 5dcb39b91108172476e732cf01d765e9.jpg
static.bg3.co/imgs/202302/ 0
0

GET 977ef776392240871e3fc9e60f78426c.jpg
static.bg3.co/imgs/202303/ 0
0

GET da9df157595c1423535ae267ab10d3ae.jpg
static.bg3.co/imgs/202206/ 0
0

GET 30f81c6ed31ec5020e193732b80b0a3d.jpg
static.bg3.co/imgs/202303/ 0
0

GET f6dad7a631bb35fbc4ef2abd6d1f2bb1.jpg
static.bg3.co/imgs/202309/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012309011827000/v0/ 8 KB
3 KB 23ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309011827000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2313b832ea2d9d8e3c1b5bd2b9ca3498ffe84065c84294ead0a6617f8c1241a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:07:40 GMT
age: 160812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2980
x-xss-protection: 0
server: sffe
etag: "1123f3a95b3d07e5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:07:40 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012309011827000/v0/ 12 KB
4 KB 17ms
7ms Script
text/javascript 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012309011827000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bbbe27a91eb385c7f86d2203bd841747096782df337bae2afdb74cf4fe90258

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 12 Sep 2023 21:07:40 GMT
age: 160812
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3934
x-xss-protection: 0
server: sffe
etag: "57ee2204276dd362"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Sep 2024 21:07:40 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 39ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je39d0&_p=1645731989&cid=1777159273.1694713673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694713672&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=%E3%80%8A%E4%B8%AD%E5%9C%8B%E7%BE%8E%E8%A1%93%E6%95%99%E8%82%B2%E5%B9%B4%E5%BA%A6%E7%99%BC%E5%B1%95%E5%A0%B1%E5%91%8A2022%E3%80%8B%E7%99%BC%E4%BD%88%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:52 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 29ms
10ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
server: nginx
etag: W/"62f659d6-14e98"
vary: Accept-Encoding
x-hw: 1694713672.dop139.fr8.t,1694713672.cds122.fr8.hn,1694713672.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/ 408 KB
129 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:23:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1437
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131712
x-xss-protection: 0
server: cafe
etag: 7905716078372049509
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 13 Sep 2024 17:23:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 39ms
38ms Script
application/javascript 2001:4de0:ac18::1:a:3a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1694713672.dop139.fr8.t,1694713672.cds122.fr8.hn,1694713672.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
772 B 14ms
13ms Image
image/jpeg 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1694713672713
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48F4) /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Fri, 13 Sep 2024 17:47:52 GMT
date: Thu, 14 Sep 2023 17:47:52 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: ECAcc (ama/48F4)
age: 2443348
etag: "60d2d6c2-277"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-client-device: desktop
content-length: 631
x-client-geo: DE

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 46ms
46ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4042625674741145&correlator=3064409235070335&eid=31077692&output=ldjh&gdfp_req=1&vrg=202309110101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1694713672746&lmt=1694706472&adxs=220&adys=454&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1777159273.1694713673&ga_sid=1694713673&ga_hid=1645731989&ga_fc=true&dlt=1694713672468&idt=251&adks=2226185566&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b9fec2450dcf6eaa37d55c3b132abcb710b767a977cdd0af70a957a7841ccbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12501
x-xss-protection: 0
google-lineitem-id: 6344488284
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440076868
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 9467 6 KB
3 KB 67ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:52 GMT
expires: Fri, 13 Sep 2024 17:47:52 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 15ms
14ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CC) /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-client-geo: DE
date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
age: 31054
x-cache: HIT
x-client-device: desktop
content-length: 122286
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: ECAcc (ama/48CC)
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 17:47:52 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
309 B 14ms
14ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48CB) /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-client-geo: DE
date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
age: 2976392
x-cache: HIT
x-client-device: desktop
content-length: 211
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: ECAcc (ama/48CB)
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 17:47:52 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 15ms
14ms Script
application/javascript 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/48AA) /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

x-client-geo: DE
date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
age: 31054
x-cache: HIT
x-client-device: desktop
content-length: 18371
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: ECAcc (ama/48AA)
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 17:47:52 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
317 B 110ms
17ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTQ3MTM2NzI4MTAsInBhY2tldElkIjoiMDAwMEE3MDEtNTFkOTNlMDMtNTI5Zi00YzNjLTk1MjAtMzVjYTM3NzQ0N2I5Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3pob25nLWd1by1tZWktemh1LWppYW8teXUtbmlhbi1kdS1mYS16aGFuLWJhby1nYW8tMjAyMi1mYS1idS5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJERSJ9&c_b=1834
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:52 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
365 B 108ms
16ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:52 GMT
server: nginx/1.18.0 (Ubuntu)
ap-cookie-status: cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods: GET, POST
content-type: image/png
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 20 KB
9 KB 127ms
44ms Script
application/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a3798344be49c312b2ba8db56e38b9b1047eda3e9b04ab8baacf375a322ee1b

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qqoYaacItIMpU0cw5O_row' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-qqoYaacItIMpU0cw5O_row' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 879D 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu8eC5ZyDKhbXCEl71oj1gX_mI-sdi-q5tQD8RDTS_yfcXEgpIXfgDlQrjXjn9d2bGJiUNfDrBl-M5fz26rBB8NhUnN__Y32Whn5XgtsmI_qifzJGrLMpLaZ3nrGTh6i8ThAlgrhtp4pvezz1M2Vb7hzgYY73dwsIfac8hB2ha1RqYd2FiDTefoGMF6pQy-VCymxlxxV3_5Rbot0PgQ0uWnYYtFIYUFKLNFPqD0k6uTv3MaqPEA0ZFF-ZyLVhDKyTL_keGBhi3HhuR1mDfuyK2P1a_O7-WqlVVGuvtiwM0cFLZz9H7H5ISzTlKgsU3GvInCAm0J&sai=AMfl-YTMxYOrZLOE8wWz85T_sxJNeCzuu-0kyhQZjJDQ_Qv070z2e8irKrCgl1VKeDhZpzYjmmwBrlPXIKKmPK0NzNLUIZobZxISeK5fVXD0etmHkFDcPVxZd61VMtxIQPPnh8r7Aus4d_tzqv6sfdnW&sig=Cg0ArKJSzGoZxJd3_I_dEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Sep 2023 17:47:52 GMT

GET
H2 200 invocation.js Show response
ad.vidverto.io/vidverto/js/aries/v1/ 26 KB
8 KB 52ms
14ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: gzip
last-modified: Fri, 18 Aug 2023 14:03:06 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64df7a1a-66bb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:52 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 879D 182 KB
57 KB 46ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:52 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
639 B 17ms
17ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1093
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y%2BJ05%2BlzsAyddY8U8cgHjh5VGXZ2f%2FoInTQg570%2FJ%2FKkxp3J%2BcxXV3SjPg4JwSMDH5zCUkUnpnA%2BFN%2F4CQRVy3uAAxvLn9hD80G%2BaCfV8XLLvMj0pO2jbWuKSNmG9dqwbrBYfYTm2CadiEQjFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 806a7527fdd9365d-FRA

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 418ms
102ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Clinton, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 85a48ef65e57436536bee87bf137d0b8277b9ac0fbcc38e11b2f7326a026278a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
vary: Accept-Encoding
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
connection: close
content-length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 372ms
175ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9657121754102678&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 17:47:53 GMT
X-Width: 336
X-Height: 280
X-AdStyle: banner
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Expose-Headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
X-AdSource: PSA
X-Adtype: html
Connection: close
Content-Length: 564

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 66ms
10ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
etag: "6ioqmyHWSWLYz5hkRjy8Uw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 21 Sep 2023 17:47:53 GMT

GET
H2 200 impress Show response
ad.vidverto.io/delivery/ 51 KB
18 KB 45ms
45ms XHR
application/json 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&referrer=&async=1&uid=5897967511&gdpr=0&gdpr_consent=
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 67d1fdb5c556f86d8e4619147c3c9341012fc5848fa4cb396813054d70fe5e35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: https://www.bg3.co
date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: application/json; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 879D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 430a6e7150545de867540d1752b691ba077a3d76e1008d852d0d3bd3409f2a1a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 879D 0
0 67ms
52ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuKEtlP07WcL-hFzDHk6sAmwqBxlvPMibDLd6I0niJSbAfzEm0syS0XjTdjQXZ6Z8AK6FprAASp3MLSkDTgghRU5nH4qS5C-Yw_PR4IE_bFzXXy2tTouKytVpLLgmXOkXjwtchTS7Lk10FbI7Kkq2I00evdMp3nDF2fvUiScbEUyO6D8xSmYb2bYxeIxFk15s3jipuutIMV8STt9zwSeGL45SNCbFXo5wDX72EphLdoTWyMB3uVzFOF5xjLgz9ix05kR2vNWT7HS0OC9me_5kqu0ar1pfxIrq5oMSB3DTnZoC82yzNwwOyawq59b206TYarroTQiKc&sai=AMfl-YTu-Q4lg29Qd9nLnjhUy8oHXFeqHltKaD2WcvyB58yoyGQB_vNtHRlSTydvvJDv9ivpbrcxK5Mcqiz0Ruf6ZUwflueJssDmahb6SGkGGuONa_MY5X_UW_m3NhBV8cvBHvQGs7Me2_7UGsZoaKK0&sig=Cg0ArKJSzHjky0H-uYh-EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame E88D 0
0 50ms
18ms Document
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 357 KB
123 KB 82ms
38ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125468
x-xss-protection: 0
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
H2 200 inview.min.js Show response
ad.vidverto.io/js/ima2/2/ 5 KB
2 KB 18ms
16ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5ee0f3c3-1389"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:53 GMT

GET
H2 200 vast-client.min.js Show response
ad.vidverto.io/js/ima2/2/ 59 KB
13 KB 19ms
17ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Fri, 21 Apr 2023 17:10:25 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"6442c381-edf4"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:53 GMT

GET
H2 200 ima.min.js Show response
ad.vidverto.io/js/ima2/2/ 88 KB
23 KB 20ms
19ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=8a6ba3d3ebe29c4e894807ea956e9bd6
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Wed, 13 Sep 2023 11:04:56 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"65019758-15fed"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:53 GMT

GET
H2 200 vidvertoplayer.js Show response
ad.vidverto.io/vidverto/player/ 129 KB
41 KB 33ms
32ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 07:44:44 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdedec-205ff"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:53 GMT

GET
H2 200 prebid.js Show response
ad.vidverto.io/js/achernar/ 284 KB
95 KB 66ms
64ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/js/achernar/prebid.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Mon, 11 Sep 2023 11:42:20 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"64fefd1c-47038"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:53 GMT

GET
H2 200 invocation.min.css
ad.vidverto.io/vidverto/ 3 KB
851 B 66ms
63ms Stylesheet
text/css 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/invocation.min.css
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 16:53:37 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"5fac1711-a0a"
vary: Accept-Encoding
content-type: text/css

GET
H2

200

sync
ad.vidverto.io/delivery/v2/
Redirect Chain

https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D44b6f1b4-e013-4910-a940-b171d27d75e0%26p_id%3D23
https://ad.vidverto.io/delivery/v2/sync?userid=44b6f1b4-e013-4910-a940-b171d27d75e0&p_id=23

0
152 B

14ms
13ms

Image
text/plain

190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/v2/sync?userid=44b6f1b4-e013-4910-a940-b171d27d75e0&p_id=23
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: https://ad.vidverto.io/delivery/v2/sync?userid=44b6f1b4-e013-4910-a940-b171d27d75e0&p_id=23
date: Thu, 14 Sep 2023 17:47:53 GMT
cache-control: no-store no-transform
server: nginx
content-length: 161
content-type: text/html; charset=utf-8

GET
H2

200

sync
ad.vidver.to/delivery/v2/
Redirect Chain

https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=44b6f1b4-e013-4910-a940-b171d27d75e0&gdpr=0&gdpr_consent=
https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=44b6f1b4-e013-4910-a940-b171d27d75e0&gdpr=0&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://ads.betweendigital.com/match?bidder_id=43092&gdpr=0&consent=&callback_url=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D429%26user_id%3D%24%7BUSER_ID%7D%26ssp%3Dprodoohmox%26expires%3D30%...
https://x.bidswitch.net/sync?dsp_id=429&user_id=8affa2f3-de40-5201-8b89-666fee8a2126&ssp=prodoohmox&expires=30&user_group=1&gdpr=0&gdpr_consent=
https://ad.vidver.to/delivery/v2/sync?userid=94f62c9b-d97f-41f1-8918-a881e2f58e05&p_id=15

0
156 B

65ms
14ms

Image
text/plain

212.8.243.91
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidver.to/delivery/v2/sync?userid=94f62c9b-d97f-41f1-8918-a881e2f58e05&p_id=15
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Server: 212.8.243.91 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 212-8-243-91.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-length: 0
server: nginx/1.14.0 (Ubuntu)

Redirect headers

location: //ad.vidver.to/delivery/v2/sync?userid=94f62c9b-d97f-41f1-8918-a881e2f58e05&p_id=15
date: Thu, 14 Sep 2023 17:47:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 favicon-16px.png
ad.vidverto.io/images/ 900 B
1 KB 65ms
63ms Image
image/png 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/images/favicon-16px.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
last-modified: Wed, 10 Jun 2020 14:52:51 GMT
server: nginx/1.14.0 (Ubuntu)
etag: "5ee0f3c3-384"
content-type: image/png
cache-control: max-age=604800, public, max-age=604800
accept-ranges: bytes
content-length: 900
expires: Thu, 21 Sep 2023 17:47:53 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
634 B 78ms
6ms Script
application/javascript 2600:9000:223c:d800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:d800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:42:23 GMT
via: 1.1 891011d51eb2353ebe8601f5b6467070.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 331
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 1NT3asZs0-zUj8XUwRBJrjDDw93AEiz1M_B0ueY1-vJ5Xrlv4kVdPA==

GET
H2 200 pixel;r=1973871408;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6...
pixel.quantserve.com/ 35 B
373 B 39ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1973871408;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1950086237-1694713673074;pbc=;ns=0;ce=1;qjs=1;qv=44310d19-20230908150619;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1694713673237;tzo=-120;ogl=;ses=f0a0805a-7519-4380-971e-4f8974255cd6;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:53 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
357 B 9ms
9ms Fetch
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
content-type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.bg3.co
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
access-control-allow-credentials: true
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

GET
H2 200 video_playlist.js Show response
ad.vidverto.io/vidverto/player/ui/js/ 111 KB
32 KB 28ms
27ms Script
application/javascript 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Thu, 18 Aug 2022 08:21:47 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"62fdf69b-1bc07"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600, public, max-age=3600
expires: Thu, 14 Sep 2023 18:47:53 GMT

GET
H2 200 video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 61 KB
9 KB 29ms
29ms Stylesheet
text/css 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028
Requested by: Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
last-modified: Sun, 28 Feb 2021 22:32:40 GMT
server: nginx/1.14.0 (Ubuntu)
etag: W/"603c1a08-f52f"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 bridge3.589.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 83A3 722 KB
232 KB 10ms
7ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236935
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:15:12 GMT
expires: Fri, 13 Sep 2024 07:15:12 GMT
last-modified: Tue, 12 Sep 2023 02:58:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 52ms
17ms Script
text/javascript 2a00:1450:4001:810::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4212 40 KB
14 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 14 Sep 2023 18:22:16 GMT

GET
H2 200 video
ad.vidverto.io/delivery/rtb/ 0
0 22ms
21ms Image
text/xml 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/delivery/rtb/video?data=V0TKTILz5AE1JEf6e5yQtgUDZXkYhcFIsB116SWfnk61tnS8WZqibLhZeY2h%2FgWD0BgNNHo2ioWtkQ1iKtGkbw2wg3RnoOMpMyBlRL58dXnARocoixl9jEAOiUri4R369qfSyzZLb%2FwkMDR%2FTFS8%2Fs357NUDUoWY690bD4k1AsoOptEiLzY3fcSltab5bqYV%2BMqfOSOKWT%2Ft1tm69E0hY0SF9qPSHmniwZAqophmh6Hek1T4b2Yq3B0%2Bykb9NWhuzFdoORW9qIYyvRdPZzyaSjpOp0Bs3elTgyEufXCNFK5DEPCJnZEFIcUkpTvos%2BeJTv56%2BsUJduwe1zUhwH6f%2BSP8MWCnIhCtifMFd8qhOb%2BuWW8s14D6yv%2FNkkcpo%2FzELksUaRo%2BJCzDu5oH34AR2IZxSlIo%2FbY%2B7AySYIcUi6ygx0LMVrLoswc46ZCaePnMJlSoqaw44aaSUiYIvTPTbwkj%2BxcTIZBq59Fp0Jav3WVBNKl0neIBrKq6dW3R12S0Dkq5QEggPnFWTesbxA7Ct8aj2jV4bY1orxPqHA473siCQ3%2BmOjqLjMgJ%2Bii4ZVDA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/ 356 KB
0 62ms
15ms Media
video/mp4 175.110.113.214
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-214.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 14 Sep 2023 17:47:53 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame F2E7 18 KB
8 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d5518dc67954f3f190da5f7a41a82699d9c91152b6859e23790b6695c29a13d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7896
x-xss-protection: 0
server: cafe
etag: 6074308942339369949
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8208 714 B
786 B 16ms
16ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 13257
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 806a752adb02bb35-FRA
content-encoding: br
content-type: text/html
date: Thu, 14 Sep 2023 17:47:53 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bulGjV0XVYwC9DjzqYRypVXBdToTHNxesWX62JnizAXICvJKR4zB8F1n1lHqYaKXwijrI2kkstbHTHSReC4M72R86hxgEBqYmgSM2Ru%2F11tDnoTuhIC%2B6OPGuiGDp7GCQwKsxt8%2FdEE2F%2BxXdA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 7D17
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

40ms
7ms

Document
text/html

184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Thu, 14 Sep 2023 17:47:53 GMT
ETag: "40011-119-6051b805b8000"
Last-Modified: Mon, 11 Sep 2023 20:52:16 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Thu, 14 Sep 2023 17:47:53 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
https://pr-bh.ybp.yahoo.com/sync/ucfunnel/d4a5cba6-ea29-3aea-b402-3fe89eb8137f?gdpr=0&euconsent=
https://sync.aralego.com/idsync?ucf_nid=dsp-AE38A6E4BB372DE1838A748E89487D9&ucf_user_id=y-0D1t3blE2oU0oL1YQuu1jVGrkR9h1V4_Y84iTn8-~A&redirect=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=

70 B
266 B

120ms
33ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date: Thu, 14 Sep 2023 17:47:54 GMT
connection: close
content-length: 111
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
19 KB 40ms
11ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 23:29:48 GMT
x-content-type-options: nosniff
age: 497885
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Sep 2024 23:29:48 GMT

GET
H2 200 JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 19 KB
19 KB 40ms
13ms Font
font/woff2 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2

Requested by

Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1653047028

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.vidverto.io/
Origin: https://www.bg3.co
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 04:05:52 GMT
x-content-type-options: nosniff
age: 481321
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18956
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:27:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Sep 2024 04:05:52 GMT

GET
H2 200 logo.svg
ad.vidverto.io/vidverto/player/ 414 B
552 B 20ms
16ms Image
image/svg+xml 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.vidverto.io/vidverto/player/logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
last-modified: Wed, 04 May 2022 14:39:21 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "62729019-19e"
content-length: 414
content-type: image/svg+xml

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8208 98 KB
29 KB 98ms
98ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65268b5b4f4c2a038f1e8395dde2421dfcc77bd38e278b33660477be67d0c29d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29233
x-xss-protection: 0
server: cafe
etag: 476 / 19614 / 31077886 / config-hash: 12885940056693379628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/ 372 KB
0 44ms
17ms Media
video/mp4 175.110.113.214
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-214.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 14 Sep 2023 17:47:53 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H3 200 bridge3.589.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3F97 722 KB
231 KB 8ms
7ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37961
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236935
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:15:12 GMT
expires: Fri, 13 Sep 2024 07:15:12 GMT
last-modified: Tue, 12 Sep 2023 02:58:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 61C9 40 KB
14 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1537
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 14 Sep 2023 18:22:16 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 7D17 36 KB
11 KB 9ms
8ms Script
text/html 184.30.22.30
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.22.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-22-30.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: eb5a398e4dfbc7a9860e9d8c402c66a9075f34cfb5e78837ec16c7caa9d88e53

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 17:47:53 GMT
Content-Encoding: gzip
Last-Modified: Thu, 14 Sep 2023 11:35:17 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=64055
Connection: keep-alive
Content-Length: 10523
Expires: Fri, 15 Sep 2023 11:35:28 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame F2E7 144 KB
50 KB 54ms
54ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08345ab1867ed4b3a8f81a77a885e5cd869bb2102e4a5edf6faae61bab11e8a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50750
x-xss-protection: 0
server: cafe
etag: 5259121096477275254
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
H/1.1 200
OK khaos.json Show response
token.rubiconproject.com/ Frame 7D17 7 B
380 B 47ms
10ms XHR
application/json 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://token.rubiconproject.com/khaos.json?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://eus.rubiconproject.com
Cache-Control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
content-length: 7
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
Expires: 0

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/ 232 KB
232 KB 43ms
14ms Media
video/mp4 175.110.113.214
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-214.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=16973824-

Response headers

Date: Thu, 14 Sep 2023 17:47:53 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 16973824-17211103/17211104
Connection: keep-alive
Content-Length: 237280

GET
H2 200 uCpEBnDBIawtvu4ZeqXg1ezdPOeOs7CSqL0lmtUqW%2BIh6%2B8f%2BxXnkfsHIrIjhfyYCDijJ9tFuqRSaFw50HjuGkJvPTFffCTWBeAtbm9lTqkspxrmV6CHGW%2BLBjrFfVS8VL0MDr%2FMfejrctvOQ2kTOPQwbCF8OgG5MsOZTDTJez6BA3DPjIjtCsPMc3k... Show response
ad.vidverto.io/delivery/video/pod/ Frame 83A3 45 KB
19 KB 26ms
26ms XHR
text/xml 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/delivery/video/pod/uCpEBnDBIawtvu4ZeqXg1ezdPOeOs7CSqL0lmtUqW%2BIh6%2B8f%2BxXnkfsHIrIjhfyYCDijJ9tFuqRSaFw50HjuGkJvPTFffCTWBeAtbm9lTqkspxrmV6CHGW%2BLBjrFfVS8VL0MDr%2FMfejrctvOQ2kTOPQwbCF8OgG5MsOZTDTJez6BA3DPjIjtCsPMc3kDkA8PaUdw53P5jaeBNOvodSCSPPcvVfIcIA%2F91mBBiDOMxF4W5qFjPqJnsYcTWcmDuP6rjMER8y%2FB54NNszhmVq3TZSfwnuykaM0kfDL2zZvieooz6tbCJGhOWOPm074jCWHm7SlfgDSZhJSr9S%2B4JcINglFsCOdSdH35f%2FUaXIXs%2B%2Feju3fktvV%2FbYPbEnZY9M4oL7ZV1WlcYl1yz589H5BRZPFEeGHfRIq3ktr0ZNH10Rdx%2FnsDX%2FPpwVRhhkhpnIRGL6K%2Fsd9YsIxG%2B3K9hJG82C%2FLK%2BL3%2F3Tj75nUwuJzM%2FdSOxUJr4X6kRlYX4oUCwZsGC36f0mCNJ6n42iH2I131J8UbZ3v60bwvf0OT4r%2BWD1389LzfkGRSKxNbeBlaw5uVh%2Bzn%2Bpdyp1tUrAenLgQOnm9g5viTInFvX6sglyHYKaxQjaFKHv4JjCpHi2ww59sjtrJz%2BRvY89BheXDrVYJ%2FLJZWT03HXQb%2B1qQJncyjQxsl%2FXXg5gSHRK1sYikPa2LgVnOngPGSQnw59DL6A4lqw%3D%3D?bids=%7B%7D
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 616908eea7d791f0945b84a1b619e2bbd691f0f9dc73810b5337cb2fcea34657

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/ Frame 8208 408 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 10:36:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25857
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131705
x-xss-protection: 0
server: cafe
etag: 17641473086515647811
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 13 Sep 2024 10:36:56 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/ Frame F2E7 380 KB
129 KB 91ms
88ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077838

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e9d338f18d076e5436f3c44d3521aa50f7fbdbc75a0c9b2f257efc64a2f92a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131914
x-xss-protection: 0
server: cafe
etag: 17670016893347134708
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/ Frame A536 10 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230912/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 71553
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4438
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 13 Sep 2023 21:55:20 GMT
etag: 8554266389219770021
expires: Wed, 27 Sep 2023 21:55:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 83A3 0
235 B 95ms
31ms Ping
image/gif 2a00:1450:4009:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmjgrjf2&c=6560099811260&slotId=3280049905630&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:81f::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 83A3 156 B
187 B 1205ms
1143ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_2.5&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3929345361212235&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3B49AEE-B45C-4458-893C-B3C69C69EDD7&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713673998&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=2025910408969976&ged=ve4_td2_tt0_pd2_la2000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
adx3.adform.net/adx/ Frame 83A3 65 B
657 B 696ms
255ms XHR
text/xml 185.84.60.21
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx3.adform.net/adx/?mid=1743473&t=2

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.21 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
access-control-max-age: 86400
access-control-allow-credentials: true
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 83A3 156 B
538 B 500ms
442ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3929345361212235&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3B49AEE-B45C-4458-893C-B3C69C69EDD7&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713674003&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=2025910408969976&ged=ve4_td2_tt0_pd2_la2000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 83A3 156 B
257 B 585ms
529ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3929345361212235&cust_params=mt_fln%3D1.8&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3B49AEE-B45C-4458-893C-B3C69C69EDD7&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713674006&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=2025910408969976&ged=ve4_td2_tt0_pd2_la2000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 83A3 156 B
187 B 1429ms
1379ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.5&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3929345361212235&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3B49AEE-B45C-4458-893C-B3C69C69EDD7&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713674008&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=2025910408969976&ged=ve4_td2_tt0_pd2_la2000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/live/ Frame 83A3 156 B
228 B 859ms
811ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3929345361212235&cust_params=mt_fln%3D1.3&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3B49AEE-B45C-4458-893C-B3C69C69EDD7&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713674014&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=2025910408969976&ged=ve4_td2_tt0_pd2_la2000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-mediationtag-id: -2
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 83A3 156 B
187 B 1683ms
1637ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3929345361212235&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=F3B49AEE-B45C-4458-893C-B3C69C69EDD7&nel=0&eid=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713674016&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=2025910408969976&ged=ve4_td2_tt0_pd2_la2000_er697.400.698.800_vi0.0.1200.1600_vp100_ts0_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8208 497 B
274 B 41ms
39ms Fetch
text/plain 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4232940525693584&correlator=803032493262580&eid=31077886&output=ldjh&gdfp_req=1&vrg=202309130101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1694713674078&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=taan88nhwvd&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qONa6wyVFMVBkJMaBTZevEDc0Vw7ycxXbljpfxHujPffwfb1lCz25wqaZrOWuUs1-Yl4P594x5O5-WaZT4WSc3YI50zcEeVrZ4MPilCxgc8nGzdhZeDSb51MLx5pTkhOhnOz1Q2dMoovpGa0Cw8w0DzZvWJYhwo&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=995895461.1694713674&ga_sid=1694713674&ga_hid=1055495417&ga_fc=false&dlt=1694713673570&idt=455&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7309773d6765426ce9dc94751fb917236ad391f33cf47c118ce806c9e1d98729

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 245
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8208 15 KB
11 KB 80ms
64ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309130101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a93471f92855fcc7b759f690b29ec1883838e0b81625ca83720afc93ae5b7876

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11613
x-xss-protection: 0

GET
H2 200 container.html Show response
501d58268e413771edb4538db9194981.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5C53 6 KB
3 KB 54ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://501d58268e413771edb4538db9194981.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:54 GMT
expires: Fri, 13 Sep 2024 17:47:54 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
254 B 409ms
150ms Fetch
application/json 2600:1f18:24e6:b900:1345:3f18:137:8913
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:1345:3f18:137:8913 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2EvemhvbmctZ3VvLW1laS16aHUtamlhby15dS1uaWFuLWR1LWZhLXpoYW4tYmFvLWdhby0yMDIyLWZhLWJ1Lmh0bWw=.json Show response
cdn.adpushup.com/42753/ 555 B
245 B 361ms
360ms XHR
text/html 152.199.21.70
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2EvemhvbmctZ3VvLW1laS16aHUtamlhby15dS1uaWFuLWR1LWZhLXpoYW4tYmFvLWdhby0yMDIyLWZhLWJ1Lmh0bWw=.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

expires: Fri, 13 Sep 2024 17:47:54 GMT
date: Thu, 14 Sep 2023 17:48:09 GMT
content-encoding: br
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31536000
x-client-device: desktop
x-client-geo: DE

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame F2E7 210 B
551 B 50ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309120101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077838

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f850d916cbf332267cd8f4d0deb60c3b082177e8139e64dcdaec989a08f8c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 198
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6BEE 28 KB
13 KB 659ms
658ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea7b6f1c9476eabeea7c591575612038df6e6b7b6addf978f746279c976d7744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 13174
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:54 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame F2E7 15 KB
12 KB 55ms
55ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230912&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2848e0d8c7008ca1db2420541b315c6811957088015013372b8172dd768f3d8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11761
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8208 17 KB
7 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309130101/pubads_impl.js?cb=31077886

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:47:54 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame F2E7 17 KB
6 KB 52ms
41ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:47:54 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A5B9 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 16:11:42 GMT
expires: Fri, 13 Sep 2024 16:11:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1369 829 B
1 KB 46ms
17ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ed1f1c0c707220ebc2f003bfc1d96e5f842ff4fa1bff3513d866b996f01b82e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NY0XhHLfT3HRyh7GRpx9ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-NY0XhHLfT3HRyh7GRpx9ew' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:54 GMT
expires: Thu, 14 Sep 2023 17:47:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1C43 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5772
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 16:11:42 GMT
expires: Fri, 13 Sep 2024 16:11:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E69 829 B
766 B 19ms
17ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

741ecc8704ef4c2d761bed3c265b207a8b9e957c0d322ceec32d14f8ede4c134

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nPJ6Ejgoht7b5bnXESnX8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-nPJ6Ejgoht7b5bnXESnX8A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:54 GMT
expires: Thu, 14 Sep 2023 17:47:54 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame A5B9 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 09:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 09:02:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1369 0
0 107ms
107ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309130101&jk=4232940525693584&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C43 37 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 09:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117914
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 09:02:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8E69 0
0 107ms
106ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230912&jk=2885035107042631&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A5B9 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3-IdKw
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 268 KB
89 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

aa12e899ad53e92a62865573d544a476d6e89e952f6796aa59aa88f6bab33a71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 91160
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 14 Sep 2023 17:47:54 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 112ms
111ms Fetch
application/json 2600:1f18:24e6:b900:1345:3f18:137:8913
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b900:1345:3f18:137:8913 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1C43 0
10 B 11ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?IGdU0Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 83A3 0
55 B 36ms
35ms Ping
image/gif 2a00:1450:4009:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmjgrjsm&c=6560099811260&slotId=3280049905630&ghmsh_eids=44747319%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44800470&vast_v=4.0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4009:81f::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
176 B 55ms
18ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

POST
H2 204 collect
region1.google-analytics.com/g/ 0
55 B 17ms
16ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je39d0&_p=1645731989&cid=1777159273.1694713673&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694713674&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=%E3%80%8A%E4%B8%AD%E5%9C%8B%E7%BE%8E%E8%A1%93%E6%95%99%E8%82%B2%E5%B9%B4%E5%BA%A6%E7%99%BC%E5%B1%95%E5%A0%B1%E5%91%8A2022%E3%80%8B%E7%99%BC%E4%BD%88%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 83A3 0
17 B 31ms
30ms Ping
image/gif 2a00:1450:4009:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lmjgrk81&c=6560099811260&slotId=3280049905630&faa=1&fas=1
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:81f::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
175 B 14ms
14ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
175 B 15ms
15ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BEE 42 B
63 B 114ms
114ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D6t85g7pqw0pNz2n9AQaZEhA3E19Hev24BmrLIJO2mU0YZazdJ9p3u5qikjkfeoZDYfE1G2CwgcK51z092z7V2RJpw3HHX5TGSPI_y2pVidVtj3ZM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BEE 0
20 B 115ms
114ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17611047210511251533&x=1&ct=77

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6BEE 89 KB
31 KB 85ms
84ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31438
x-xss-protection: 0
server: cafe
etag: 13183557946744512263
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 6BEE 3 KB
1 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 09:22:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30351
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 09:22:03 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/ Frame 6BEE 20 KB
8 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230912/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 07:15:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8275
x-xss-protection: 0
server: cafe
etag: 7349537481621356269
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 07:15:18 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6BEE 0
0 19ms
16ms Image
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFdTcwlK_VS89SfZNZoO2XDnvFlpc443Of8baLCuan37EwhO9blIxz8LodMqglmpDInQWNr8BL-mebKxTvFWK7xC3zbw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BEE 182 KB
57 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 17:47:54 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A81F 624 B
242 B 48ms
47ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUo1t13JC2zEChDmE2cYlIDJGoJxAVuRfUB8UZ1I6tl1oms3lVzR1XW7NFin1EB4-XYwU7jRh2RDtgNGzV8bZba2FlCvjE-ETvfZAI6FiCZunjkxZ0-pJqS5Sx0efZS372WZq7ivmFcjkf8PVpkWoZ58hwIz3gsfFs24T6dLTShnhFbrso

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame A81F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1

43 B
336 B

23ms
23ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUo1t13JC2zEChDmE2cYlIDJGoJxAVuRfUB8UZ1I6tl1oms3lVzR1XW7NFin1EB4-XYwU7jRh2RDtgNGzV8bZba2FlCvjE-ETvfZAI6FiCZunjkxZ0-pJqS5Sx0efZS372WZq7ivmFcjkf8PVpkWoZ58hwIz3gsfFs24T6dLTShnhFbrso
Protocol: H2
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qK0PsUbSGo3jdS9Amh%2FilwNOCLEAQEpvBmEYwisOTqeXvkKsIlKw2Ynb7kvDt8OUBADxkPb5dgTJF3289fiThM%2B6sPR1zfZcAof%2B76VIXNrsvssbw6iMg3FqR6Q6j73KT0aZgZapt0nuTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 806a75344a4a4d26-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame A81F
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZQNHSieLlu2JsjO2VFH3NwAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1

43 B
777 B

28ms
28ms

Image
image/gif

172.64.148.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUo1t13JC2zEChDmE2cYlIDJGoJxAVuRfUB8UZ1I6tl1oms3lVzR1XW7NFin1EB4-XYwU7jRh2RDtgNGzV8bZba2FlCvjE-ETvfZAI6FiCZunjkxZ0-pJqS5Sx0efZS372WZq7ivmFcjkf8PVpkWoZ58hwIz3gsfFs24T6dLTShnhFbrso
Protocol: H3
Server: 172.64.148.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1OhwlFdnUOMZOTxHuHsCiw%2BWXNdU64Tcl7fAjHz1y4WqPk%2FvW6TDFr4WEdM5Q3kvZAr4t5LxETa%2BWPZojQQR6r9svS%2FJAiLb9BkcyR%2Fr%2BEn7wMYav9emax2%2FU9uPF4QdWLmuvqnIVqlg7g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 806a75349c5d9ba0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJLU5tBPC5MApd30GXX7iFU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame A81F
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEPxnrPXG-DBIZB9XbCCoBIE&google_cver=1

43 B
841 B

8ms
7ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEPxnrPXG-DBIZB9XbCCoBIE&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjgyrvGATAB&v=APEucNUo1t13JC2zEChDmE2cYlIDJGoJxAVuRfUB8UZ1I6tl1oms3lVzR1XW7NFin1EB4-XYwU7jRh2RDtgNGzV8bZba2FlCvjE-ETvfZAI6FiCZunjkxZ0-pJqS5Sx0efZS372WZq7ivmFcjkf8PVpkWoZ58hwIz3gsfFs24T6dLTShnhFbrso

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
an-x-request-uuid: 963a8bc5-8fd3-4e2b-8c6f-31a0784f277f
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 45.141.152.72; 45.141.152.72; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEPxnrPXG-DBIZB9XbCCoBIE&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A81F
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNDg1NDgyNjU4MDIwMTgzNw%3D%3D

170 B
244 B

19ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNDg1NDgyNjU4MDIwMTgzNw%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
an-x-request-uuid: cb9645ce-2473-407e-811e-570d43733f56
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzQyNDg1NDgyNjU4MDIwMTgzNw%3D%3D
x-proxy-origin: 45.141.152.72; 45.141.152.72; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
175 B 16ms
16ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:54 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BEE 0
20 B 113ms
113ms Ping
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6034842881152&version=m202309120101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BEE 0
20 B 112ms
112ms Ping
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6034842881152&version=m202309120101&ct=77&x=1&cor=17611047210511251000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6BEE 16 KB
12 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CscYoJY7Gl_rorn1KQF1TuwjN0sBnq_bMXwbdBVWw1L2KCnorrmya7S6uIpSb77jJeKj7xapLUOx8DsztRq07Li_CTFj7BQ2wHLdwQrAdvOx0y_U_ZPs7no8hJJyT8tuh8fdY8rAK_j4zMqwjJO269kpe2Q1PcIWNnXSWnbX0y_QzRqG0&cry=1&dbm_d=AKAmf-Aro6Cv6LvdrbwUL6XSUXUXnx8hAmc6B_v0fUNo2rXW0GBmKccnh_KtHCaRFI-amtdnRQjR0dFHkFfP1XNzCre3PPuUHPLbE_3DgAKgw_10xf1ZIzsvYL7i7U2u3zX-9tcAl4J6Xwe6-WD8XCoF7oO8Gkat58Uyz6MD_ybYK7jxX0lJRrX0t1zqM5T0UPLQZJBtjCfRPIn3lpZmlC2Lq9xdk4Ktzy3NytSeK0ejBICsaFXtGsiGGX0_CKLKJu6NtAqcWfIviKNhnKre6B9-cGmdGq5qXSW9v6KBUjAS-KzYkJ8sZhRLasVpos3l6sk-f2-dp1N9FF0g5zbj8HyHsaMvZYuDKUvHO1rxJ8RULID_nZNS7s89CiH5xUWUkHyaQA564BGjBmOqio9ngK5v5xi1MEYPuGyqChd4FsbRGTh1Yg-mqoJby0jT8BvgjOvzmMzvz_5yKBwNH_bJxezqKA18CVdsSLLIie4aclA8OLFilDqyOrv1WcF5N3oq39zZoz6TuG2iEPcBRnBgHqjnw7kjUMwYFKhO_8Ti9Ip1BcUYogtGG69aNbmjLjd7aommvNnGIC8FX1tSRIkqpu5C5NEX30xUMcmNm6dAFFHjnHCf6ueNZIiDjqCS7BDHgPOwL0EA3ENk9xn_kIZRyVcuooN0cZ_ijOwjFeDqrjJmbGXRW40cEF9294x08q447lPVrht8Ruqwxv7PCQ7km1UumhjiUhYqlDKQlHjTh3sfYQfqFoq2Cxeeoj9qNG0QaO2JvUbkS8nrwIaE8qF-mjLuqhmnHl-OG2iaV1lvAtme_LIZQix_UuKZJeDBoqCgn289vtQA4lv68UMNXvUmTx0g4XrRAtxUu0TvKO1iWrDEmqGzVwHYhhLWaQ6Q92TR4GWMWXURCiG6ySyauI5ZOvjz9KsrnkDtUdABky0GEOaiFSz-dnyDEO3QZ6hdPHR_Odzk4qoKeEsekNq2VgcYzzJPNW3hqvMPpDZk3YVplT-eiw7WUcmR64cxl-bYrmSC-qtPGVvK27ysjXXRBoDYfKA8dsL7Tvp_V3quQk1iN_TZfKXB6NWkCylTEnnNOp0mAP4XQViSA5u_Nn7eIHfYVhu6KkyZ7vqcX4sE5VjSPaJqvYVr3-qgrqFLSIBv_35ifIkZZefc3exWcwNeoaAZcfXyaTyCNROPw0rC5uTNV70V1KVZRxGzKI536ubfEkHRi1I1aTBj6UjSA2Gnf8nS7nzvslw4N1qsYlbmwedy72y9bHiaIEnJzzIeeFJLHYDPhwypwTCTbXKzNJOqnI2ASpmGfXPE7HCbBCFuQbuYpQYpaaIu44YLK0-5EGwFjkq5kqLaFXz1McTZqHoiNcq7ubU7cqJiT0uR9LJCUe0pN4K5UVkzBK9KthPO7K8rlrtlbMWnsuoTBeL3HErH2E1N9AOYTqCypToXz3HAi4lQNVoG6QUxCaDtE7JenvV9J7iFskLHWZ8bBnmJ-QbwdaH5lw274HY8QZUJWfcLmdR7NPep-YE9EO4ngZT8y-R1ozXdjU_M3D2Z5NONaFDBB9X7xVtQHRbaVSecA9FMHdDasTlw8_jURpyhVFVs4WFARpBbonnLSyfd4MNCJEiyE3pnNyeMhzr0jJQIx-RVHn_G1BsUqPK4-sRUXQPT8lAKRBqdickkxyx4ddW9VWCmXdnbPMaPBOcsE3JROodOPofndMOf2qCB0CEIaFBlKQICKul1XtlrzJenrH-P8eIBbcr4z9Ja9DCKJK10qc-M3NoUZnRWLjQ2U4GjqlrWPkpOpYhF8KFupb37emA4wF4Ypa1s05lQQB4vPFzIkFUTgITP-AJTzGwJ7143JaSDiqPqKRrxjAMGOxLAEdqRetL0hMh8Y7C81bQOi0rZCYFs5QHWgtyZjHjn5N3TpE1uCtXWdFz3jDO8SzTJSJ8Kim0t2WoRo4QnXB6p-YC3oKG1tTXhGjIMtUorOymjk3tJCr37_aGoFN9lmEh0qKDYAVVqJnxpRmngIplz9U3Sydv2BVvuIO7A69On3mB1YjUuzL8LjHyzTRpAJ9cZ1KJbTM-wVRrHSZ65XAAosSBnDL1k5Q5seqzqMraXIwEqsCZzPnBuSEJ4KEwoFdgPcZuU-tkqcd3fJEjPJ_zAtX0SmAKk6WHfjBLjsn5Lp9U6pwZ4lm-wlfSqQ_qugF964X_sgjXhLhHd1xf7RpdRe2LpupUzeVMUP0B5yF_jB7pPRAxvB72-1KLEWH1gro_SeZclBtBqdX_woARFztm-__B4TXEsaNODNY2RpbwKFO95AC599XMEogctFfEUdxM2Ib0yjKC_a7P9uqsdJjsbVg02vd0nDCovEwMmyrkrX2fwhRpNHxEeXO12qO-28weoxN-Hz1bKsBlsf-F3S0A-wfglzoD_B94_J_oBX2Ae78Nva4Yt5OzeJ2tMgSRqz2OXePAySOYNvNgDVsN-MaftspM1QaK0wbJYiIeidJzJft-bcuA4b-XauCumfWlURs0PpVyxQlvqwmtXtgEV29qRgJWFQmC_SgQ5HGMUAOONAKfmiCBi2n_jjv9IJ8nWTKFhQuiE58GX045jV9NuFAN9dD13qwTclRVLnwTCKHYh3VS6VqY_22UWyU0nOk7JMh2xOU4zvEUEL7Bnr-kjdhWQgcobCjTJKUFo0ZAOXjh1pIhAcpfNAIg0gKlYTXcoCH-wtrPS9AAQgqEzFaThpXn_M_Y9du4Z19v3v7W8Jy7XJ8HThMHbx8axwmhZDIqhRZ4nKf0h7hSiSduoI5SaIesWoKeyDrVtNJHctduAN_xckNkf6hRiJpyCZd8OcfF0HFV2GfWB_j-DibDxh8jrFBzT6M46lt1yBTc0XYhstkMLZX43MRnEoisyStFkQEIs2MQF2juRAGhkvdWNhVYsFaoRdvPeFZmmekZA4B0w1t7o6kK12MM1zjnJYicAbP6TPG9G1LxE7ucB7C-b_yUmj4odL6le3VmPkK9rlnCFrw69l7HTWk0Qt2R81GSc5Ea0aL9pBJYlSM7wMos3jX5IPS7GNWJ9dEZYm4hcZZ8IwKzHol3_HNTJg-WSdMIQRzpF_FayA_cz26KIFaCDBJ0ODByKJhawCL_ft0kxg9Y2E4wGUu_Sk24cxZ2ozb-kDxp8wY3XNJff3ct4ExYaRyh6nrAtVZRE-4YODBic3WjIxh3YkiMfLpHEZOMtgEWj-eW-_vVbY_t1PH-LBPqEk0e95irZ0zVP8l8tp-e_fBR2wnfd3MUmriRIWVPgfZ44I_QahtIzPM_9bbtOWmHcUFGaq9z04_JFZiGMULyhxRCsq3L9h9Yhj53fi1BHHEkU-SWLpQaacMdznjf0OiDHzaxu90E311AIPSCOa4jZokFz3eQgVwikX_iERn3bpC4AYuuWUeZ-EAyAcjaQBSeCgQaaz56OMnlFQwDIRJomnKtsTb4WDjSGdsVz1bAZ9HbcO-zcQI2To3Th5RuJ-Z9AIEgLdm-Pjuq88gh__MRBd3dYmMashMneQFAc9BRu3VTjDNmVa2CC0AhDb2CDSyqDgLFVg_ebmkusUCY89FpW-aAEXhmM7QqZ7tMjWmOM9T_Fe-FU-DTGOOm_sTeSsPUpzcNoeu3k8Ythy9aaqvAHX3hqP3KPBXgzXUwTUaxS8UMu20bIYZD1oc6-LwgyMZd1ROSep0xGgpprStnp5hHj4JhCJLHqnUN0MeJDkh7d_skxDZJIn_REgkOC1y4oJoNY6Ye2Hdj5wwLheNs9UW6Pk0aa91a25ID9nnozZK0wy8OTKP0nSoc2Mo0dx5lprEuMQoImQLZw7ZY_oWquINXJH0ti-Nt-5TDNVvHnKr1-bDPc3Fm7eJHQbSbQQ9ncuFyEl5XzmFrXW3vp7zirGi8eNW5FWyfz4DZYtQuth5ML4YztHeiOrcTem0_6QLek6BgEV0W-s-TFnPD2IA&cid=CAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=17611047210511251000&adk=4022746785&idt=99&cac=0&dtd=13

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70e4ae8659448497b65a957b6add53b026f97543c2ab2fef9c48c048c187001c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11901
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6BEE 41 KB
13 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CscYoJY7Gl_rorn1KQF1TuwjN0sBnq_bMXwbdBVWw1L2KCnorrmya7S6uIpSb77jJeKj7xapLUOx8DsztRq07Li_CTFj7BQ2wHLdwQrAdvOx0y_U_ZPs7no8hJJyT8tuh8fdY8rAK_j4zMqwjJO269kpe2Q1PcIWNnXSWnbX0y_QzRqG0&cry=1&dbm_d=AKAmf-Aro6Cv6LvdrbwUL6XSUXUXnx8hAmc6B_v0fUNo2rXW0GBmKccnh_KtHCaRFI-amtdnRQjR0dFHkFfP1XNzCre3PPuUHPLbE_3DgAKgw_10xf1ZIzsvYL7i7U2u3zX-9tcAl4J6Xwe6-WD8XCoF7oO8Gkat58Uyz6MD_ybYK7jxX0lJRrX0t1zqM5T0UPLQZJBtjCfRPIn3lpZmlC2Lq9xdk4Ktzy3NytSeK0ejBICsaFXtGsiGGX0_CKLKJu6NtAqcWfIviKNhnKre6B9-cGmdGq5qXSW9v6KBUjAS-KzYkJ8sZhRLasVpos3l6sk-f2-dp1N9FF0g5zbj8HyHsaMvZYuDKUvHO1rxJ8RULID_nZNS7s89CiH5xUWUkHyaQA564BGjBmOqio9ngK5v5xi1MEYPuGyqChd4FsbRGTh1Yg-mqoJby0jT8BvgjOvzmMzvz_5yKBwNH_bJxezqKA18CVdsSLLIie4aclA8OLFilDqyOrv1WcF5N3oq39zZoz6TuG2iEPcBRnBgHqjnw7kjUMwYFKhO_8Ti9Ip1BcUYogtGG69aNbmjLjd7aommvNnGIC8FX1tSRIkqpu5C5NEX30xUMcmNm6dAFFHjnHCf6ueNZIiDjqCS7BDHgPOwL0EA3ENk9xn_kIZRyVcuooN0cZ_ijOwjFeDqrjJmbGXRW40cEF9294x08q447lPVrht8Ruqwxv7PCQ7km1UumhjiUhYqlDKQlHjTh3sfYQfqFoq2Cxeeoj9qNG0QaO2JvUbkS8nrwIaE8qF-mjLuqhmnHl-OG2iaV1lvAtme_LIZQix_UuKZJeDBoqCgn289vtQA4lv68UMNXvUmTx0g4XrRAtxUu0TvKO1iWrDEmqGzVwHYhhLWaQ6Q92TR4GWMWXURCiG6ySyauI5ZOvjz9KsrnkDtUdABky0GEOaiFSz-dnyDEO3QZ6hdPHR_Odzk4qoKeEsekNq2VgcYzzJPNW3hqvMPpDZk3YVplT-eiw7WUcmR64cxl-bYrmSC-qtPGVvK27ysjXXRBoDYfKA8dsL7Tvp_V3quQk1iN_TZfKXB6NWkCylTEnnNOp0mAP4XQViSA5u_Nn7eIHfYVhu6KkyZ7vqcX4sE5VjSPaJqvYVr3-qgrqFLSIBv_35ifIkZZefc3exWcwNeoaAZcfXyaTyCNROPw0rC5uTNV70V1KVZRxGzKI536ubfEkHRi1I1aTBj6UjSA2Gnf8nS7nzvslw4N1qsYlbmwedy72y9bHiaIEnJzzIeeFJLHYDPhwypwTCTbXKzNJOqnI2ASpmGfXPE7HCbBCFuQbuYpQYpaaIu44YLK0-5EGwFjkq5kqLaFXz1McTZqHoiNcq7ubU7cqJiT0uR9LJCUe0pN4K5UVkzBK9KthPO7K8rlrtlbMWnsuoTBeL3HErH2E1N9AOYTqCypToXz3HAi4lQNVoG6QUxCaDtE7JenvV9J7iFskLHWZ8bBnmJ-QbwdaH5lw274HY8QZUJWfcLmdR7NPep-YE9EO4ngZT8y-R1ozXdjU_M3D2Z5NONaFDBB9X7xVtQHRbaVSecA9FMHdDasTlw8_jURpyhVFVs4WFARpBbonnLSyfd4MNCJEiyE3pnNyeMhzr0jJQIx-RVHn_G1BsUqPK4-sRUXQPT8lAKRBqdickkxyx4ddW9VWCmXdnbPMaPBOcsE3JROodOPofndMOf2qCB0CEIaFBlKQICKul1XtlrzJenrH-P8eIBbcr4z9Ja9DCKJK10qc-M3NoUZnRWLjQ2U4GjqlrWPkpOpYhF8KFupb37emA4wF4Ypa1s05lQQB4vPFzIkFUTgITP-AJTzGwJ7143JaSDiqPqKRrxjAMGOxLAEdqRetL0hMh8Y7C81bQOi0rZCYFs5QHWgtyZjHjn5N3TpE1uCtXWdFz3jDO8SzTJSJ8Kim0t2WoRo4QnXB6p-YC3oKG1tTXhGjIMtUorOymjk3tJCr37_aGoFN9lmEh0qKDYAVVqJnxpRmngIplz9U3Sydv2BVvuIO7A69On3mB1YjUuzL8LjHyzTRpAJ9cZ1KJbTM-wVRrHSZ65XAAosSBnDL1k5Q5seqzqMraXIwEqsCZzPnBuSEJ4KEwoFdgPcZuU-tkqcd3fJEjPJ_zAtX0SmAKk6WHfjBLjsn5Lp9U6pwZ4lm-wlfSqQ_qugF964X_sgjXhLhHd1xf7RpdRe2LpupUzeVMUP0B5yF_jB7pPRAxvB72-1KLEWH1gro_SeZclBtBqdX_woARFztm-__B4TXEsaNODNY2RpbwKFO95AC599XMEogctFfEUdxM2Ib0yjKC_a7P9uqsdJjsbVg02vd0nDCovEwMmyrkrX2fwhRpNHxEeXO12qO-28weoxN-Hz1bKsBlsf-F3S0A-wfglzoD_B94_J_oBX2Ae78Nva4Yt5OzeJ2tMgSRqz2OXePAySOYNvNgDVsN-MaftspM1QaK0wbJYiIeidJzJft-bcuA4b-XauCumfWlURs0PpVyxQlvqwmtXtgEV29qRgJWFQmC_SgQ5HGMUAOONAKfmiCBi2n_jjv9IJ8nWTKFhQuiE58GX045jV9NuFAN9dD13qwTclRVLnwTCKHYh3VS6VqY_22UWyU0nOk7JMh2xOU4zvEUEL7Bnr-kjdhWQgcobCjTJKUFo0ZAOXjh1pIhAcpfNAIg0gKlYTXcoCH-wtrPS9AAQgqEzFaThpXn_M_Y9du4Z19v3v7W8Jy7XJ8HThMHbx8axwmhZDIqhRZ4nKf0h7hSiSduoI5SaIesWoKeyDrVtNJHctduAN_xckNkf6hRiJpyCZd8OcfF0HFV2GfWB_j-DibDxh8jrFBzT6M46lt1yBTc0XYhstkMLZX43MRnEoisyStFkQEIs2MQF2juRAGhkvdWNhVYsFaoRdvPeFZmmekZA4B0w1t7o6kK12MM1zjnJYicAbP6TPG9G1LxE7ucB7C-b_yUmj4odL6le3VmPkK9rlnCFrw69l7HTWk0Qt2R81GSc5Ea0aL9pBJYlSM7wMos3jX5IPS7GNWJ9dEZYm4hcZZ8IwKzHol3_HNTJg-WSdMIQRzpF_FayA_cz26KIFaCDBJ0ODByKJhawCL_ft0kxg9Y2E4wGUu_Sk24cxZ2ozb-kDxp8wY3XNJff3ct4ExYaRyh6nrAtVZRE-4YODBic3WjIxh3YkiMfLpHEZOMtgEWj-eW-_vVbY_t1PH-LBPqEk0e95irZ0zVP8l8tp-e_fBR2wnfd3MUmriRIWVPgfZ44I_QahtIzPM_9bbtOWmHcUFGaq9z04_JFZiGMULyhxRCsq3L9h9Yhj53fi1BHHEkU-SWLpQaacMdznjf0OiDHzaxu90E311AIPSCOa4jZokFz3eQgVwikX_iERn3bpC4AYuuWUeZ-EAyAcjaQBSeCgQaaz56OMnlFQwDIRJomnKtsTb4WDjSGdsVz1bAZ9HbcO-zcQI2To3Th5RuJ-Z9AIEgLdm-Pjuq88gh__MRBd3dYmMashMneQFAc9BRu3VTjDNmVa2CC0AhDb2CDSyqDgLFVg_ebmkusUCY89FpW-aAEXhmM7QqZ7tMjWmOM9T_Fe-FU-DTGOOm_sTeSsPUpzcNoeu3k8Ythy9aaqvAHX3hqP3KPBXgzXUwTUaxS8UMu20bIYZD1oc6-LwgyMZd1ROSep0xGgpprStnp5hHj4JhCJLHqnUN0MeJDkh7d_skxDZJIn_REgkOC1y4oJoNY6Ye2Hdj5wwLheNs9UW6Pk0aa91a25ID9nnozZK0wy8OTKP0nSoc2Mo0dx5lprEuMQoImQLZw7ZY_oWquINXJH0ti-Nt-5TDNVvHnKr1-bDPc3Fm7eJHQbSbQQ9ncuFyEl5XzmFrXW3vp7zirGi8eNW5FWyfz4DZYtQuth5ML4YztHeiOrcTem0_6QLek6BgEV0W-s-TFnPD2IA&cid=CAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB&dv3_ver=m202309120101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=17611047210511251000&adk=4022746785&idt=99&cac=0&dtd=13

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:26:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 13 Sep 2024 17:26:14 GMT

GET
H/1.1 200
OK wmoiqux43uzw Show response
hal9000.redintelligence.net/zone/ Frame 6BEE 12 KB
4 KB 59ms
13ms Script
text/html 78.46.111.106
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal9000.redintelligence.net/zone/wmoiqux43uzw?subid=&gdpr=&gdpr_consent=&rnd=1694713674258187&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0iAoSkcDZYvhD42BngW6t6SwB6blvaBpvZOcp8kP8C4QASDSzIEaYJXikIKgB8gBCakCsC-WgVUAsj6oAwHIA5sEqgSKAk_QqNu93v9nwOoS4XGwnbuTbdKf4557THRXND8-x2XRugGwHdcVCIaUo93Y3KUSjsCIPkp4RxOxTGaYFv5bfrNUTg1xJRGLSnzSFVOWdtVkonPIlQFwB9dUfDIRwjoItMKVlLzFivr35ht_AfrK-M-5XnCbMyPFcUGW99JMMnW59HYTpXSgn_LrKCddljpIpP9n1Vut6kKUt-Gwbz9bYn8gVkdsQHrG1zx8kw6V6Rbt-d0bujtUQ9v7ndWTT1yPGSfjTNz9N5L2TAohJKYeBMqzYNdaekELPNWmbJDXpvgQf1dE4mfSy-RfVka54NQlGNFOFSPPIF96v74jSn7-dcrKAYEZLPs5QjghwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIi66ztNSqgQMVjYCnCh26Gwl2EAEYASAAEgI2UvD_BwE%26num%3D1%26cid%3DCAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB%26sig%3DAOD64_3PqMKcN_eTks2hCOc-4MZNBI8PMQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Ad1JPJ40yvc7rP_DGz3hNS9-br4cwuJc6noSp2Gj4VZNG4QK7iQKv21IkQDD-n_2WJb3ObG0_0bfTjN0rSvF_BqEQsYvDGxSQSSU4l6vQI_dVVU3fLCTM6aTK8D4KgMV5BF1mxTkUUfIwsuxjmZneV3RZPChEf0tM414L7t002dcWy5z4%26cry%3D1%26dbm_d%3DAKAmf-CEPU-BSitvUEq5Pjz2iGzN9yitY7MAeycy7rAQVC67-kREHEYqVJXVrBOXj5E6Ziy71PChTHJi-xzFewBwEXPshsKy00Ey-gt1hJCIclFZBeXTFHxG7PIH1uOWmjxKAAbM3sXMGN4bnPIDbNayY21Av_stzKSpGVC03YTg-vzIX_aO2K18t4eEV2DZh6G38JHXbQBnhlfsAmWvy9cPSEN1E6R93FLsldO_M9ysWAQpZ-d-u2ZuGdjzErzY1LUpKbGypw1lM5UEiNekvcGWaYihX-0zkd1EuhtLx-RFdyDDKr8uzzPibF1L8WVeXUcKRHc8et-260jpsiTAd3YMcKBXG3tXOTw99sHuy6SW8yHn3H8TGqdEpAyIQjBBOzOqskpy3Nt0l7Rv9DhAWc-hO8FZSafFtI7CO5nTr0pZpJdEyVmMW1Ma2gbRyMQnspqR3f8xVzQQX6pqQ1JMT-adNRMBqiSPLZYDAdR6kFeGHiNoTMywUdKOeE7C8a600VcsIwspX3TNDiL929B1WYeQaZt3TTas8ZnU4CzSCqC9jibLURmZNPt0_yOfdt5wZAw_dvKApoLWtVz2ILg1dj5CsRKUF1d0tBxE1jrY_7-xuG7x0SkXmkJY_-Elk7g2niKTOeb-CLiM%26adurl%3D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 78.46.111.106 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.106.111.46.78.clients.your-server.de
Software: Apache /
Resource Hash: 5f4025b3492b5e229bc398405e83150b539da7b98a2300d036bbe4a607f7bef8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 17:47:55 GMT
Content-Encoding: gzip
Server: Apache
Connection: close
Content-Length: 4286
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A08 22 KB
8 KB 11ms
10ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37953
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:15:21 GMT
expires: Fri, 13 Sep 2024 07:15:21 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8208 0
0 113ms
113ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309130101&jk=4232940525693584&bg=!mpmlmdbNAAa6D61Rmg87ADQBe5WfODW-QWLktGgkgT0vuJREZ0bD66ZlFTgC0AOrx6SRPAI_0A2wqDDCNFc1Dp0Pnoo2AgAAAKdSAAAADGgBB5kDGzF36weqYocs2K9hE3W5E0rfUEHtR438iGY3eEWHGYTsEqmz6oyFKk3Mj7du7bxROjfpxlfSInk6xjLxLpRTDPDY_MW9xcJozoF6WOjXbjV1pbeicl7UiOAkMY_RKAesbZf0zN15yvnbcRJ6Nh--74bm_XLZ4FJnguKrBd89CUz9FUTK7L7BvhVRKU2Ae99K-nOtDFqhUcNQ2kkDLYKGNnqcMr3P2NwIHHho-o2_pHLHWyqLITXxV4XfCDCVseAqyF3TEItQl6p5qGn1_1PA7oeFZ3l7G8_5ga_Rhhg8ljD_hkMq1ELC_nfv-A_ldsyU-rhkDW1Tol9J5jrJHWUnD-maJxi9feGZOwt549WJjFiT0Yae6NBOGSwZ2LQWkKAqFde-FG6Nde_A1Wtc8Vvjnka45RDvcn5VgltkEtZ8NP2OztMOOnQApBx8iFql1mOuksyE9GfcUSufrN5nqkJ2uHuEYXjI0x7urxOEfYT__lL6xZBG4lYKGH22S588Vx5XHlaXHpNInd1tjdPTPZGoRtTFvFhRD3-5I_b3eUfG5WUCXgpuFJfOgIvw7eeec7N6Me3FiZmX62mGeqd5a0UK521hu7bTJHkSCDmoHVLNAB2VeLDzrFzJ7FikuSQrP7lA7T-EuLAGPigdFlceUBaJmm5F9-jzE8ZQHPU_JpEL7wAMjok8_FCbRhIU-_j3eICf--TGpE-LDmSRwzH2OhgnOp2UfGOBpXo3jBOfuGh1JkWBGhVIEmgfG1yHBa3lgO_EBDLxxGdML1wq2ry1vXXHoUpqxteKUrvba1J2sHcVIvDIHIr55Ey3T3J9A9BJMaVprWImPLo7gcRxuoCH0V9P3v47IIITdekWPMaPrql0LxQ4zInXssZatkQpPyug1c95VCboJWqgedOZZDYdfa7Dg-6PTU566LLoGm6Bvvz9HfohAh-C0fzn1kTZJ49Zk3G_lHm8669LtydP26npyhIGMtCDVmx8y78ebjpK-6fGni3ZJ2tn9EqXxcyZVWNcAE-tJQ5FXGhXBnrgSU1wlBvFUPuw_QIkSgR_N1kdnA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A08 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 09:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117915
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 09:02:40 GMT

GET
H/1.1

200
OK

request.php Show response
hal90003.redintelligence.net/ Frame 6BEE
Redirect Chain

https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...
https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&cli...

2 KB
1 KB

111ms
85ms

Script
application/x-javascript

138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0iAoSkcDZYvhD42BngW6t6SwB6blvaBpvZOcp8kP8C4QASDSzIEaYJXikIKgB8gBCakCsC-WgVUAsj6oAwHIA5sEqgSKAk_QqNu93v9nwOoS4XGwnbuTbdKf4557THRXND8-x2XRugGwHdcVCIaUo93Y3KUSjsCIPkp4RxOxTGaYFv5bfrNUTg1xJRGLSnzSFVOWdtVkonPIlQFwB9dUfDIRwjoItMKVlLzFivr35ht_AfrK-M-5XnCbMyPFcUGW99JMMnW59HYTpXSgn_LrKCddljpIpP9n1Vut6kKUt-Gwbz9bYn8gVkdsQHrG1zx8kw6V6Rbt-d0bujtUQ9v7ndWTT1yPGSfjTNz9N5L2TAohJKYeBMqzYNdaekELPNWmbJDXpvgQf1dE4mfSy-RfVka54NQlGNFOFSPPIF96v74jSn7-dcrKAYEZLPs5QjghwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIi66ztNSqgQMVjYCnCh26Gwl2EAEYASAAEgI2UvD_BwE%26num%3D1%26cid%3DCAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB%26sig%3DAOD64_3PqMKcN_eTks2hCOc-4MZNBI8PMQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Ad1JPJ40yvc7rP_DGz3hNS9-br4cwuJc6noSp2Gj4VZNG4QK7iQKv21IkQDD-n_2WJb3ObG0_0bfTjN0rSvF_BqEQsYvDGxSQSSU4l6vQI_dVVU3fLCTM6aTK8D4KgMV5BF1mxTkUUfIwsuxjmZneV3RZPChEf0tM414L7t002dcWy5z4%26cry%3D1%26dbm_d%3DAKAmf-CEPU-BSitvUEq5Pjz2iGzN9yitY7MAeycy7rAQVC67-kREHEYqVJXVrBOXj5E6Ziy71PChTHJi-xzFewBwEXPshsKy00Ey-gt1hJCIclFZBeXTFHxG7PIH1uOWmjxKAAbM3sXMGN4bnPIDbNayY21Av_stzKSpGVC03YTg-vzIX_aO2K18t4eEV2DZh6G38JHXbQBnhlfsAmWvy9cPSEN1E6R93FLsldO_M9ysWAQpZ-d-u2ZuGdjzErzY1LUpKbGypw1lM5UEiNekvcGWaYihX-0zkd1EuhtLx-RFdyDDKr8uzzPibF1L8WVeXUcKRHc8et-260jpsiTAd3YMcKBXG3tXOTw99sHuy6SW8yHn3H8TGqdEpAyIQjBBOzOqskpy3Nt0l7Rv9DhAWc-hO8FZSafFtI7CO5nTr0pZpJdEyVmMW1Ma2gbRyMQnspqR3f8xVzQQX6pqQ1JMT-adNRMBqiSPLZYDAdR6kFeGHiNoTMywUdKOeE7C8a600VcsIwspX3TNDiL929B1WYeQaZt3TTas8ZnU4CzSCqC9jibLURmZNPt0_yOfdt5wZAw_dvKApoLWtVz2ILg1dj5CsRKUF1d0tBxE1jrY_7-xuG7x0SkXmkJY_-Elk7g2niKTOeb-CLiM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=7951422904576&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Protocol: HTTP/1.1
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: ce169b641704d42c46505444e0aa59c302ad0e32f780752ce366b200ae4c73f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 17:47:55 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type: application/x-javascript; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId: 66596700151096404444994012447003
Connection: close
Content-Length: 893
Expires: Thu, 14 Sep 2023 18:47:55 +0200

Redirect headers

Pragma: no-cache
Date: Thu, 14 Sep 2023 17:47:55 GMT
Server: Apache
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location: request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0iAoSkcDZYvhD42BngW6t6SwB6blvaBpvZOcp8kP8C4QASDSzIEaYJXikIKgB8gBCakCsC-WgVUAsj6oAwHIA5sEqgSKAk_QqNu93v9nwOoS4XGwnbuTbdKf4557THRXND8-x2XRugGwHdcVCIaUo93Y3KUSjsCIPkp4RxOxTGaYFv5bfrNUTg1xJRGLSnzSFVOWdtVkonPIlQFwB9dUfDIRwjoItMKVlLzFivr35ht_AfrK-M-5XnCbMyPFcUGW99JMMnW59HYTpXSgn_LrKCddljpIpP9n1Vut6kKUt-Gwbz9bYn8gVkdsQHrG1zx8kw6V6Rbt-d0bujtUQ9v7ndWTT1yPGSfjTNz9N5L2TAohJKYeBMqzYNdaekELPNWmbJDXpvgQf1dE4mfSy-RfVka54NQlGNFOFSPPIF96v74jSn7-dcrKAYEZLPs5QjghwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIi66ztNSqgQMVjYCnCh26Gwl2EAEYASAAEgI2UvD_BwE%26num%3D1%26cid%3DCAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB%26sig%3DAOD64_3PqMKcN_eTks2hCOc-4MZNBI8PMQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Ad1JPJ40yvc7rP_DGz3hNS9-br4cwuJc6noSp2Gj4VZNG4QK7iQKv21IkQDD-n_2WJb3ObG0_0bfTjN0rSvF_BqEQsYvDGxSQSSU4l6vQI_dVVU3fLCTM6aTK8D4KgMV5BF1mxTkUUfIwsuxjmZneV3RZPChEf0tM414L7t002dcWy5z4%26cry%3D1%26dbm_d%3DAKAmf-CEPU-BSitvUEq5Pjz2iGzN9yitY7MAeycy7rAQVC67-kREHEYqVJXVrBOXj5E6Ziy71PChTHJi-xzFewBwEXPshsKy00Ey-gt1hJCIclFZBeXTFHxG7PIH1uOWmjxKAAbM3sXMGN4bnPIDbNayY21Av_stzKSpGVC03YTg-vzIX_aO2K18t4eEV2DZh6G38JHXbQBnhlfsAmWvy9cPSEN1E6R93FLsldO_M9ysWAQpZ-d-u2ZuGdjzErzY1LUpKbGypw1lM5UEiNekvcGWaYihX-0zkd1EuhtLx-RFdyDDKr8uzzPibF1L8WVeXUcKRHc8et-260jpsiTAd3YMcKBXG3tXOTw99sHuy6SW8yHn3H8TGqdEpAyIQjBBOzOqskpy3Nt0l7Rv9DhAWc-hO8FZSafFtI7CO5nTr0pZpJdEyVmMW1Ma2gbRyMQnspqR3f8xVzQQX6pqQ1JMT-adNRMBqiSPLZYDAdR6kFeGHiNoTMywUdKOeE7C8a600VcsIwspX3TNDiL929B1WYeQaZt3TTas8ZnU4CzSCqC9jibLURmZNPt0_yOfdt5wZAw_dvKApoLWtVz2ILg1dj5CsRKUF1d0tBxE1jrY_7-xuG7x0SkXmkJY_-Elk7g2niKTOeb-CLiM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=7951422904576&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type: text/html; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Length: 0
Expires: Thu, 14 Sep 2023 18:47:55 +0200

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F2E7 0
0 115ms
113ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230912&jk=2885035107042631&bg=!VlWlVRrNAAa6D61Rmg87ADQBe5WfOJYN8BWckGRrj-U85y64xVdse0ruYqj1TGCmI8rmGpeTYOHVFlHbmBoKCqTVuZpqAgAAAKhSAAAAB2gBB5kC8aR-0qC3ABWChRRdcDEKVANZGRAaDo4LvttgRdK7Rr0KfIXHgJs2pPja-n-hi3wvR0wCKGk_XCDDMMX09VLQFKwPxHKtkPXkPvaFWdFKnGNWWH0pyuVKaiICW6YRlTGpaRZph_uJ_1yM75ntVrRdd5gI3pzMpV6BK6erRvZndtQKbL920vX65lBquUASS7TzTFHcTHFhbwfwJm42IJygCSbvlWRYd4yqGRJeh4uGA6Spjw_2wrnJK3kyDRV1y7-zivpuaybl-Zks5nAH28f7Ji6adj_6cS3_1xiA6otg9K93-rtg8O17QCCD2A8V-I8z3M6TsFH9neK00aTXRCpk7HHAwWoc4R1khGHoIqu-pljGZFJNk4nzeHn96TF_e4jQIYA_rA4O9v1gwGUFO_dkS-XmVrpC0MV9Kmllt2TQsCkcps34xaHn4fjWU_iS4A4R99VuNdckyLGBKMPiirRbOASQJDm_rnEUc5Va_HAzsnCZNiLZY-3zRF3TzkrINdmpxYFFgLFy1wDqx2AeeN9TMGE3ExnQZbpNIvY_RQr-z7MlMWt1R_881ArQinJ3LZcTEtqKa4NFoc2tWUsmhNbNZfa_ALFG1UETE_aZ5plWKdthbdCH-qPGhore4ACnnE1vlUlQQIPpH8GAL1iiwHFG9jE3uYfmFu1N90VF1MjWNCK8YVZqWbBrqy3COLdu_wZZRtMn9TwqoA4LwAsst-y0UgveIBmwQj0NqPdff35v1H8S1cgn91xdF0hi8CczXmiGe7RJwwO-PMMApYEtrqoGMXQ7iDvca0pYDkaGmSsjppfVj7ATGGytw_jKJ67SIQy08yjdpqJIAKvlZHYuMJvKbROA9YuBNUd-CDx3kIoPB5jvMkJTxGc4MlVoYTXHu72wpBXOuVOwqwr0a0DoB5qmUTPtIS6nBVh_ojxiJwKln1Lo6mLhXBaGh_hu1NWQ2lurlhiWAHIHwPM_1_zS7VtG1mBppTwb0t8_HY3wczdMj2orVQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A08 0
20 B 118ms
117ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5REQSkcDZc64ObqOjuwPioGC2AIAAAAAOAHgBAI&bg=!9fal9rnNAAa6D61Rmg87ADQBe5WfOB23zBljYTpa06rXI7ET9nhdhIu1fOZYfIqLD8X21yXZU7f2YGt40DF1EpaRxmgFAgAAAH9SAAAACGgBBwoAHLtKaFFYvV7VZma_iwcGKBmH5N-9JzFqPxl4hNiZAzge2NRb2lOH7o8j9LmFDinwsnDvMICl53ww0GzipYOXDx_P1AYfKm1MjAoycaoitUFWBe34hYgddxbfsbjjCmoddLEHads6Y08rf1qf7tLkBav31B7pj1O7mh8u-o-WfgWaXfQuxqjOlE1K3BgRSHTaDR5mZfqpuxSRqqWy6Je51I0K8bpv_PCK-PsPMIH39cAX1ih1Ol6QA76CwXfWwZoGX6rQgtlfuQc85Y80MnPtXlCQZNQ_FUQ4b6qx4G4RctESuKoeLhLo5JVcb2U8ktqKI0WkU-GHdRnrlktSBWcDWN7sSgzmMBgugB_bGFPkkRICjc2L_PR5w1TF1o-QdGlYBKsOQ3FDxB8KlyP-zL3PdAJepHJRDjUEDmeNKaJZ_PuiiSw5sNSyoDwfHmO-8A6EuvJAesgBW9QZILwvPwtcg7nEhYmxVHQZvCnBheB3jK2mJAaMK3mN3vm8giljfZdpLSB7Et8dq2tX6z7AE9TcEXKmRF4N-oMmJ_4WL28cJKxsFqdkURjSWtK5Hm9Wrb7b2oQ5-aHwqLwnuv361oeJ47OmIlXZWuR2uMsVp-FyELFDN379GGUs5uFORK8BOMIPNAn39I-Mn1VxJNo7MOsxYhyYBVGgLS2C93b5EU962GxvzDb8XZ5jol0P0RH01CO5KLk8gG40fq8YYOVWGIdU3el-naEx_lJz1ke2jDowXUEEneqPNAT065ROwD6j8gn8FrO32SPGWkFZBwgRZh4OBplyllNGrchY2zvQApWYua42FO5jehFZ-Gntwy-oy4zuTgBU54zL3_mLX_VuSPyVwu6voB9Il9V6Yt0xBey-g4Q8w4Wajc-IUs6dJmG4xMKJduMphjcwiAfqx48hF8mbrU7jSJ9VkK84pRq2UG0yAtjdkCYBKG3b6YmLlypMwsWRvLdvllnMzNPAgxB79GPkoXu1nvXc51YSqYchQvXZGqFzssKjfsEfJRlQUpdGP_b9c75wz3FfPK7WyVM2GwtTpk7iDImR53CJV4Bt7MIJ1Ym3NZ93BCNP8XZdeboifsZxtQprp2vxklBDk2c_kmydsQyetSp1UsH1w5e0LBH6pf5P5X1L9RZOwA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727 Show response
5994599.fls.doubleclick.net/ Frame 6CCD
Redirect Chain

https://5994599.fls.doubleclick.net/activityi;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727?
https://5994599.fls.doubleclick.net/activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727?

391 B
329 B

169ms
168ms

Document
text/html

142.250.186.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5994599.fls.doubleclick.net/activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727?

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f6.1e100.net

Software

cafe /

Resource Hash

dce388596b37c8a993a5b9f487b1d79e8fc6b01f9d754fb315cfb94bc262e938

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 218
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:55 GMT
expires: Thu, 14 Sep 2023 17:47:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:55 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://5994599.fls.doubleclick.net/activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK request_content.php Show response
hal90003.redintelligence.net/ Frame 4230 4 KB
2 KB 37ms
11ms Document
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/request_content.php?s=66596700151096404444994012447003&a=96f6fe9e
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request.php?zone=wmoiqux43uzw&nw=20&renderingType=javascript&namespace=0f79748e98&subid=&uid=b6265bbcbb116056&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=336x280&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC0iAoSkcDZYvhD42BngW6t6SwB6blvaBpvZOcp8kP8C4QASDSzIEaYJXikIKgB8gBCakCsC-WgVUAsj6oAwHIA5sEqgSKAk_QqNu93v9nwOoS4XGwnbuTbdKf4557THRXND8-x2XRugGwHdcVCIaUo93Y3KUSjsCIPkp4RxOxTGaYFv5bfrNUTg1xJRGLSnzSFVOWdtVkonPIlQFwB9dUfDIRwjoItMKVlLzFivr35ht_AfrK-M-5XnCbMyPFcUGW99JMMnW59HYTpXSgn_LrKCddljpIpP9n1Vut6kKUt-Gwbz9bYn8gVkdsQHrG1zx8kw6V6Rbt-d0bujtUQ9v7ndWTT1yPGSfjTNz9N5L2TAohJKYeBMqzYNdaekELPNWmbJDXpvgQf1dE4mfSy-RfVka54NQlGNFOFSPPIF96v74jSn7-dcrKAYEZLPs5QjghwATrj_yO9wPgBAOIBe-vlog-kAYBoAZNgAesrfWfA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBYIgOGAEBABGF0yAqoCOgKAQEi9_cE6gAoDmAsByAsBgAwBqg0CREXIDQGwE8yc2RLQEwDYEwOIFAHYFAHQFQH4FgGAFwE%26ae%3D1%26gclid%3DEAIaIQobChMIi66ztNSqgQMVjYCnCh26Gwl2EAEYASAAEgI2UvD_BwE%26num%3D1%26cid%3DCAQSPABpAlJWs1yv4s3SR4MtDwVM3ReFT60cxhyQQQlUEQh4JclgGmv9ZSLhLnNFqi72UGmd_KFm4oDyzbDCAhgB%26sig%3DAOD64_3PqMKcN_eTks2hCOc-4MZNBI8PMQ%26client%3Dca-pub-4485239425924787%26dbm_c%3DAKAmf-Ad1JPJ40yvc7rP_DGz3hNS9-br4cwuJc6noSp2Gj4VZNG4QK7iQKv21IkQDD-n_2WJb3ObG0_0bfTjN0rSvF_BqEQsYvDGxSQSSU4l6vQI_dVVU3fLCTM6aTK8D4KgMV5BF1mxTkUUfIwsuxjmZneV3RZPChEf0tM414L7t002dcWy5z4%26cry%3D1%26dbm_d%3DAKAmf-CEPU-BSitvUEq5Pjz2iGzN9yitY7MAeycy7rAQVC67-kREHEYqVJXVrBOXj5E6Ziy71PChTHJi-xzFewBwEXPshsKy00Ey-gt1hJCIclFZBeXTFHxG7PIH1uOWmjxKAAbM3sXMGN4bnPIDbNayY21Av_stzKSpGVC03YTg-vzIX_aO2K18t4eEV2DZh6G38JHXbQBnhlfsAmWvy9cPSEN1E6R93FLsldO_M9ysWAQpZ-d-u2ZuGdjzErzY1LUpKbGypw1lM5UEiNekvcGWaYihX-0zkd1EuhtLx-RFdyDDKr8uzzPibF1L8WVeXUcKRHc8et-260jpsiTAd3YMcKBXG3tXOTw99sHuy6SW8yHn3H8TGqdEpAyIQjBBOzOqskpy3Nt0l7Rv9DhAWc-hO8FZSafFtI7CO5nTr0pZpJdEyVmMW1Ma2gbRyMQnspqR3f8xVzQQX6pqQ1JMT-adNRMBqiSPLZYDAdR6kFeGHiNoTMywUdKOeE7C8a600VcsIwspX3TNDiL929B1WYeQaZt3TTas8ZnU4CzSCqC9jibLURmZNPt0_yOfdt5wZAw_dvKApoLWtVz2ILg1dj5CsRKUF1d0tBxE1jrY_7-xuG7x0SkXmkJY_-Elk7g2niKTOeb-CLiM%26adurl%3D&documentReferer=https%3A%2F%2Fwww.bg3.co%2F&ancestorOrigins=https%3A%2F%2Fwww.bg3.co%2Chttps%3A%2F%2Fwww.bg3.co&random=7951422904576&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: 393d0a9e62d7fafc140ff9910e4bc954b793314285551f7f6b82dd906512fb8e

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Connection: close
Content-Encoding: gzip
Content-Length: 1414
Content-Type: text/html; charset=utf-8
Date: Thu, 14 Sep 2023 17:47:55 GMT
Expires: Thu, 14 Sep 2023 18:47:55 +0200
P3P: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8578 1 KB
643 B 11ms
9ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6638
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 15:57:17 GMT
etag: 48472445140208031
expires: Fri, 15 Sep 2023 15:57:17 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BEE 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a84afb4c91af9ced3d2670d153a29698984c96919e11e48115b86613043de4cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
175 B 14ms
13ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H/1.1 200
OK S-336x280.gif
cdn.contentspread.net/24i/content/soberfb/DE/ Frame 4230 77 KB
77 KB 87ms
20ms Image
image/gif 85.114.131.235
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.contentspread.net/24i/content/soberfb/DE/S-336x280.gif
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=66596700151096404444994012447003&a=96f6fe9e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 85.114.131.235 Weil am Rhein, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS: srv21039.dus4.fastwebserver.de
Software: nginx /
Resource Hash: 389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 17:47:55 GMT
Last-Modified: Mon, 23 Jul 2018 15:19:51 GMT
Server: nginx
ETag: "5b55f217-1348d"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 78989

GET
H/1.1 200
OK viewability Show response
hal90003.redintelligence.net/ Frame 4230 0
150 B 35ms
12ms Script
text/html 138.201.63.117
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://hal90003.redintelligence.net/viewability?s=66596700151096404444994012447003&a=5adf58ca&vb=m
Requested by: Host: hal90003.redintelligence.net
URL: https://hal90003.redintelligence.net/request_content.php?s=66596700151096404444994012447003&a=96f6fe9e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 138.201.63.117 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.117.63.201.138.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hal90003.redintelligence.net/request_content.php?s=66596700151096404444994012447003&a=96f6fe9e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Date: Thu, 14 Sep 2023 17:47:55 GMT
Server: Apache
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame 4230 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8578
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIlZg0jfNYccS4dKdXqtpXA&google_cver=1&google_push=AXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIlZg0jfNYccS4dKdXqtpXA&google_cver=1&google_push=AXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCF...

43 B
418 B

192ms
182ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIlZg0jfNYccS4dKdXqtpXA&google_cver=1&google_push=AXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 806a75383eec3a64-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 473
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIlZg0jfNYccS4dKdXqtpXA&google_cver=1&google_push=AXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQmaFwKMDrljQwWrCHWKeCs10RPwldQqZoXiCpILUWUxqsYMQ8KR2A1N3PHQRjJkz6ptBF8aw2ZmRt2Jl-PDlCpinv6jCFbx8rDrbbMf5oUeocVAyUwBFs_eOT8AgZJeVp_lPjERz2kpp02qQ2ohzgC%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 806a75371d623a64-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 8578 0
187 B 81ms
14ms Image
text/plain 98.98.134.242
ZEN-ECN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESEIRi2tUMGM_WLzDbcQE-RRA&google_cver=1&google_push=AXcoOmQVhU2f8MQQPrXjh6WER-QjMmMeemTzkoqpnaTGP0nY796iBOuo817Mtd4TQ1sk5GsUeK_3PyoX55ZlkWftY0RPMKFyiemI46Q7YArwVtTMOCK0-rfquJObsizN0HYyZi2L-1jWkf8cClXFL8muzw-S
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1694706474&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1694713673649&bpp=245&bdt=698&idt=474&shv=r20230912&mjsv=m202309120101&ptt=5&saldr=sd&cookie=ID%3Deab6b7a00376ae03%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MbojC17JlhzyMZ60XjOrrBSEWz84A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&correlator=6560099811260&frm=23&ife=1&pv=2&ga_vid=1777159273.1694713673&ga_sid=1694713674&ga_hid=1103899267&ga_fc=1&nhd=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2319&biw=1600&bih=1200&isw=336&ish=280&ifk=2901239440&scr_x=0&scr_y=0&eid=44759926%2C44759842%2C44759875%2C31077698%2C31077704%2C31077838%2C31077838&oid=2&pvsid=2885035107042631&tmod=1961588873&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.okgyt7rs2ldy&btvi=1&fsb=1&dtd=492
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS: ddos.com
Software: A /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
cache-control: max-age=0,no-cache,no-store
server: A
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8578
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEEDzMNXJlv50WXlE6zFIOEE&google_cver=1&google_push=AXcoOmSM0OZ5FbZRyhZ-CkzfAoDHMchOMhkNLymYGJR5bVXCagyej2lmg8Cfq5ZPb4wSSyILLVdH-yKg6DiVHiXnSgfgvf_...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM0OZ5FbZRyhZ-CkzfAoDHMchOMhkNLymYGJR5bVXCagyej2lmg8Cfq5ZPb4wSSyILLVdH-yKg6DiVHiXnSgfgvf_6vAtL2wDW2HmdPCwyvdlAa1aG3Rk8ejFnaO5HY...

170 B
188 B

21ms
21ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM0OZ5FbZRyhZ-CkzfAoDHMchOMhkNLymYGJR5bVXCagyej2lmg8Cfq5ZPb4wSSyILLVdH-yKg6DiVHiXnSgfgvf_6vAtL2wDW2HmdPCwyvdlAa1aG3Rk8ejFnaO5HYThttXgdpAbtkJMNkBRKiRua&google_hm=eS1pZ2w4VkhCRTJwRmN0dDlZUGx4OWMyUG5JWGRDWFQuan5B

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Thu, 14 Sep 2023 17:47:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSM0OZ5FbZRyhZ-CkzfAoDHMchOMhkNLymYGJR5bVXCagyej2lmg8Cfq5ZPb4wSSyILLVdH-yKg6DiVHiXnSgfgvf_6vAtL2wDW2HmdPCwyvdlAa1aG3Rk8ejFnaO5HYThttXgdpAbtkJMNkBRKiRua&google_hm=eS1pZ2w4VkhCRTJwRmN0dDlZUGx4OWMyUG5JWGRDWFQuan5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8578
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIH9uRDyhaDy-EYuh2Jj9rY&google_cver=1&google_push=AXcoOmRdcB6RfhtlMUFNLBUmrXrjzuR2n_Pt482rTc7hHJkRgCJrWikEDxdk67FuddnlcZk4AZ8...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1KR1JLVk8tMTgtOUw0VQ==&google_push=AXcoOmRdcB6RfhtlMUFNLBUmrXrjzuR2n_Pt482rTc7hHJkRgCJrWikEDxdk67FuddnlcZk4AZ89EW_-ZuMUBP8m43Og4mxmKJ4q-...

170 B
188 B

17ms
17ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1KR1JLVk8tMTgtOUw0VQ==&google_push=AXcoOmRdcB6RfhtlMUFNLBUmrXrjzuR2n_Pt482rTc7hHJkRgCJrWikEDxdk67FuddnlcZk4AZ89EW_-ZuMUBP8m43Og4mxmKJ4q-akXtXd6oosEZiiBYlpb6b5X7OaNwcKfFE5Tt9kYsUGSukII7gynlLut

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE1KR1JLVk8tMTgtOUw0VQ==&google_push=AXcoOmRdcB6RfhtlMUFNLBUmrXrjzuR2n_Pt482rTc7hHJkRgCJrWikEDxdk67FuddnlcZk4AZ89EW_-ZuMUBP8m43Og4mxmKJ4q-akXtXd6oosEZiiBYlpb6b5X7OaNwcKfFE5Tt9kYsUGSukII7gynlLut
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 5b959e9b7aef6dd90a6fa539ca64ac62
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8578
Redirect Chain

https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEEgPUkDDmI1iLUC9S8NJHw0&google_cver=1&google_push=AXcoOmTFBYhTua_etg1s7lonM2Bj4YODHMo1PqoLBuIgpYsPao7uYSfK00Lz_5CYrB...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTFBYhTua_etg1s7lonM2Bj4YODHMo1PqoLBuIgpYsPao7uYSfK00Lz_5CYrBdCnr01avPtgIaWpAHGEsZ_ws_EAwyqTcBBUEhLIOD9bwgWme...

170 B
188 B

18ms
18ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTFBYhTua_etg1s7lonM2Bj4YODHMo1PqoLBuIgpYsPao7uYSfK00Lz_5CYrBdCnr01avPtgIaWpAHGEsZ_ws_EAwyqTcBBUEhLIOD9bwgWme7EJb5amMdw9gI--5oQlzxwD2Dm7J-gdG6vrE2SKd0_Qg&google_hm=FIz2TmD9QAKoXmFopU5hxUg

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmTFBYhTua_etg1s7lonM2Bj4YODHMo1PqoLBuIgpYsPao7uYSfK00Lz_5CYrBdCnr01avPtgIaWpAHGEsZ_ws_EAwyqTcBBUEhLIOD9bwgWme7EJb5amMdw9gI--5oQlzxwD2Dm7J-gdG6vrE2SKd0_Qg&google_hm=FIz2TmD9QAKoXmFopU5hxUg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 8578
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESENcoBfK15_dbfIIzXKhMo8o&google_cver=1&google_push=AXcoOmSM0H74mGoILFNKye1QeS7ASWQKt9r60okEXpQzg0uWBO1YsnfsgoOBsprKS7wLknVILUeTL5Wnokh...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSM0H74mGoILFNKye1QeS7ASWQKt9r60okEXpQzg0uWBO1YsnfsgoOBsprKS7wLknVILUeTL5WnokhB7WoJOcW3REpiVsf8ykNXUEi7F-lEKypg2g6w...
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

14ms
7ms

Image
text/plain

51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Protocol

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8578
Redirect Chain

https://csync.loopme.me/?pubid=11537&gdpr=${GDPR}&gdpr_consent=${GDPR_CONSENT_109}&redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dloopme_eb_%26google_hm%3D{viewer_token}&google_...
https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=2521df61-5b06-499a-9139-11266ed3534d&google_cver=1&google_gid=CAESEB2gfuT1Vsy4jrNP401d0Ok&gdpr_consent=${GDPR_CONSENT_109}&google_...

170 B
188 B

19ms
19ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=2521df61-5b06-499a-9139-11266ed3534d&google_cver=1&google_gid=CAESEB2gfuT1Vsy4jrNP401d0Ok&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRzbOKWJZK0qEeqL14kGI7PnwrgGFQXaGWl_vP9wibQ_Gio5BX6kt22RLNFvV6Om8bAs_xRePy1mjmWLeOG5vrl1Y6HZ5S75RJ9a6jgfd6egP95-5wJNkd20V0x-eBFaYpW0lloR-TrmRGziJPV2PlQOA&gdpr=${GDPR}

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=loopme_eb_&google_hm=2521df61-5b06-499a-9139-11266ed3534d&google_cver=1&google_gid=CAESEB2gfuT1Vsy4jrNP401d0Ok&gdpr_consent=${GDPR_CONSENT_109}&google_push=AXcoOmRzbOKWJZK0qEeqL14kGI7PnwrgGFQXaGWl_vP9wibQ_Gio5BX6kt22RLNFvV6Om8bAs_xRePy1mjmWLeOG5vrl1Y6HZ5S75RJ9a6jgfd6egP95-5wJNkd20V0x-eBFaYpW0lloR-TrmRGziJPV2PlQOA&gdpr=${GDPR}
date: Thu, 14 Sep 2023 17:47:55 GMT
server: _
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8578 0
12 B 26ms
24ms Image
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JRPMbHFEAU7PIw6feZQwExxpsHDzB7kkXqARttVwLterUzbLvHJIFfhsxu1rxpTTaYkIu08y6-

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
175 B 60ms
60ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H2 200 dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727
adservice.google.com/ddm/fls/z/ Frame 6CCD 42 B
402 B 331ms
45ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727

Requested by

Host: 5994599.fls.doubleclick.net
URL: https://5994599.fls.doubleclick.net/activityi;dc_pre=COHs8rTUqoEDFTcPogMdJj0NXg;src=5994599;type=invmedia;cat=g2slskko;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4748386991146.727?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5994599.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif Show response
ad.vidverto.io/vidverto/test/ Frame 83A3 42 B
175 B 14ms
14ms Fetch
image/gif 190.2.150.148
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 190.2.150.148 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 190-2-150-148.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:55 GMT
last-modified: Mon, 26 Oct 2020 16:14:05 GMT
server: nginx/1.14.0 (Ubuntu)
accept-ranges: bytes
etag: "5f96f5cd-2a"
content-length: 42
content-type: image/gif

GET
H3 200 bridge3.589.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D4BF 722 KB
231 KB 10ms
8ms Document
text/html 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 37963
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236935
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 07:15:12 GMT
expires: Fri, 13 Sep 2024 07:15:12 GMT
last-modified: Tue, 12 Sep 2023 02:58:09 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1986 40 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:22:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1539
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Thu, 14 Sep 2023 18:22:16 GMT

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/ 72 KB
0 17ms
14ms Media
video/mp4 175.110.113.214
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/480_650.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/zhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-214.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=0-

Response headers

Date: Thu, 14 Sep 2023 17:47:55 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 0-17211103/17211104
Connection: keep-alive
Content-Length: 17211104

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 58ms
58ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309110101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

562a72515637aceaa3aa289fa99a6d4250084f3240d4b0d33586a214687bad04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11771
x-xss-protection: 0

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame D4BF 156 B
187 B 287ms
285ms XHR
text/xml 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=199183797905962&sdkv=h.3.589.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.589.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2F5zElqqY5KeOnh9E2y199gw%3A1694717273%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=A1E04672-D458-4E70-A7DE-340B07E20241&nel=0&eid=44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44800470&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fzhong-guo-mei-zhu-jiao-yu-nian-du-fa-zhan-bao-gao-2022-fa-bu.html&dt=1694713676026&cookie=ID%3Deab6b7a00376ae03-2275c92d76de0047%3AT%3D1694713672%3ART%3D1694713674%3AS%3DALNI_MZRPHlBdqwKWYCKQiVj2_oi0Oca1A&gpic=UID%3D00000c75f97148ea%3AT%3D1694713672%3ART%3D1694713672%3AS%3DALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ&scor=98614493441796&ged=ve4_td4_tt2_pd4_la4000_er698.400.699.800_vi0.0.1200.1600_vp100_eb24171

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:56 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309110101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 14 Sep 2023 17:47:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8DEF 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5774
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 16:11:42 GMT
expires: Fri, 13 Sep 2024 16:11:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C057 829 B
559 B 19ms
18ms Document
text/html 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d56f82a0311ccb0c20b15d3717d627d107988419590c28e4e0453be247d870c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kbWRpI1DpvXAImXeZdlYVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-kbWRpI1DpvXAImXeZdlYVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 17:47:56 GMT
expires: Thu, 14 Sep 2023 17:47:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js Show response
pagead2.googlesyndication.com/bg/ Frame 8DEF 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YBinSErTekvxupjb6vinQNaPBzh8KEiIox6QinbqyX4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 09:02:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 117916
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 04 Sep 2023 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 12 Sep 2024 09:02:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C057 0
0 109ms
109ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309110101&jk=4042625674741145&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8DEF 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?LGmdDQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:47:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

POST
H3 204 csi
csi.gstatic.com/ Frame D4BF 0
17 B 30ms
29ms Ping
image/gif 2a00:1450:4009:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lmjgrlaw&c=6560099811260&slotId=3280049905630&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:81f::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:56 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 427 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 415 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 414 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 /
onetag-sys.com/usync/ 0
38 B 7ms
7ms Image
text/plain 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/usync/?tag=img

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-store

GET
H/1.1 206
Partial Content 480_650.mp4
cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/ 3 MB
0 44ms
14ms Media
video/mp4 175.110.113.214
WORLDSTREAM

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.vidverto.io/secured2/5zElqqY5KeOnh9E2y199gw:1694717273/1327/video/1813/480_650.mp4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 175.110.113.214 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS: 175-110-113-214.hosted-by-worldstream.net
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36
Range: bytes=360448-

Response headers

Date: Thu, 14 Sep 2023 17:47:56 GMT
Last-Modified: Thu, 02 Sep 2021 16:35:03 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "6130fd37-1069ee0"
Content-Type: video/mp4
Access-Control-Allow-Origin: *
Content-Range: bytes 360448-17211103/17211104
Connection: keep-alive
Content-Length: 16850656

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 115ms
115ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309110101&jk=4042625674741145&bg=!CQqlCkXNAAa6D61Rmg87ADQBe5WfOD3v7F4Y0IXTjb1rIBOHcbFc_l2rLUmjCJkB1O1zb-0Ge4Ia6BmV4eStlxpib0c2AgAAAGlSAAAACGgBB5kC47guZcIgFJfL2y7Hi9WrgOtwGzLkLjUuPnJrTcfb1Gr7CQg-ErK1kdLKv88JXHd-WG6tIUJkBVyOgB7kug__Lm1Ig0moNYpDVokp0VLLJUHPXlbpm5utEli27j1mvgTTpwyYDQAVBnMjmgrLTJ8r5UxB7mFYU7uNb5W3h1OZDO4drI9na4HBaFu-VX0OrKckvfZ32yFjsrV1OFkHBsjCtqRHhdiCwx92NKlAp7NbjKYbs_gksdmpuvWaGv8HskGZAQ1BuS8_4HDZJK14e1M2zqxBVELYsQsTM0ZNbztRrEmN2kQ62ieG4EhL9yjhqCnGgezbTc06A-2joHeYFCjqtkG_7cOHZXaiQWqALfuu9ngIfagyVTcuwN9IXbTc_ISACa5OYboRmECBRX55wanqHTjXqjC_MEDM2sZzxO9-SW_X0-dFMUWkNrdcIp2uBad6hD6l6nGsLPRTtIJ00bC1lzYS1XwcjwOMVKm7EbuXP0fJDzppG4tqxVH089UNX8ltEm-W7vUAX1gnhtZzfc1QnDdth6Gkb_iloSfG8VMgmnVJJMwKptC0Ejf978adO3CSY2jgdDebrIyNlXCwAzb6x2OPz6mczet9iN03RSBmELhCBfueGcfhI1wamSnF4VPrPup106YcdWwXbFRr-xfNgjqQeQw2ldS7JMReyQHuAYMgJyjn2ZomMruhAeDnIQTEY7LFPS9k9iI8rDaktEMpBIIVsAgr66uX4W1mTiiTSaZnBl3oYVmeG66JSqhQQBybjzSbTVBi1jAkoY926uxlrilKhO1b_F2kMOQJerTD7acNxyP7LKLDqWlAfRzE6blrSAN1koBtLsuz7x9OQ4cpIVmBD4KKAYPY5zZA-uXVY06nV7Q94Dgw4H_fZaqUvnQTBmL0aaQUsWTId4KSH6aG_VOZFpXvNg-a4CEusabz-Rkhhv64Uiupn57j7PUl7KMtV-2MOiFE-NOEWIu_QmFIEBSQXwI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6BEE 0
20 B 110ms
109ms Ping
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6034842881152&version=m202309120101&ct=77&x=1&cor=17611047210511251000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame D4BF 0
17 B 30ms
30ms Ping
image/gif 2a00:1450:4009:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lmjgrllu&c=6560099811260&slotId=3280049905630&ghmsh_eids=44750823%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44794530%2C44796352%2C44800470
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.589.0_en.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4009:81f::2003 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.62 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 17:47:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202302/707e98c717efe8624aa8c3f833d4d5ed.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202307/46ce95feb84219b31d6b2e37e07b86ee.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202111/fc16eb61010e50c24d5e9437bc5270c7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202302/5dcb39b91108172476e732cf01d765e9.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202303/977ef776392240871e3fc9e60f78426c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202206/da9df157595c1423535ae267ab10d3ae.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202303/30f81c6ed31ec5020e193732b80b0a3d.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202309/f6dad7a631bb35fbc4ef2abd6d1f2bb1.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

124 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bg3.co/	1970-01-21 00:21:13	Name: sc_is_visitor_unique Value: rx12918656.1694713673.5E7048486C534FC6CB9B09CD3DD76133.1.1.1.1.1.1.1.1.1
.bg3.co/	1970-01-21 00:21:13	Name: _ga_JLX4K2W8JS Value: GS1.1.1694713672.1.0.1694713672.0.0.0
.bg3.co/	1970-01-21 00:21:13	Name: _ga Value: GA1.1.1777159273.1694713673
.statcounter.com/	1970-01-21 00:21:13	Name: is_unique Value: sc12918656.1694713672.0
.statcounter.com/	1970-01-21 00:21:13	Name: is_visitor_unique Value: 1694713672109764036
.bg3.co/	1970-01-21 00:06:49	Name: __gpi Value: UID=00000c75f97148ea:T=1694713672:RT=1694713672:S=ALNI_MYjscMIHtPBurS2yuHRKoEDSRx8JQ
.doubleclick.net/	1970-01-21 00:06:49	Name: IDE Value: AHWqTUlJE9Lp3K7gtYIQi5mkQfL-eyNFWePaHOQ7GUl3WoD0Q8WTMUCvZNSjJ-aMsrk
ad.vidverto.io/	1970-01-20 23:29:23	Name: moxuuid Value: 44b6f1b4-e013-4910-a940-b171d27d75e0
ad.vidverto.io/	1970-01-20 14:46:40	Name: _mwayss_zone_imp[9799][count] Value: 0
ad.vidverto.io/	1970-01-20 14:46:40	Name: _mwayss_zone_imp[9799][frequencyPeriodEnd] Value: 1694800073
ad.vidverto.io/	1970-01-20 14:46:40	Name: _mwayss_imp[23239][count] Value: 0
ad.vidverto.io/	1970-01-20 14:46:40	Name: _mwayss_imp[23239][frequencyPeriodEnd] Value: 1694800073
ad.vidverto.io/	1970-01-20 14:46:40	Name: _mwayss_camp_imp[10384][count] Value: 0
ad.vidverto.io/	1970-01-20 14:46:40	Name: _mwayss_camp_imp[10384][frequencyPeriodEnd] Value: 1694800073
.bidswitch.net/	1970-01-20 23:30:49	Name: tuuid Value: 94f62c9b-d97f-41f1-8918-a881e2f58e05
.bidswitch.net/	1970-01-20 23:30:49	Name: c Value: 1694713673
.bidswitch.net/	1970-01-20 23:30:49	Name: tuuid_lu Value: 1694713673
a4p.adpartner.pro/	1970-01-20 16:11:37	Name: apuid Value: dbb2f624-6970-4df0-8b9a-73d70473c37a
ad.vidverto.io/	1970-01-20 23:29:23	Name: adpartner Value: 44b6f1b4-e013-4910-a940-b171d27d75e0
.betweendigital.com/	1970-01-20 23:30:49	Name: dc Value: lux1
.betweendigital.com/	1970-01-20 23:30:49	Name: tuuid Value: 8affa2f3-de40-5201-8b89-666fee8a2126
.betweendigital.com/	1970-01-20 23:30:49	Name: ss Value: 1
.betweendigital.com/	1970-01-20 23:30:49	Name: ut Value: ZQNHSQAEDxDOhk1ukr2Mm9WFjfDRAtpVv9yMAA==
.quantserve.com/	1970-01-21 00:15:28	Name: mc Value: 65034749-427fd-0fd01-35c7e
.bg3.co/	1970-01-21 00:09:42	Name: __qca Value: P0-1950086237-1694713673074
.aralego.com/	1970-01-20 23:30:49	Name: sspid Value: d4a5cba6-ea29-3aea-b402-3fe89eb8137f
ad.vidver.to/	1970-01-20 23:29:23	Name: bidswitch_com Value: 94f62c9b-d97f-41f1-8918-a881e2f58e05
.aralego.com/	1970-01-20 23:30:49	Name: euconsent-v2 Value:
.yahoo.com/	1970-01-20 23:31:11	Name: A3 Value: d=AQABBElHA2UCED0OU-0zj133_huKM2wO-D0FEgEBAQGYBGUNZQAAAAAA_eMAAA&S=AQAAAoTdvXWXt4hMc84gBCXb1vE
.bg3.co/	1970-01-21 00:06:49	Name: __gads Value: ID=eab6b7a00376ae03-2275c92d76de0047:T=1694713672:RT=1694713674:S=ALNI_MZRPHlBdqwKWYCKQiVj2_oi0Oca1A
.bg3.co/	1970-01-21 00:21:13	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1694713674.1.0.1694713674.0.0.0
.adnxs.com/	1970-01-20 16:54:49	Name: uuid2 Value: 3424854826580201837
.casalemedia.com/	1970-01-20 23:30:49	Name: CMID Value: ZQNHSieLlu2JsjO2VFH3NwAA
.casalemedia.com/	1970-01-20 16:54:49	Name: CMPS Value: 1181
.casalemedia.com/	1970-01-20 16:54:49	Name: CMPRO Value: 1181
.adnxs.com/	1970-01-20 16:54:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Krb9i^!]tbPl1M>e)ZlrFUfJ+tGXvWB:>(mZO^.GJTDu/HESQbkJ5!o=]5*cOmE)nB%nugO%v4VB%nlX$)_c:W
.doubleclick.net/	1970-01-20 19:04:25	Name: APC Value: AfxxVi5XwcrBbEz4JLk9dv61tuUox9l7jxGw0HgavhCgtTxWm4MdZA
.redintelligence.net/	1970-01-20 16:54:49	Name: 8lcfmzhxc8d6_uid Value: 35fa89729d9b7d1f
.ctnsnet.com/	1970-01-20 23:30:49	Name: gid_CAESEEgPUkDDmI1iLUC9S8NJHw0 Value: 1
.ctnsnet.com/	1970-01-20 23:30:49	Name: cid_148cf64e60fd4002a85e6168a54e61c5 Value: 1
.csync.loopme.me/	1970-01-20 16:56:16	Name: viewer_token Value: 2521df61-5b06-499a-9139-11266ed3534d
.tribalfusion.com/	1970-01-20 16:54:49	Name: ANON_ID Value: a9ntuJs2aF8pAJsbX1nR0VqPZabuoABd5FfFqrH5S3OWUBwitYO5aYO3Q1cut7ULAW4cQZdHZaJvA3rhT1pESS8eKLo

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202206/da9df157595c1423535ae267ab10d3ae.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202302/5dcb39b91108172476e732cf01d765e9.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202303/977ef776392240871e3fc9e60f78426c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202111/fc16eb61010e50c24d5e9437bc5270c7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202307/46ce95feb84219b31d6b2e37e07b86ee.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202309/f6dad7a631bb35fbc4ef2abd6d1f2bb1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202303/30f81c6ed31ec5020e193732b80b0a3d.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202302/707e98c717efe8624aa8c3f833d4d5ed.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 487) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 487) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network	error	URL: https://cdn.adpushup.com/42753/L2EvemhvbmctZ3VvLW1laS16aHUtamlhby15dS1uaWFuLWR1LWZhLXpoYW4tYmFvLWdhby0yMDIyLWZhLWJ1Lmh0bWw=.json Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 487) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

501d58268e413771edb4538db9194981.safeframe.googlesyndication.com
5994599.fls.doubleclick.net
a.tribalfusion.com
a4p.adpartner.pro
ad.vidver.to
ad.vidverto.io
ad85a7e871934a6df3b4b3c086caa2f3.safeframe.googlesyndication.com
ads.aralego.com
ads.betweendigital.com
adservice.google.com
adx3.adform.net
c.statcounter.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.contentspread.net
cdn.vidverto.io
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
csync.loopme.me
delivery.adrecover.com
dsum-sec.casalemedia.com
e3.adpushup.com
eus.rubiconproject.com
fonts.gstatic.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal90003.redintelligence.net
http-intake.logs.datadoghq.com
ib.adnxs.com
imasdk.googleapis.com
ius.ctnsnet.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-sync.sitescout.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
region1.google-analytics.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
static.bg3.co
103.231.174.251
104.20.219.77
104.79.25.60
138.201.63.117
142.250.186.134
142.250.186.162
15.197.193.217
152.199.21.70
162.210.196.208
172.64.148.101
175.110.113.214
184.30.22.30
185.84.60.21
188.42.34.64
190.2.150.148
192.96.203.13
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3a
212.8.243.91
23.97.225.52
2600:1f18:24e6:b900:1345:3f18:137:8913
2600:9000:223c:d800:6:44e3:f8c0:93a1
2606:4700:20::681a:567
2606:4700::6812:19ad
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:806::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2004
2a00:1450:4001:810::2006
2a00:1450:4001:810::2008
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::200e
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4009:81f::2003
2a05:d018:d29:3601:ad5e:1111:f66a:1a0c
35.186.193.173
35.214.147.34
37.252.171.21
51.83.220.94
51.89.9.252
52.57.217.9
69.173.144.138
69.173.144.165
78.46.111.106
85.114.131.235
98.98.134.242
02f8c15ba65b0ae9db6f957d28f9ae1adbc048090cca772bec7301451a8c1dfd
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
0586aea59699c08c45bbbcdb3c0d528935c401fdd7427f2627e9d117fc11e3c2
08345ab1867ed4b3a8f81a77a885e5cd869bb2102e4a5edf6faae61bab11e8a9
096862e95687fa095052acf06c643d97aebf5a75bdb39f85061a931076b5c12e
0a3798344be49c312b2ba8db56e38b9b1047eda3e9b04ab8baacf375a322ee1b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbbe27a91eb385c7f86d2203bd841747096782df337bae2afdb74cf4fe90258
0f850d916cbf332267cd8f4d0deb60c3b082177e8139e64dcdaec989a08f8c76
1009fd29410a9be345dbf79db26a520e23358f097a98436923cfefdecb305118
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
18ccd9972995ccfdf1c4ce53d0195550e2b44e9acbd5c0cf826088149fa7e7c6
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
2566f2f20ba122f78d6713a1c25217fd221f65a98cda4dedea1571e2e5df19b3
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2848e0d8c7008ca1db2420541b315c6811957088015013372b8172dd768f3d8d
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2ed1f1c0c707220ebc2f003bfc1d96e5f842ff4fa1bff3513d866b996f01b82e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
389fea323237b8da675f0c2ab8b701a9a0637ec1e4bb3d4b6cc9ce5440abc1a5
393d0a9e62d7fafc140ff9910e4bc954b793314285551f7f6b82dd906512fb8e
3b9fec2450dcf6eaa37d55c3b132abcb710b767a977cdd0af70a957a7841ccbc
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
430a6e7150545de867540d1752b691ba077a3d76e1008d852d0d3bd3409f2a1a
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4accbcd793680c2ea0a65714771ef37d5eeb42bdaedba9882dd0d78eae09e00e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
562a72515637aceaa3aa289fa99a6d4250084f3240d4b0d33586a214687bad04
5f4025b3492b5e229bc398405e83150b539da7b98a2300d036bbe4a607f7bef8
6018a7484ad37a4bf1ba98dbeaf8a740d68f07387c284888a31e908a76eac97e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
616908eea7d791f0945b84a1b619e2bbd691f0f9dc73810b5337cb2fcea34657
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
65268b5b4f4c2a038f1e8395dde2421dfcc77bd38e278b33660477be67d0c29d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
67d1fdb5c556f86d8e4619147c3c9341012fc5848fa4cb396813054d70fe5e35
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d56f82a0311ccb0c20b15d3717d627d107988419590c28e4e0453be247d870c
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
70e4ae8659448497b65a957b6add53b026f97543c2ab2fef9c48c048c187001c
7309773d6765426ce9dc94751fb917236ad391f33cf47c118ce806c9e1d98729
741ecc8704ef4c2d761bed3c265b207a8b9e957c0d322ceec32d14f8ede4c134
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7aefa7a735322bc937d004ffb976c57e6f187d12547bdd5b755251412393c075
7c1b0b0523c8cd715c6a906f13a121cd27392d8e61d58c38c7ceb32ec22e59f4
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
8387013ae7c0a3cb9f15765f5b7693e4011a26d041b9109781d554ee93031bcc
85a48ef65e57436536bee87bf137d0b8277b9ac0fbcc38e11b2f7326a026278a
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fecae017ff4a1627943e6e72c2ef67923c0c808529c56f47a5a9f611364da55
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9794ad3cb438c8b85aa002e5a401debddcc6436fe916a9be359dce69ad4b029a
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9d5518dc67954f3f190da5f7a41a82699d9c91152b6859e23790b6695c29a13d
9ea746bcaeb49d78462db0b0740de88e2f00bf5f492e14e65a5e811b45ee0220
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a011595b8a7a4aecacbb9bdd095cf4e446e368e8c897b2daf1807e6016137c1a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a84afb4c91af9ced3d2670d153a29698984c96919e11e48115b86613043de4cd
a93471f92855fcc7b759f690b29ec1883838e0b81625ca83720afc93ae5b7876
aa12e899ad53e92a62865573d544a476d6e89e952f6796aa59aa88f6bab33a71
abb10cb48ee591b0c9f225840cbe5db42325f2b8a6e6de024d42f1b35d2c05fb
adbc41b9b5d99a13ea8b238c0afc32a94b888abc531a6d479cdef72a33487fc7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b682ef87b0ee4f3631fb1d297c2ad373d1e423ab2d1c14dc10a3fb1dd59a1466
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
c2313b832ea2d9d8e3c1b5bd2b9ca3498ffe84065c84294ead0a6617f8c1241a
c252a63cc3245c852e13332a77220c033b56a952344862770bfe104e76a0d436
c8e9d338f18d076e5436f3c44d3521aa50f7fbdbc75a0c9b2f257efc64a2f92a
ce169b641704d42c46505444e0aa59c302ad0e32f780752ce366b200ae4c73f0
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4ffa36c3282ba25a2b7c2058b40b7d87ba192fe76a70cede2b1f3435b37ef1e
dce388596b37c8a993a5b9f487b1d79e8fc6b01f9d754fb315cfb94bc262e938
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea7b6f1c9476eabeea7c591575612038df6e6b7b6addf978f746279c976d7744
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb5a398e4dfbc7a9860e9d8c402c66a9075f34cfb5e78837ec16c7caa9d88e53
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f35b509903f221a7819018ff7ce28b855c6460cd07132d2169f41b48ca541f41
f58314d7c3a75163d4d6a55af37da678ba721a25c887b0acd8f5ba65fe938a65
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff50078d964456e33584659af659a53f936058b98b356bd1da012867330abff0

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

176 Requests

87 %HTTPS

43 %IPv6

39 Domains

60 Subdomains

44 IPs

10 Countries

3079 kBTransfer

12745 kBSize

42 Cookies

2 Outgoing links

Redirected requests

176 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

176
Requests

87 %
HTTPS

43 %
IPv6

39
Domains

60
Subdomains

44
IPs

10
Countries

3079 kB
Transfer

12745 kB
Size

42
Cookies

176 HTTP transactions
7 data transactions