www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Submission: On August 23 via manual (August 23rd 2023, 7:22:46 am UTC) from US — Scanned from CH

Summary HTTP 339 Redirects Links 23 Behaviour Indicators

Summary

This website contacted 63 IPs in 9 countries across 44 domains to perform 339 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.

This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	103.231.174.251 103.231.174.251	9744 (XLC-AS-AP...) (XLC-AS-AP XLC GLOBAL)
11	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
1 3	162.210.196.208 162.210.196.208	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	2606:4700:20:... 2606:4700:20::681a:567	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	138.199.37.225 138.199.37.225	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a02:26f0:480... 2a02:26f0:480:f::213:7ed4	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a02:26f0:480... 2a02:26f0:480:f::213:7ede	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
40	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
27	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:3b	20446 (STACKPATH...) (STACKPATH-CDN)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	23.97.225.52 23.97.225.52	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
3	2620:116:800d... 2620:116:800d:21:c5a4:625:6563:a5bb	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:e6:... 2606:4700:e6::ac40:c526	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	192.96.203.13 192.96.203.13	30633 (LEASEWEB-...) (LEASEWEB-USA-WDC)
4	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:c800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2 2	23.201.255.110 23.201.255.110	16625 (AKAMAI-AS) (AKAMAI-AS)
8	95.101.149.233 95.101.149.233	16625 (AKAMAI-AS) (AKAMAI-AS)
16	185.106.33.48 185.106.33.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
4 6	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2600:1f18:24e... 2600:1f18:24e6:b901:3c37:1dbb:4827:7740	14618 (AMAZON-AES) (AMAZON-AES)
5 7	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	172.105.43.230 172.105.43.230	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
2	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2 3	52.95.125.22 52.95.125.22	16509 (AMAZON-02) (AMAZON-02)
4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 17	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 3	52.46.143.56 52.46.143.56	16509 (AMAZON-02) (AMAZON-02)
2 5	2a05:d018:d29... 2a05:d018:d29:3601:f60d:7f4e:ab14:8158	16509 (AMAZON-02) (AMAZON-02)
16	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2 3	18.159.10.79 18.159.10.79	16509 (AMAZON-02) (AMAZON-02)
2	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
6	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	8.43.72.98 8.43.72.98	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
13	138.199.36.10 138.199.36.10	60068 (CDN77 ^_^) (CDN77 ^_^)
2	2a02:2638:d::4 2a02:2638:d::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	31.220.27.134 31.220.27.134	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1 1	184.30.24.22 184.30.24.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	81.17.55.108 81.17.55.108	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
1 2	51.89.9.253 51.89.9.253	16276 (OVH) (OVH)
19	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.7.9 178.250.7.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:400b:802::2003	15169 (GOOGLE) (GOOGLE)
339	63

1 103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)

www.bg3.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 162.210.196.208 (Ashburn, United States) 1 redirects

ASN30633 (LEASEWEB-USA-WDC, US)

ads.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.aralego.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 138.199.37.225 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-225.bunnyinfra.net

cdn.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:480:f::213:7ed4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

delivery.adrecover.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:480:f::213:7ede (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wf.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstatb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:3b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

e3.adpushup.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d-12224200013711214527.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:c5a4:625:6563:a5bb (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e6::ac40:c526 (United States)

ASN13335 (CLOUDFLARENET, US)

amp.analytics-debugger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)

sync.aralego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:c800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.201.255.110 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)

il-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.173.144.165 (Frankfurt am Main, Germany) 4 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b901:3c37:1dbb:4827:7740 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.105.43.230 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-43-230.ip.linodeusercontent.com

newsbot.unibots.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.95.125.22 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 142.250.185.66 (Grosse Pointe, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.46.143.56 (Ashburn, United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a05:d018:d29:3601:f60d:7f4e:ab14:8158 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.159.10.79 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-10-79.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 8.43.72.98 (United States)

ASN26667 (RUBICONPROJECT, US)

pixel-us-east.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 138.199.36.10 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-36-10.bunnyinfra.net

stream.unibotscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.220.27.134 (Amsterdam, Netherlands) 1 redirects

ASN39572 (ADVANCEDHOSTERS-AS, NL)

s.uuidksinc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.24.22 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-24-22.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 81.17.55.108 (Netherlands) 1 redirects

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.253 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip253.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.7.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:400b:802::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1097 trc.taboola.com — Cisco Umbrella Rank: 722 vidstat.taboola.com — Cisco Umbrella Rank: 3007 il-trc-events.taboola.com — Cisco Umbrella Rank: 18900 images.taboola.com — Cisco Umbrella Rank: 1924 imprammp.taboola.com — Cisco Umbrella Rank: 12991 am-match.taboola.com — Cisco Umbrella Rank: 13374 wf.taboola.com — Cisco Umbrella Rank: 3066 am-vid-events.taboola.com — Cisco Umbrella Rank: 12328 vidstatb.taboola.com — Cisco Umbrella Rank: 5604 pips.taboola.com — Cisco Umbrella Rank: 1803 cds.taboola.com — Cisco Umbrella Rank: 2110 am-wf.taboola.com Failed	1 MB
45	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 163 64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com	567 KB
34	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 stats.g.doubleclick.net — Cisco Umbrella Rank: 122 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 pubads.g.doubleclick.net — Cisco Umbrella Rank: 402	506 KB
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 710 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9104 csm.eu.criteo.net — Cisco Umbrella Rank: 8684	429 KB
27	unibotscdn.com cdn.unibotscdn.com — Cisco Umbrella Rank: 34692 stream.unibotscdn.com — Cisco Umbrella Rank: 50576	4 MB
24	rubiconproject.com 11 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248 eus.rubiconproject.com — Cisco Umbrella Rank: 737 token.rubiconproject.com — Cisco Umbrella Rank: 748 pixel.rubiconproject.com — Cisco Umbrella Rank: 388 pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1308	52 KB
11	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 387	218 KB
7	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2102 www.google-analytics.com — Cisco Umbrella Rank: 62	641 B
7	criteo.com gum.criteo.com — Cisco Umbrella Rank: 442 ads.eu.criteo.com — Cisco Umbrella Rank: 8578 cat.fr3.eu.criteo.com — Cisco Umbrella Rank: 10115 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 15501	100 KB
7	google.com fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1693 www.google.com — Cisco Umbrella Rank: 3	12 KB
7	adpushup.com cdn.adpushup.com — Cisco Umbrella Rank: 16260 e3.adpushup.com — Cisco Umbrella Rank: 19213	279 KB
7	aralego.com 1 redirects ads.aralego.com — Cisco Umbrella Rank: 39271 sync.aralego.com — Cisco Umbrella Rank: 3451	4 KB
6	amazon-adsystem.com 4 redirects aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1142 s.amazon-adsystem.com — Cisco Umbrella Rank: 349	4 KB
5	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545	3 KB
4	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 396	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	265 KB
4	aralego.net cdn.aralego.net — Cisco Umbrella Rank: 14896	42 KB
3	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 372	1 KB
3	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 600 fonts.googleapis.com — Cisco Umbrella Rank: 73	356 KB
3	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1412 pixel.quantserve.com — Cisco Umbrella Rank: 1151 cms.quantserve.com — Cisco Umbrella Rank: 1015	10 KB
2	gstatic.com csi.gstatic.com	288 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	10 KB
2	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 984	487 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 1025 s.tribalfusion.com — Cisco Umbrella Rank: 2306	1 KB
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 864	1 KB
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 989	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1080 r.turn.com — Cisco Umbrella Rank: 4432	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	114 KB
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244	913 B
2	datadoghq.com http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9551	505 B
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 985	60 KB
2	adrecover.com delivery.adrecover.com — Cisco Umbrella Rank: 36559	11 KB
1	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 8778	233 B
1	smartadserver.com 1 redirects ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027	407 B
1	media.net 1 redirects cs.media.net — Cisco Umbrella Rank: 1735	1 KB
1	uuidksinc.net 1 redirects s.uuidksinc.net — Cisco Umbrella Rank: 11813	290 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856	584 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	17 KB
1	linkedin.com px.ads.linkedin.com — Cisco Umbrella Rank: 421	648 B
1	unibots.in newsbot.unibots.in — Cisco Umbrella Rank: 63813	693 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1302	632 B
1	analytics-debugger.com amp.analytics-debugger.com — Cisco Umbrella Rank: 19302	3 KB
1	ampproject.net d-12224200013711214527.ampproject.net
1	bg3.co www.bg3.co static.bg3.co Failed	18 KB
339	44

	Domain	Requested by
27	pagead2.googlesyndication.com	cdn.ampproject.org ads.aralego.com pagead2.googlesyndication.com securepubads.g.doubleclick.net www.bg3.co tpc.googlesyndication.com imasdk.googleapis.com googleads.g.doubleclick.net www.googletagservices.com
19	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
17	cm.g.doubleclick.net	4 redirects eus.rubiconproject.com googleads.g.doubleclick.net
16	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.bg3.co
16	il-trc-events.taboola.com	www.bg3.co
15	cdn.taboola.com	www.bg3.co cdn.taboola.com
14	images.taboola.com	www.bg3.co
14	cdn.unibotscdn.com	www.bg3.co cdn.unibotscdn.com
13	stream.unibotscdn.com	cdn.unibotscdn.com
11	cdn.ampproject.org	www.bg3.co cdn.ampproject.org
10	imageproxy.eu.criteo.net	ads.eu.criteo.com
8	eus.rubiconproject.com	ads.aralego.com eus.rubiconproject.com am-match.taboola.com
8	securepubads.g.doubleclick.net	cdn.adpushup.com securepubads.g.doubleclick.net cdn.aralego.net
7	pixel.rubiconproject.com	5 redirects eus.rubiconproject.com
6	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
6	token.rubiconproject.com	4 redirects eus.rubiconproject.com
6	googleads.g.doubleclick.net	cdn.ampproject.org pagead2.googlesyndication.com googleads.g.doubleclick.net
5	pr-bh.ybp.yahoo.com	2 redirects imprammp.taboola.com am-match.taboola.com
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	region1.google-analytics.com	cdn.ampproject.org www.googletagmanager.com
5	cdn.adpushup.com	www.bg3.co cdn.adpushup.com
4	match.adsrvr.org	eus.rubiconproject.com imprammp.taboola.com am-match.taboola.com
4	www.googletagmanager.com	cdn.ampproject.org cdn.adpushup.com cdn.unibotscdn.com www.googletagmanager.com
4	sync.aralego.com	ads.aralego.com www.bg3.co eus.rubiconproject.com
4	cdn.aralego.net	www.bg3.co ads.aralego.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	x.bidswitch.net	2 redirects imprammp.taboola.com
3	s.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	aax-eu.amazon-adsystem.com	2 redirects eus.rubiconproject.com
3	trc.taboola.com	cdn.taboola.com
3	ads.aralego.com	1 redirects ads.aralego.com
2	csi.gstatic.com	imasdk.googleapis.com
2	pubads.g.doubleclick.net	imasdk.googleapis.com
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr3.eu.criteo.com	ads.eu.criteo.com
2	onetag-sys.com	1 redirects googleads.g.doubleclick.net
2	ap.lijit.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	am-vid-events.taboola.com	www.bg3.co
2	wf.taboola.com	vidstat.taboola.com
2	am-match.taboola.com	vidstat.taboola.com
2	http-intake.logs.datadoghq.com	cdn.adpushup.com
2	secure-assets.rubiconproject.com	2 redirects
2	www.google-analytics.com	www.bg3.co
2	imasdk.googleapis.com	cdn.unibotscdn.com imasdk.googleapis.com
2	e3.adpushup.com	www.bg3.co
2	code.jquery.com	cdn.adpushup.com delivery.adrecover.com
2	delivery.adrecover.com	www.bg3.co
1	cds.taboola.com	cdn.taboola.com
1	pips.taboola.com	cdn.taboola.com
1	rtb2-useast.e-volution.ai	googleads.g.doubleclick.net
1	ssbsync.smartadserver.com	1 redirects
1	cs.media.net	1 redirects
1	s.uuidksinc.net	1 redirects
1	s.tribalfusion.com	googleads.g.doubleclick.net
1	a.tribalfusion.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	s0.2mdn.net	imasdk.googleapis.com
1	vidstatb.taboola.com	www.bg3.co
1	pixel-us-east.rubiconproject.com	eus.rubiconproject.com
1	64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	px.ads.linkedin.com	eus.rubiconproject.com
1	imprammp.taboola.com	vidstat.taboola.com
1	816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	newsbot.unibots.in	cdn.unibotscdn.com
1	fonts.googleapis.com	cdn.taboola.com
1	pixel.quantserve.com	www.bg3.co
1	stats.g.doubleclick.net	cdn.ampproject.org
1	rules.quantcount.com	secure.quantserve.com
1	amp.analytics-debugger.com	cdn.ampproject.org
1	secure.quantserve.com	cdn.adpushup.com
1	d-12224200013711214527.ampproject.net	cdn.ampproject.org
1	gum.criteo.com	cdn.taboola.com
1	fundingchoicesmessages.google.com	cdn.adpushup.com
1	www.bg3.co
0	am-wf.taboola.com Failed	vidstat.taboola.com
0	static.bg3.co Failed	www.bg3.co
339	84

This site contains links to these domains. Also see Links.

Domain
unibots.in
app.goldentree.ch
popup.taboola.com
trc.taboola.com
intouch.wunderweib.de
shefence-citional.com
www.spick.ch
33c39g.jrfnzkkq.com

Subject Issuer	Validity	Valid
*.bg3.co AlphaSSL CA - SHA256 - G4	`2023-05-22` - `2024-06-22`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
cdn.unibotscdn.com R3	`2023-07-18` - `2023-10-16`	3 months	crt.sh
cdn.adpushup.com R3	`2023-06-14` - `2023-09-12`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
*.adpushup.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-02` - `2023-09-02`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
analytics-debugger.com GTS CA 1P5	`2023-07-18` - `2023-10-16`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-18` - `2024-04-17`	a year	crt.sh
*.aralego.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
quantserve.com R3	`2023-08-12` - `2023-11-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.logs.datadoghq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2024-03-22`	a year	crt.sh
cricket.unibots.in R3	`2023-06-22` - `2023-09-20`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-04-04` - `2023-09-27`	6 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-08-07` - `2023-10-30`	3 months	crt.sh
stream.unibotscdn.com R3	`2023-08-06` - `2023-11-04`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-21`	3 months	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2022-09-29` - `2023-10-30`	a year	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-29`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-08` - `2023-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh

This page contains 32 frames:

Primary Page: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Frame ID: 9B71A672397A1632F3CAD6F6903589D8
Requests: 185 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-41503324074158100658&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3453&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=6006261&ga_cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&ga_hid=6261&dt=1692775358833&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&bdt=925&dtd=47&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 5C730E33D51E1C20B95ED28A0D105D2B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 14DC9307D604B3D653AF6DE7173E4470
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: E739693F64815CDE057A24934F1A563D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 8A37F2808D4B5EC153FE4FD44CE060BB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: E975AE7884718E5AC33AFCE0F830CF62
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B2A105B726117FED3922463017F1BD85
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B380B48FEE6EA711799EBEE6224EE1F9
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230821/r20190131/zrt_lookup.html
Frame ID: 6319FE4AB3D23FEC6E7D79964597CF75
Requests: 1 HTTP requests in this frame

Frame: https://816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: C1124A710503F5CF13E3C7C4F2C88B3F
Requests: 1 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=undefined&cb=1692775359756&uv=3323&tms=1692775359756&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5c4d9ce5-ceca-4c46-a62a-40bdf197d258&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 7276994255805759D9812E24664A05A3
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E8EC31D5BE967925EF219CB5651EC8CE
Requests: 3 HTTP requests in this frame

Frame: https://64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 98E1590598417E1F124E9563EF2ABA27
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 2975DDEE92C484D5E02861E001964775
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 81A4D10901C8578ACEEBD878FA3E8423
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9713246A72F8EDC9581634DC2099D508
Requests: 2 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 68167C9CCADB187CCCD74D486AD0FB16
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788
Frame ID: CE6CA0FD1FDC5D8B6EC6318A950CACA2
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743
Frame ID: 1EE8DB6AF83E1D2810781F834718E044
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A52DA040271A17997D38D7DD626F5778
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4600F5F445BD0B76E30E5789ACE1A8A7
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: C07C2F21C89E02901757F16DB8DB7233
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 65C3A4E7F8D52EDFB0315289069D0F29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 21C5504C0A909DF34D9A9E71ADD1BABE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FF16A4CDFE34E4B1DB0EB6DB5268A0C6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4DFE1DDC841FA42859EE030AEEDD3CD5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Frame ID: 43F9F497061A6A720BC29CAC5CF8ED9B
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D21A517C5685F55FE3BA6044B4D54DC6
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOWzwAAEe5YFkVwSAAG2o1ye-ULwHfwtrqo-pQ&u=%7CKrteKp%2BXdryi0j8RJJA4agH9a5SsztFdF8q2ZR96LWo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnol7GiUxlLS8tf9JPGjrQOr3K3eUcmP-glNnKhpSQPrcDsDwH_gNVfxVH02sEyKK7wPs4bP3RwRIeTcGsqo-4ssuliUcUjGt36pIuIBTp-IlRJFc1bjMn0mWzhzY9euW7ERAeAe_gYNV_jhX9B2dZvlRlj_KW32F0Yze0taU_tO3Va1lfawz4a6nxkt9raU0z2pVbd5ihoFfWJsSlgX3o0oEf6kXrQsYbTJRumiGJqogCuC7X67Lsg5yB-FPw_rgJVToZkutffGd_3NRod8BKEvvhSvTCVrU-VFwHkLJ5Sx0oUIXTXJiqzWC-x46_q3kCN5MO0Hwu6hMBuJaw4NLja85jEpZqOr8Qy09d3FGBSf7h3crvODY30pIzgE5jyWKT_SLk8W8kvaY6WzZ1JSiRRnEMim-egRvX245OP_mxtqUhihgGInPCVZMlW8s_UpKdhECrYYL2AM3_aDpBuYqK5EVIrrZa54TnTSr4VAJC7xyyCi004EtrY6UcIl6PJgFgPBWxFrI80oPXlmFXn8n_SNDyPHYj8cdVyRqiNNasy9blfOTnVhHKVXirxBnV1VGgcH3CbeVeGZJDfVBNNrGhz2SctznNEwF1lX8Z89CtRc1KSMKu5G81x9Ew2iBhREkL_nLS24Yx6XqnZbm3NlProW7WaGa4O2Tg6Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChWt7wLPlZJb3EZK4xdwPo-2GoAnJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCyyOjc8xsj6oAwHIAwKqBIoCT9CJRVeWl2Poy2WVOoVI8iK-mS5WB12F56mxNRlGx_VPC0B5r5Qj-uhwIg-8odRcwQqbqtjUS0rUewOMZKF0QzScy00xj2UJOySNWM1cnrVaR4oLOvQdUl6d-8_uk86YXSGO4bN-BmveubReIAzVYXUnBLQh57X9K706XISvU8TbzEYBw9Eu95J8WYyM-IW613srURtDVDU_RUQGBIbBbxMxjLvubGpUZXsrjluofMbFntUzmk6pPvMnEiyZvCXCGEhplSRYNCvmgbmkNd3iSCcMoA-qUVSMsl2BT2ZTuEiG8BgzvZlBuE4ZjXpgv5xmj60Yh5Ya6MM7h3p3wrtxJfLdtjhC0HmRIgGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2683voMMxpBJADz2yNAm6Y4oyLUA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 863E5FC86345A36A5DEAE7559D1F3F38
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D5CCA6015AB547C0A8A79283B5B1960C
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOWzwAAEig0KspbHAA74InACMqqED4lnVHXfWQ&u=%7CKrteKp%2BXdrxqpKjDGQJ15jycfYoYI7s9LgkjAcXsWko%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgsEYLRTC0XW27L2_tjl6erqA_RpXvp0RC7XZ7_cIKQqepYZXd-bwIUf27pCTvsPNVT3L8a0xmJh0sf_yqhRXIbw7ywxw55bKJ_saTbjlkSUNwwcXOL3m1QIBqSZc3ySDaDWP_vxyEyGY93zyGJQ6pRUR_T9s7-v6sYO4rJib_RIHc9yEPXYx_QYoko3ORMIMwy11TTx-vfOfaw8Lvs28xHJFMUHC6ZO_Ma2nGwVhDHNc3dfBnTPF_rW-Ck9eW3rJt3dJt1FQXHWM3roHWNlF51UORTcZeMK_HgTkSLCM3OVOHe9bBavsbPt8rn1w7VgIJu7sxtxfRuO8Qt_40PAaEjP0EZIFP_pGRClXsLDVc9rJDRbucJLaRxj1KTEbwqPaCaBzBvW9BTs4wpp4MBIAzxHqF7zJ7QFY8iNmIxgAESc2BXM2dd2umdjeyK6vaabX5C-Vs3xZLW0An_F5fsA-KLFwQmv6xB6hMHAW1b3Qu3W8b-y_n89iSy9XMsXvzIG0NagjNI_43vaMShNIfkt7JWBqOoamY8jbKha2Ec8nAVvYznQIUAh4UBusJ6mrG6U1E-Kk245NmFuTUyHdpJSsyCDqZWNI0zd2ijIAFBxYYzFjJlV-nTrR5J1Df0_bnYPHGWQe9H-eJAy5TqtC5MVEUopgIFixVqYHriuSO1QFa9-MTmEUAeR275gjnN9dCPEl1heQVLT2pos8abf4QuXhYa_JxEqf8hZWtbYfjipoB29B-vdkpOWOr0A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypuwwLPlZI2UEsetygWi8LuYBcme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQL8am_kHjeyPqgDAcgDAqoEkAJP0LNCtlj3V7r-XGvQiDFrac838bVJKkwdD2fjy4m850GuzcUavx5nLUjG6Eb5pQP68lKEEZ3BGUz00d2XB64WDrkDXGitXEVH2AH3hE1pmBHBkgOtSQ65B1NwJFq74XVBbGLH0AZ4tEmzINXlmWtktyqMzOdC_GTnZEVT619MbcrtnzVYU_eOjyBhxdJpui06Wefo07eixgKR288aQe64nJEcpqwC-mgn6uQgL4_I2776Vu3ro5U07bERzF3WvYsS_EzjNvRAjU7Yk6k92duMIjFiuqABu8VTGQb5oSPvZpMBoZY5wVpsMrS3t9L3QPAWgQP25gnUGgWaTyc7RiNHCVLYkBeHZex8imfSuPWwpYAGx5rz14v5zflroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QFYhMMaBxpDWv-RySjIR0mQhOnA%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: A274FAF89FBB90030C10C89BCB4ED6AC
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D75327DBEFE5E96FD503B1BBFB1FC597
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

世足賽／德國6比1血洗對手　主將羅伊斯疑似韌帶撕裂 - 天天要聞

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Lightbox (JavaScript Libraries) Expand

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

339
Requests

83 %
HTTPS

55 %
IPv6

44
Domains

84
Subdomains

63
IPs

9
Countries

7714 kB
Transfer

16537 kB
Size

34
Cookies

23 Outgoing links

These are links going to different origins than the main page.

URL: https://unibots.in/

Search URL Search Domain Scan URL

URL: https://app.goldentree.ch/abt/ageless-ob4-d2
Title: goldentree.ch

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ri=3ce83a2a2e9e90aa45e4bfe7e98dc1c5&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&it=text&ii=~~V1~~-4477276453818789372~~rF0ccgpOvUb11LaTX89vzulsqbii6_UA5xZjLVArrX3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnIP805H1lX0ITTMiW6tZ2X0xe3X0zySBCNyRj-fjpzpfYTKpFTNxeVQqQUp2NJ732TS8Maux2jWC1gRU3nx5A7rEVxuOWKWhrQzvXHgQEr6voYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=6284d09ee1e1bc65c2ca7583cc0f12946bab9d528ee3&redir=https%3A%2F%2Fapp.goldentree.ch%2Fabt%2Fageless-ob4-d2%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B26129819%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ACH%7CProduct%3AAGELESS%7CNote%3ADuplicate%7CDate%3A07.07.2023%7CCampaignID%3A3580%7CAgent%3AJan%7CDevice%3Adesktop%7CAbTestSlug%3Aageless-ob4-d2%26native_term%3DProduct%3AAGELESS%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Aageless-ob4-d2%26refferalid%3D001%26tblci%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCEtl8o3KHS6aO-vqt3%23tblciGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCEtl8o3KHS6aO-vqt3&vi=1692775358423&p=tdg-popolnapostavadoo1732ch-ageless&r=28&lti=deflated&ppb=CEk&cpb=EhMyMDIzMDgyMC0yNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyODU4gNSpgAtAstANSLeIEFCa0toDWP___________wFjCNA3EI1TGDBkYwiiNRDiRhgyZGMI3f__________ARDd__________8BGCNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCPf__________wEQ9___________ARgJZGMIr0cQpF4YC2RjCP9GEO9dGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBkcCYiqIx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://intouch.wunderweib.de/michelle-hunziker-von-frueher-bis-heute-so-sehr-hat-sie-sich-veraendert-113494.html
Title: InTouch

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-a-delta:Below%20Article%20Feed%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://shefence-citional.com/c351a234-e6d9-4bf6-800c-f99fb09a6b14
Title: Prostata Gesundheit

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ri=81b81c21aa6c204cb4eff88de5890fb4&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&it=text&ii=~~V1~~-4205927011247198552~~0PgD44qjBh8eeCfvVYweTgah4iC_j0_My-q-M_Ps2KfpZyC7dGVdvKnSHsaHrNsF-Y2IhWVu1ibosfesvzy87QVdMBBiO11joNbzOz9WmBdq3CDDcRI8YCLOvx3k72W8335JyUpoDQWuuLi1-DNuChNbdHOI8oYUmDUxSjFY2gU&pt=text&li=rbox-t2v&sig=4b8efb7e3d0bdcf4e8a7f340feb51cf21ad491e86d29&redir=https%3A%2F%2Fshefence-citional.com%2Fc351a234-e6d9-4bf6-800c-f99fb09a6b14%3Futm_source%3Dtb%26utm_campaign%3Ddach_dkV0423%26utm_term%3Dpalmate-bg3co%26utm_content%3D3681578938%26t%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySDHwlgo9ZfzhO344f0o%26dt%3Dtb%26tblci%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySDHwlgo9ZfzhO344f0o%23tblciGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySDHwlgo9ZfzhO344f0o&vi=1692775358423&p=2mmedia-prosta-sc&r=83&lti=deflated&ppb=CKEE&cpb=EhMyMDIzMDgyMC0yNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyODU4gNSpgAtAstANSLeIEFCa0toDWP___________wFjCNA3EI1TGDBkYwiiNRDiRhgyZGMI3f__________ARDd__________8BGCNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCPf__________wEQ9___________ARgJZGMIr0cQpF4YC2RjCP9GEO9dGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBkcCYiqIx&cta=true
Title: Angebot einholen

Search URL Search Domain Scan URL

URL: https://www.spick.ch/eltern/blog/in-zukunft-mit-lesefreude/
Title: SPICK

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-delta:Below%20Article%20Feed%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://33c39g.jrfnzkkq.com/
Title: Elektroauto Für Senioren

Search URL Search Domain Scan URL

URL: https://app.goldentree.ch/abt/bloom-p2-ob
Title: goldentree.ch

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ri=1cd8ecc36ab977dab0fbd800e49c4a42&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&it=text&ii=~~V1~~-8594608278836826445~~TJPrTlw0YDhOATcNAmMsOIOlly1CNWhBxJ3MEOV7-9ByNpbgedRdYuhjTdtdbeHkc727pjYrZ0dbCVZs27M8_2XIWpPDU316JMgWfYQgyz9z-SJ81Xj6iaGhKGmiGribRdbgwlJdnqyroTPEQNNEn-ZjJ_akNztDyaOSNr7hF5Y&pt=text&li=rbox-t2v&sig=53ea6f0a3fef6ac406da972cccf8ea248ff70279e894&redir=https%3A%2F%2Fapp.goldentree.ch%2Fabt%2Fbloom-p2-ob%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B26022258%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ACH%7CProduct%3ABLOOM%7CNote%3AOBW%7CDate%3A30.06.2023%7CCampaignID%3A3429%7CAgent%3AJan%7CDevice%3Adesktop%7CAbTestSlug%3Abloom-p2-ob%26native_term%3DProduct%3ABLOOM%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Abloom-p2-ob%26refferalid%3D001%26tblci%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCFtl8ouOzy67DO1udE%23tblciGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCFtl8ouOzy67DO1udE&vi=1692775358423&p=tdg-popolnapostavadoo1732ch-bloom&r=10&lti=deflated&ppb=CMQB&cpb=EhMyMDIzMDgyMC0yNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyODU4gNSpgAtAstANSLeIEFCa0toDWP___________wFjCNA3EI1TGDBkYwiiNRDiRhgyZGMI3f__________ARDd__________8BGCNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCPf__________wEQ9___________ARgJZGMIr0cQpF4YC2RjCP9GEO9dGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBkcCYiqIx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ri=82ad3f36dd27bb2b71abeba3ad083a0b&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&it=text&ii=~~V1~~-4477276453818789372~~1xc-V75cbnKcvha1wucrselsqbii6_UA5xZjLVArrX3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnnSHyY-WAsIwhpldKucq5Ckxe3X0zySBCNyRj-fjpzpfYTKpFTNxeVQqQUp2NJ732TS8Maux2jWC1gRU3nx5A7rEVxuOWKWhrQzvXHgQEr6voYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=2278d91def579a4281ffc0e1a88457a5f810f7d7efa8&redir=https%3A%2F%2Fapp.goldentree.ch%2Fabt%2Fageless-ob4-d2%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B26129819%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ACH%7CProduct%3AAGELESS%7CNote%3ADuplicate%7CDate%3A07.07.2023%7CCampaignID%3A3580%7CAgent%3AJan%7CDevice%3Adesktop%7CAbTestSlug%3Aageless-ob4-d2%26native_term%3DProduct%3AAGELESS%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Aageless-ob4-d2%26refferalid%3D001%26tblci%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCEtl8o9sqL-aLpmbfPAQ%23tblciGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCEtl8o9sqL-aLpmbfPAQ&vi=1692775358423&p=tdg-popolnapostavadoo1732ch-ageless&r=6&lti=deflated&ppb=CKcB&cpb=EhMyMDIzMDgyMC0yNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyODU4gNSpgAtAstANSLeIEFCa0toDWP___________wFjCNA3EI1TGDBkYwiiNRDiRhgyZGMI3f__________ARDd__________8BGCNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCPf__________wEQ9___________ARgJZGMIr0cQpF4YC2RjCP9GEO9dGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBkcCYiqIx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ri=4b21e9c934a1d48921dac3ae6a452258&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&it=text&ii=~~V1~~-4205927011247198552~~0PgD44qjBh8eeCfvVYweTgah4iC_j0_My-q-M_Ps2KfpZyC7dGVdvKnSHsaHrNsFF740R-Wa0HcPdsmWfFCHpgVdMBBiO11joNbzOz9WmBdq3CDDcRI8YCLOvx3k72W8335JyUpoDQWuuLi1-DNuChNbdHOI8oYUmDUxSjFY2gU&pt=text&li=rbox-t2v&sig=d958b4a574c9a2b00194bf0e4c6a3d0786667c6a3235&redir=https%3A%2F%2Fshefence-citional.com%2Fc351a234-e6d9-4bf6-800c-f99fb09a6b14%3Futm_source%3Dtb%26utm_campaign%3Ddach_dkV0423%26utm_term%3Dpalmate-bg3co%26utm_content%3D3681578938%26t%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySDHwlgot6nc38vWle2RAQ%26dt%3Dtb%26tblci%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySDHwlgot6nc38vWle2RAQ%23tblciGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySDHwlgot6nc38vWle2RAQ&vi=1692775358423&p=2mmedia-prosta-sc&r=38&lti=deflated&ppb=COMG&cpb=EhMyMDIzMDgyMC0yNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyODU4gNSpgAtAstANSLeIEFCa0toDWP___________wFjCNA3EI1TGDBkYwiiNRDiRhgyZGMI3f__________ARDd__________8BGCNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCPf__________wEQ9___________ARgJZGMIr0cQpF4YC2RjCP9GEO9dGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBkcCYiqIx&cta=true
Title: Angebot einholen

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=next-up-a:Next%20Up:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/zh-TW/?template=colorbox&utm_source=palmate-bg3co&utm_medium=referral&utm_content=thumbnails-vignette-la-delta:taboola-vignette:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://trc.taboola.com/palmate-bg3co/log/3/click?pi=%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ri=ea7e618b13de991b23bdb294955e1f46&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&it=text&ii=~~V1~~-4477276453818789372~~9aYjcFZvkNZdK4-7SKuLselsqbii6_UA5xZjLVArrX3noZueAsnM0UTkqRiz-o8uuKa2_rupL9I0kvx1XVufut2qKIJrSNJ_InWKPTfYcgzi8Q9xrwCRV91TiD30JiLnN46e0yWhAjAgMYkTMr2wN0xe3X0zySBCNyRj-fjpzpfYTKpFTNxeVQqQUp2NJ732TS8Maux2jWC1gRU3nx5A7mTz7RJrna_FhEtrqIV2thboYD60qVYzKB_9uZqcHlwH&pt=text&li=rbox-t2v&sig=5edad141ac34a81dbe5b435653558e8d4274f95c93b9&redir=https%3A%2F%2Fapp.goldentree.ch%2Fabt%2Fageless-ob4-d2%3Futm_source%3Dtaboola%26utm_medium%3D%7B%7Bpublisher_id%7D%7D%26utm_campaign%3D%7B26129819%7D%26utm_content%3D%7B%7Bad_id%7D%7D%26utm_term%3D%7B%7Bsection_id%7D%7D%26native_campaign%3DCountry%3ACH%7CProduct%3AAGELESS%7CNote%3ADuplicate%7CDate%3A07.07.2023%7CCampaignID%3A3580%7CAgent%3AJan%7CDevice%3Adesktop%7CAbTestSlug%3Aageless-ob4-d2%26native_term%3DProduct%3AAGELESS%7CAd_Type%3Aad%7CAd_Note%3Aad_note%7CCreativeID%3A0%7CMasterCreativeID%3A0%7CAbTestSlug%3Aageless-ob4-d2%26refferalid%3D001%26tblci%3DGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCEtl8oxtTLnu2jha8p%23tblciGiA8rvO5rumCBXOXlX2uhFJyFrSTBRfQqGQANjzp6pZyySCEtl8oxtTLnu2jha8p&vi=1692775358423&p=tdg-popolnapostavadoo1732ch-ageless&r=31&lti=deflated&ppb=CNkH&cpb=EhMyMDIzMDgyMC0yNi1SRUxFQVNFGAEgnP__________ASoWdGFib29sYXN5bmRpY2F0aW9uLmNvbTIIdHJjMDAyODU4gNSpgAtAstANSLeIEFCa0toDWP___________wFjCNA3EI1TGDBkYwiiNRDiRhgyZGMI3f__________ARDd__________8BGCNkYwjSAxDgBhgIZGMIlhQQoBwYGGRjCPf__________wEQ9___________ARgJZGMIr0cQpF4YC2RjCP9GEO9dGB1kYwj0FBCeHRgfZGMIpCcQijUYL2R4AYABAogByYKMSZABHJgBkcCYiqIx&cta=true
Title: Mehr erfahren

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://ads.aralego.com/sdk HTTP 301
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

Request Chain 83

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 86

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
https://eus.rubiconproject.com/usync.html?p=adiiix

Request Chain 149

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLNEQQTL-D-CHB1 HTTP 302
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLNEQQTL-D-CHB1

Request Chain 163

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LY6Qutz4Q4uVb6w_dUSOBA&rk=usync-other HTTP 302
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LY6Qutz4Q4uVb6w_dUSOBA

Request Chain 165

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTViZmE4OTVmMjhhMzcwODkzZjE1ZTM4NTdiYjk1ZWFmY2VmYzI4ZA

Request Chain 166

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENhgMnyfgMjJVhDYNJ0yvwo&google_cver=1

Request Chain 167

https://token.rubiconproject.com/token?pid=36584 HTTP 302
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLNEQQTL-D-CHB1

Request Chain 168

https://token.rubiconproject.com/token?pid=25470 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExORVFRVEwtRC1DSEIx HTTP 302
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDBJLxehsPT8_P5w7RhQvPo&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=

Request Chain 169

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uUAvGEdtTwWxUM3a0PL9dw&rk=usync-na HTTP 302
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uUAvGEdtTwWxUM3a0PL9dw

Request Chain 170

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/o4u5PLWfxafBB8kRFgqLeQ?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tmFoD6RE2oLR3Wik.Ff0Bzs89klkYaeUQkQgfA--~A

Request Chain 257

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELdgLVVMNgNEXtZKMOTzAuY&google_cver=1&google_push=AXcoOmR2PZC7WX8c4Sj7jnBy9t4Y5S8RzPE8nOx4Qz-pj2kWb23HREhBbeHLi6yXFWijFLbYUJoL4ZVAyIsbQdTOGMune0H6RpVo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU3ODc5MDE3NTIyNjQyNDkxMw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELdgLVVMNgNEXtZKMOTzAuY&google_cver=1

Request Chain 259

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIrmxOVElP13uoYk23fkevI&google_cver=1&google_push=AXcoOmTPUBUvPVZMAoyk_a8wKsq_q8F13_zMmiuIqR6fVmvtPGgCRjRDXOHyYkysetAjJIuseoVZKJGiMWUgqcEOwtACsCIqX-55 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDQxNDgxNDk3MjgwMzIyNA%3D%3D&google_push=AXcoOmTPUBUvPVZMAoyk_a8wKsq_q8F13_zMmiuIqR6fVmvtPGgCRjRDXOHyYkysetAjJIuseoVZKJGiMWUgqcEOwtACsCIqX-55

Request Chain 260

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEODApywSeBpqyaFxqz64lfQ&google_cver=1&google_push=AXcoOmSUv8Kqv3Bwd9z-CPN_qfKCmKnKLPkwC4JliEuyoNpH1BvCm_BL77SQjKPMOxP2_8QHRCejaTrqFWz6N_6m2K0HA50jbLlv HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSUv8Kqv3Bwd9z-CPN_qfKCmKnKLPkwC4JliEuyoNpH1BvCm_BL77SQjKPMOxP2_8QHRCejaTrqFWz6N_6m2K0HA50jbLlv&google_hm=eS13U3kyS2c5RTJwRVNyQzg2TER0aTM1UnZNZVhBMUZxZn5B

Request Chain 261

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP2eVD1CVuomdduQp8s5vtI&google_cver=1&google_push=AXcoOmSPOiaD4ynyvOCEGGz-57ZUCguw2rsZZgv25k9EMi7Z9y8B8GIPS-LXuxQxQ5w7nsdaKDVAu8PZ6fnEP_SEUlPddjfJrN8 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEP2eVD1CVuomdduQp8s5vtI&google_cver=1&google_push=AXcoOmSPOiaD4ynyvOCEGGz-57ZUCguw2rsZZgv25k9EMi7Z9y8B8GIPS-LXuxQxQ5w7nsdaKDVAu8PZ6fnEP_SEUlPddjfJrN8&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeIutmK4Tp2EiMl0lETM4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSPOiaD4ynyvOCEGGz-57ZUCguw2rsZZgv25k9EMi7Z9y8B8GIPS-LXuxQxQ5w7nsdaKDVAu8PZ6fnEP_SEUlPddjfJrN8

Request Chain 262

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDBJLxehsPT8_P5w7RhQvPo&google_cver=1&google_push=AXcoOmTaOLn19aRCdR_FDB8HHtLrQvBsO_bNvOua2utzlxkqp--Y0cqu39sYd6C6PpwK2_nzRnCckVfS3MXzJr6dmKV5B-a_bda6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=AXcoOmTaOLn19aRCdR_FDB8HHtLrQvBsO_bNvOua2utzlxkqp--Y0cqu39sYd6C6PpwK2_nzRnCckVfS3MXzJr6dmKV5B-a_bda6

Request Chain 263

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBiWAj2zYfA8xyBsj98yhAc&google_cver=1&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIwpfxvKRECONa HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBiWAj2zYfA8xyBsj98yhAc&google_cver=1&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIwpfxvKRECONa&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIwpfxvKRECONa&google_hm=HMp6uGZHdy9vNeP0QdGwm0yA

Request Chain 265

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBlT8u9W07qO0UlnfRX_z7E&google_cver=1&google_push=AXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBlT8u9W07qO0UlnfRX_z7E&google_cver=1&google_push=AXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 266

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHI8mjy70kI4cJVCY4EN1_w&c_param1=AXcoOmRkUcDOH2v0rQqPZKRau88dwOKMPbeT98WXzV9Xh3GOBUXuhzwPPM82p0vCC9MrnN0TP9-V_vd8rb7IE3dB2kDpjNPEUPjI&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRkUcDOH2v0rQqPZKRau88dwOKMPbeT98WXzV9Xh3GOBUXuhzwPPM82p0vCC9MrnN0TP9-V_vd8rb7IE3dB2kDpjNPEUPjI

Request Chain 267

https://cs.media.net/cksync?type=g&google_gid=CAESEEQzknnjvWQqx5yKXRmuauE&google_cver=1&google_push=AXcoOmQBa9fU1O8ROrhtFOB5nxCYvWe9heUuC1EpxaC3Vp_E3uDgM0bz4UDtzKr8Np4GM01ca6prpo1WkoA8J8CjdG_NQeaohzxs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&mn_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQBa9fU1O8ROrhtFOB5nxCYvWe9heUuC1EpxaC3Vp_E3uDgM0bz4UDtzKr8Np4GM01ca6prpo1WkoA8J8CjdG_NQeaohzxs&gdpr=&gdpr_consent=

Request Chain 268

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKlpkpLlJ1XNxPs24MTbfgE&google_cver=1&google_push=AXcoOmR7Rroa47b3ZUYhbiBvCedRhV7NFxg1f4TBXMfxzGqPIalhVsNlcpdgaNyaPks8qrmq436FzqTYbbLQpmEM2n-FU9qMEzw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR7Rroa47b3ZUYhbiBvCedRhV7NFxg1f4TBXMfxzGqPIalhVsNlcpdgaNyaPks8qrmq436FzqTYbbLQpmEM2n-FU9qMEzw&google_hm=NTA2NTM2Mzg1Njc3NTkwMzk3Ng%3D%3D

Request Chain 270

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJw5q5YNyz6LXeQFc6y94EE&google_cver=1&google_push=AXcoOmRZkm2xVlEUQhYbXf1_GE7k3VJo3UGVTYT6mWvdpZuKMSB2rY9-bzKe-ScT1cRN4W0D0TFu2nYOLrD2oTYZ32Km5GzG2cIy HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZkm2xVlEUQhYbXf1_GE7k3VJo3UGVTYT6mWvdpZuKMSB2rY9-bzKe-ScT1cRN4W0D0TFu2nYOLrD2oTYZ32Km5GzG2cIy HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 271

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJa6DmYnERvKaf_Hfi_Yqq0&google_cver=1&google_push=AXcoOmSKdmrYcletvGWTX-cGBMp14S_AadDQMrTq0aZFqUsNeTwgbOci-xloudu0aW9l8apYZCWNxjTkABsUu3sJCJOVhp7a-dyD1Q HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJa6DmYnERvKaf_Hfi_Yqq0&google_cver=1&google_push=AXcoOmSKdmrYcletvGWTX-cGBMp14S_AadDQMrTq0aZFqUsNeTwgbOci-xloudu0aW9l8apYZCWNxjTkABsUu3sJCJOVhp7a-dyD1Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7750f65-8e2f-4e67-955f-ac7671957e17&%%GOOGLE_PUSH_PAIR%%

339 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html Show response
www.bg3.co/a/ 59 KB
18 KB 2409ms
1232ms Document
text/html 103.231.174.251
XLC-AS-AP XLC GLOBAL

General

Check archive.org

Show headers Download Go to

Full URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 9fd00e2fb88916b59344b80f538257f35489939eaaad4e152d405c16e69e1859

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

cache-control: max-age=900
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Wed, 23 Aug 2023 07:22:37 GMT
etag: "ed4d-5+pT4/L67WkR2l8kDQt3gaG/3pA"
expires: Wed, 23 Aug 2023 07:37:37 GMT
server: nginx/1.18.0 (Ubuntu)
vary: Accept-Encoding

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 91ms
42ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

414b99d0b12ace50c7f9564dc1312dc8dd402eee7f4e21a09c8eb985bae52e80

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 07:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72910
x-xss-protection: 0
server: sffe
etag: "2a2204830152c287"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Aug 2023 07:22:37 GMT

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
10 KB 86ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

785ab3f607af910860161420126772503e70521c4c4f1f9991bf02d458b025a1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 07:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9642
x-xss-protection: 0
server: sffe
etag: "70a38e2739f7f331"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Aug 2023 07:22:37 GMT

GET
H2 200 amp-auto-ads-0.1.js Show response
cdn.ampproject.org/v0/ 24 KB
8 KB 57ms
29ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5b3054cad42c9d6b8c8e8dfb7e976141618f7d080f4820371e089255e41a6be8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 23 Aug 2023 07:22:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7559
x-xss-protection: 0
server: sffe
etag: "a03a85f96803d825"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 23 Aug 2023 07:22:37 GMT

GET
H2

200

sdk Show response
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain

https://ads.aralego.com/sdk
https://cdn.aralego.net/ucfad/sdk/us-east/sdk

39 KB
40 KB

98ms
43ms

Script
application/octet-stream

2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2433
alt-svc: h3=":443"; ma=86400
content-length: 40181
last-modified: Tue, 20 Jun 2023 03:04:26 GMT
server: cloudflare
etag: "6491173a-9cf5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fTck6c254UnVSG419R56dj%2FLLklTHXA2eFfhYXhp90EJ5%2FJKfXburp3Fs3jpokny7svEPGaNMoSSnvuq35TltJqQirScNLfV3DUkjETWvVp0clQCAkaSbFLlYY7Cip26%2ByJ6G54TRQhnT8ixkA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=14400
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7fb19b069903bac7-MXP

Redirect headers

location: https://cdn.aralego.net/ucfad/sdk/us-east/sdk
connection: close
content-length: 0

GET
H2 200 player.js Show response
cdn.unibotscdn.com/ubplayer/ 238 KB
91 KB 107ms
27ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/player.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: e07064914221a3992d6f0014dd422e4fa8fdbe36456c57a3476ba6945b9dc59e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 1049
cdn-storageserver: DE-679
cdn-cachedat: 08/17/2023 09:53:00
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 09:43:00 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 645
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64ddeba4-3b688"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 54016f4f0ab70230f887dab3b2334135
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 adRecover.js Show response
delivery.adrecover.com/43519/ 37 KB
10 KB 237ms
143ms Script
application/javascript 2a02:26f0:480:f::213:7ed4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://delivery.adrecover.com/43519/adRecover.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:38 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Wed, 23 Aug 2023 07:00:25 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: CH
content-length: 10017
expires: Wed, 23 Aug 2023 08:22:38 GMT

GET
H2 200 adpushup.js Show response
cdn.adpushup.com/42753/ 657 KB
138 KB 120ms
45ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/adpushup.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6f2ca1c4adeaab0bab03c9e683666c697f34966f350baa0986ac9197a08b30f3

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:38 GMT
x-ap-device: DESKTOP
content-encoding: br
last-modified: Wed, 23 Aug 2023 01:49:06 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
x-ap-geo: DE
server-timing: cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1692775357969_34831774_86661376_2235_1126_20_44_146";dur=1
content-length: 141170
expires: Wed, 23 Aug 2023 08:22:38 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/palmate-bg3co/ 448 KB
52 KB 188ms
146ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 940b3bb9ac2687e521b2b71ece2bfeb1f029d4ff8e8e47caa532bf47d50a6df2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: QtlJbQi0u0LDxgP6HT2H_CVtFro5o.ua
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:38 GMT
x-amz-request-id: MRF1172Z62V7KNJ7
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-from-cache: 1
x-envoy-upstream-service-time: 9
x-amz-replication-status: FAILED
content-length: 52331
x-amz-id-2: XdZm9oMVgNUSEJhmazlVEFfmn19a0ksTF4zI3qs7Hpg6dtkck07sg4syE74lDFNzXdM3qr4b8RA=
x-served-by: cache-mxp6950-MXP
last-modified: Wed, 23 Aug 2023 07:22:38 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775358.984763,VS0,VE118
etag: "b4bc3d9a9cad97a7e43428f440256c55a17c864b"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 28
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 0

GET 079c6b671a736358631ebde224937e48.jpg
static.bg3.co/imgs/202105/ 0
0

GET 4b45e6d074537ae4317bda5357433efc.jpg
static.bg3.co/imgs/202106/ 0
0

GET d4a82314d0898dd3613a6810b7e5c8a2.jpg
static.bg3.co/imgs/202106/ 0
0

GET b02ba158580ca9e03b59f5163da513fa.jpg
static.bg3.co/imgs/202105/ 0
0

GET 821bd42cd699880b2d7e7522c9d9d2d1.jpg
static.bg3.co/imgs/202106/ 0
0

GET 64228949fba6de575eda3b29777e1b96.jpg
static.bg3.co/imgs/202106/ 0
0

GET 98d7babbb1b9d7b57363517fd4ef472a.jpg
static.bg3.co/imgs/202105/ 0
0

GET 6fb06f4c63f30f7006a8c292000153fd.jpg
static.bg3.co/imgs/202105/ 0
0

GET 7ffdf9afbd43d8a03e12a0226176208c.jpg
static.bg3.co/imgs/202105/ 0
0

GET 790f3e2a9cfeb14de8e3dfd9e7fc0bc7.jpg
static.bg3.co/imgs/202107/ 0
0

GET ca0e6bda73936a8e518bbecc16086de5.gif
static.bg3.co/imgs/202107/ 0
0

GET 60dd7f760bd6da99d659d521469318bc.jpg
static.bg3.co/imgs/202204/ 0
0

GET f8416d7428d7ab4f74d7d005f4c120f5.jpg
static.bg3.co/imgs/202110/ 0
0

GET fabb81cb88c167181085742f920bb8f8.jpg
static.bg3.co/imgs/202106/ 0
0

GET 2229c518fca7cee565fa79b277d53c15.jpg
static.bg3.co/imgs/202105/ 0
0

GET e7cde915fab2b250e1b2fa4842402396.jpg
static.bg3.co/imgs/202105/ 0
0

GET d8eb3247a05d2ee48364b8e13c46e71c.jpg
static.bg3.co/imgs/202106/ 0
0

GET 938e549715b6d0ce5007e1899ab49960.jpg
static.bg3.co/imgs/202106/ 0
0

GET c658ed87468952487a8a61cea0c38128.gif
static.bg3.co/imgs/202106/ 0
0

GET e5bdab3ce26efeb300997ee081f2a0f4.jpg
static.bg3.co/imgs/202105/ 0
0

GET c031626c3507c0a1d2b94b3821f7fe4b.jpg
static.bg3.co/imgs/202105/ 0
0

GET 5f5e5d309aec4c5bed8e4cd3d42dbb86.jpg
static.bg3.co/imgs/202107/ 0
0

GET 86ea5f925763ada0a19214a587990a72.jpg
static.bg3.co/imgs/202105/ 0
0

GET ecbf36f620fa2b68ebda7d80912da6e3.jpg
static.bg3.co/imgs/202106/ 0
0

GET f804151b4d8770025a6cf3b8d0234b4b.gif
static.bg3.co/imgs/202012/ 0
0

GET f150f65a29806c5e3b5e9797e22e259f.jpg
static.bg3.co/imgs/202107/ 0
0

GET 26cd4de26e17d5e09ecef77a1b8d2d5c.jpg
static.bg3.co/imgs/202106/ 0
0

GET 7d73337537ba6571f80dc6d530af7f8a.jpg
static.bg3.co/imgs/202106/ 0
0

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012308112021001/v0/ 8 KB
3 KB 86ms
35ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

050ec4d92c5b1d288dca8a55a237020fd146e01868b332e0b0e9daa490d79868

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:47:34 GMT
age: 52504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2981
x-xss-protection: 0
server: sffe
etag: "e2313e89a5a42311"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:47:34 GMT

GET
H3 200 amp-ad-0.1.js Show response
cdn.ampproject.org/rtv/012308112021001/v0/ 82 KB
23 KB 82ms
31ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c9898e809ba2721b9a31b38b166d74df665f29b60c3641a0040c364ff1ff42d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:47:34 GMT
age: 52504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23196
x-xss-protection: 0
server: sffe
etag: "fe0683e7c09dadfa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:47:34 GMT

GET
H2 200 ama Show response
pagead2.googlesyndication.com/getconfig/ 3 KB
836 B 116ms
61ms Fetch
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e413d42cf9d1c86d8d876262a3aeef70291f39801e2944542677da9ea7b0b5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 488
x-xss-protection: 0

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012308112021001/v0/ 12 KB
4 KB 81ms
30ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61bd61275d0bcb32c94307af4841ef25ed29edd6b3c01928c6d4f3e72023edd1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 19:05:27 GMT
age: 44231
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3937
x-xss-protection: 0
server: sffe
etag: "2b86e8be3366a913"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 19:05:27 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 83ms
24ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: gzip
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
server: nginx
etag: W/"620cd6ff-15d9d"
vary: Accept-Encoding
x-hw: 1692775358.dop013.ml1.t,1692775358.cds210.ml1.hn,1692775358.cds219.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 impl.20230820-26-RELEASE.js Show response
cdn.taboola.com/libtrc/ 798 KB
166 KB 32ms
32ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5c35c3d3358d4c1cdbde4f7c43f52e1f966982c040a56211549c56d9e55ddc5c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: E2m.AdW.owNQadqwZFjHBkBNJyv4cTQO
content-encoding: br
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:38 GMT
x-amz-request-id: 39BSHH9AT85SV5FZ
age: 103
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 169115
x-amz-id-2: iiz5ul9HBySz6SkNVLdmVqUs1Z30hjq9aHqkpKtRkswDZaZH9JlgNz6a6RcAjA9mHmX03tnXHZk=
x-served-by: cache-mxp6950-MXP
last-modified: Sun, 20 Aug 2023 15:17:47 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775358.203626,VS0,VE0
etag: "9fa56f8b6630211e120f2a678a4d6602"
vary: Accept-Encoding
content-type: application/javascript
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 11

GET
H2 200 jquery-2.2.2.min.js Show response
code.jquery.com/ 84 KB
29 KB 31ms
30ms Script
application/javascript 2001:4de0:ac18::1:a:3b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-2.2.2.min.js
Requested by: Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-14e98"
vary: Accept-Encoding
x-hw: 1692775358.dop013.ml1.t,1692775358.cds210.ml1.hn,1692775358.cds027.ml1.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 29880

GET
H3 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/rtv/012308112021001/v0/ 40 KB
10 KB 35ms
24ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/amp-sticky-ad-1.0.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8981d56ad12440e4a887c1eadd162989de82309192f65090e0caeb6a536d0bd6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:47:34 GMT
age: 52504
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10332
x-xss-protection: 0
server: sffe
etag: "357fb2387498ae63"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:47:34 GMT

GET
H3 200 amp-ad-network-adsense-impl-0.1.js Show response
cdn.ampproject.org/rtv/012308112021001/v0/ 213 KB
56 KB 28ms
25ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-network-adsense-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b21494e0b9fbdb189c3d293c079eb568bb7a99a49e7d054e2990ff169624772

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:49:13 GMT
age: 52405
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57632
x-xss-protection: 0
server: sffe
etag: "8aea9812c9790f25"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:49:13 GMT

GET
H2 200 pb.42753.1685716554093.js Show response
cdn.adpushup.com/prebid/ 409 KB
120 KB 121ms
54ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
last-modified: Wed, 19 Jul 2023 17:13:32 GMT
server: nginx/1.18.0
etag: W/"64b819bc-66521"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=22, origin; dur=0, ak_p; desc="1692775358317_34831774_86662371_2229_842_23_0_146";dur=1
content-length: 122286
expires: Thu, 22 Aug 2024 07:22:38 GMT

GET
H2 200 quantcast.js Show response
cdn.adpushup.com/pbuseridscripts/ 450 B
560 B 52ms
32ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
last-modified: Mon, 28 Jun 2021 04:15:23 GMT
server: nginx/1.18.0
etag: W/"60d94cdb-1c2"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="1692775358361_34831774_86662372_33_797_23_44_146";dur=1
content-length: 211
expires: Thu, 22 Aug 2024 07:22:38 GMT

GET
H2 200 linkPreview.js Show response
cdn.adpushup.com/42753/ 75 KB
18 KB 72ms
54ms Script
application/javascript 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/linkPreview.js
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
last-modified: Tue, 13 Dec 2022 07:20:55 GMT
server: nginx/1.18.0
etag: W/"639827d7-12dc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=HIT, edge; dur=25, origin; dur=0, ak_p; desc="1692775358361_34831774_86662373_2533_821_23_0_146";dur=1
content-length: 18371
expires: Wed, 23 Aug 2023 08:22:38 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 99 KB
29 KB 201ms
96ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a0bdc971d688cd8183b45ab519cc1b3e41caf110fff3be4c1d8bd34e51687e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29297
x-xss-protection: 0
server: cafe
etag: 141 / 19592 / 31077271 / config-hash: 11994054189564921139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:38 GMT

GET
H2 200 testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 70 B
309 B 187ms
74ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTI3NzUzNTgzMzAsInBhY2tldElkIjoiMDAwMEE3MDEtZjI4MjQ4MzktMjk3MC00ODA3LTg5OWYtM2I2NGY1MGJjNDE3Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3NoaS16dS1zYWktZGUtZ3VvLTZiaS0xeGllLXhpLWR1aS1zaG91LXpodS1qaWFuZy1sdW8teWktc2kteWktc2ktcmVuLWRhaS1zaS1saWUuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsLCJjb3VudHJ5IjoiREUifQ%3D%3D&c_b=2836.099998474121
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:38 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 70 B
308 B 188ms
75ms Image
image/png 23.97.225.52
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:38 GMT
server: nginx/1.18.0 (Ubuntu)
access-control-allow-methods: GET, POST
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 70
expires: 0

GET
H2 200 AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA= Show response
fundingchoicesmessages.google.com/f/ 19 KB
9 KB 151ms
51ms Script
application/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bee838dec619ff999d7a4f45b7dfd81cdf9353fcb25d0798eb722ec21bb19405

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-CbVz0nNGeS4od9cprSqCzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-security-policy: script-src 'report-sample' 'nonce-CbVz0nNGeS4od9cprSqCzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync Show response
gum.criteo.com/ 46 B
288 B 154ms
31ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:37 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 211216
expires: 60

GET
H2 200 json Show response
trc.taboola.com/palmate-bg3co/trc/3/ 70 KB
18 KB 563ms
562ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=09%3A22%3A38.426&lti=deflated&data=%7B%22id%22%3A131%2C%22ii%22%3A%22%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692610415239%2C%22vi%22%3A1692775358423%2C%22cv%22%3A%2220230820-26-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html%22%2C%22vpi%22%3A%22%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3543%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2008.015625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a97ab4c49417bbd432722b79648b1ea490bf87f0c94e8c686cca379a79b02bc7

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 544
date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 70582
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mxp6950-MXP
x-log-content-encoding: gzip
server: nginx
x-timer: S1692775358.436383,VS0,VE544
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 block.jpg
delivery.adrecover.com/ 631 B
857 B 28ms
27ms Image
image/jpeg 2a02:26f0:480:f::213:7ed4
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://delivery.adrecover.com/block.jpg?ts=1692775358431
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:38 GMT
last-modified: Wed, 23 Jun 2021 06:37:54 GMT
server: nginx/1.18.0
etag: "60d2d6c2-277"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
accept-ranges: bytes
content-length: 631
expires: Wed, 23 Aug 2023 08:22:38 GMT

GET
H3 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/rtv/012308112021001/v0/ 110 KB
31 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56054bf9cf09691ffd386eff93c6e0d6bb37f013169e654ad69452ca46ea04f0

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:47:31 GMT
age: 52507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32117
x-xss-protection: 0
server: sffe
etag: "c248cf79a55331c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:47:31 GMT

GET
H2 200 nameframe.html
d-12224200013711214527.ampproject.net/2308112021001/ 0
0 120ms
29ms Other
text/html 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-12224200013711214527.ampproject.net/2308112021001/nameframe.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 quant.js Show response
secure.quantserve.com/ 22 KB
9 KB 127ms
42ms Script
application/javascript 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: gzip
etag: "sLp6xTjO7svFVaOemhLWUQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Wed, 30 Aug 2023 07:22:38 GMT

GET
H3 200 googleanalytics.json Show response
cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/ 2 KB
886 B 30ms
25ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/googleanalytics.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:47:33 GMT
age: 52505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 856
x-xss-protection: 0
server: sffe
etag: "e15648e5e89a387e"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:47:33 GMT

GET
H2 200 ga4.json Show response
amp.analytics-debugger.com/ 7 KB
3 KB 161ms
103ms Fetch
application/json 2606:4700:e6::ac40:c526
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e6::ac40:c526 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 22 Aug 2023 06:42:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zaBH5c%2BqfN%2B3tQiDyhPBgtA6qgIpfNVq4KloKSvErBprahF4WKhp7pJ8lkiKsgI1Sj8%2BW8q7zqbd1NNgeYxX7hLqPemMDi4nIBo%2B1CamxKKMSbjfqWF14R39LAvSzZa3QTZPwXO4rku9n9n2cOPO%2Fya1mnGdqQ6qmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: max-age=86400
access-control-allow-credentials: true
x-debug-em-all-ga4amp-version: 20230607
cf-ray: 7fb19b073d7259d7-MXP
alt-svc: h3=":443"; ma=86400

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/ 3 KB
956 B 30ms
25ms Fetch
application/json 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012308112021001/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 22 Aug 2023 16:47:33 GMT
age: 52505
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 926
x-xss-protection: 0
server: sffe
etag: "dfac254e180932fa"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 21 Aug 2024 16:47:33 GMT

GET
H2 200 ucfad-formats.css
cdn.aralego.net/css/dev/ 975 B
635 B 46ms
46ms Stylesheet
text/css 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2287
cf-polished: origSize=1191
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Fri, 16 Mar 2018 07:19:46 GMT
server: cloudflare
etag: W/"5aab7012-4a7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=507kyeVXEJfsIO3IciMSEEI37M5p9OQ%2BC1vgd%2FIQZoquKNFZNu%2B5xBtLtHXe5SggdMaRM0p7OhG6qw6HtP%2Bh2lKysB%2FhE8mqdH%2BnCd8%2FH8XA7CiCyQDVn8KawunFkW42j7uKJo5dAJfAQdpD4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
access-control-allow-credentials: true
cf-ray: 7fb19b072999bac7-MXP

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 438ms
105ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b1d4d345795eeea7020e4f7227c43d4e5179481cb54b1f374689037c48646b04

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:38 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK idRequest Show response
sync.aralego.com/ 46 B
488 B 420ms
106ms XHR
text/html 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: b1d4d345795eeea7020e4f7227c43d4e5179481cb54b1f374689037c48646b04

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:38 GMT
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: https://www.bg3.co
Access-Control-Allow-Credentials: true
Connection: close
Content-Length: 46

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 384ms
170ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.35658280066421333&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H/1.1 200
OK ad_request Show response
ads.aralego.com/ 564 B
1 KB 439ms
227ms XHR
text/html 162.210.196.208
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.2965244412761281&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 162.210.196.208 Ashburn, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
x-width: 336
x-height: 280
x-adstyle: banner
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary: Accept-Encoding
access-control-allow-credentials: true
x-adsource: PSA
x-adtype: html
connection: close
content-length: 564

GET
H2 200 bg3.json Show response
cdn.unibotscdn.com/clientdata/ 19 KB
2 KB 86ms
28ms Fetch
application/json 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: gzip
cdn-edgestorageid: 1078
cdn-storageserver: DE-677
cdn-cachedat: 08/01/2023 11:49:47
cdn-pullzone: 873945
last-modified: Tue, 01 Aug 2023 11:47:20 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 652
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 1721cf2ce6ed7de78401ebfe24eaa3ec
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ 402 KB
127 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js?cb=31077271

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 06:59:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1393
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 06:59:25 GMT

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 684 B
762 B 95ms
30ms Fetch
application/json 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=utf-8

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="amp.json"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 305
x-xss-protection: 0
pragma: no-cache
amp-access-control-allow-source-origin: https://www.bg3.co
server: Google Tag Manager
vary: *
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.bg3.co
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rules-p-54Nt-1NAaEEe0.js Show response
rules.quantcount.com/ 160 B
632 B 98ms
35ms Script
application/javascript 2600:9000:223c:c800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:c800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:17:17 GMT
via: 1.1 83f1b8f73f37458f38e2ee1fc0b9e68c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 322
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 15:29:19 GMT
server: AmazonS3
etag: "05b131079c67d484167fd1b1f6c79577"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: B12Kzcg_UD3l4bO6Awb8xIa7h7eq296rXtQ2bX4NQmnpvq_7e2hBkg==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 94ms
36ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=6261&cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dr=&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1692775359&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
251 B 90ms
30ms Ping
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&aip=1&sid=1692775359&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bg3.js Show response
cdn.unibotscdn.com/clientdata/js/ 763 B
851 B 29ms
29ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 2aa048b0b7650d1da40d360378c414bfa2a057fed7a52dbec1844094eb52751d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-680
cdn-cachedat: 08/09/2023 22:14:51
cdn-pullzone: 873945
last-modified: Tue, 01 Aug 2023 11:40:10 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 660
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64c8ef1a-2fb"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 76fd55bbaf6c5e25fd71e62ae9eaaafb
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 975 B
1 KB 35ms
32ms Stylesheet
text/css 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 874
cdn-storageserver: DE-588
cdn-cachedat: 08/09/2023 17:49:28
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-3cf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 63032ac40e6312198c33454ddc1b5205
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 4 KB
2 KB 36ms
33ms Stylesheet
text/css 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 1055
cdn-storageserver: DE-165
cdn-cachedat: 08/09/2023 22:54:06
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:13 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 576
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf61d-eda"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: b93516ead84a34aad1763da211763caf
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 39 KB
11 KB 37ms
34ms Stylesheet
text/css 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 755
cdn-storageserver: DE-588
cdn-cachedat: 08/10/2023 13:50:45
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:08 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 296
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf618-9cdf"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: ed5a70056fb5548cf676c12043b2ff5d
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 bg3.css
cdn.unibotscdn.com/clientdata/css/ 1 KB
1 KB 39ms
36ms Stylesheet
text/css 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 863
cdn-storageserver: DE-167
cdn-cachedat: 08/09/2023 22:25:50
cdn-pullzone: 873945
last-modified: Tue, 01 Aug 2023 11:45:19 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 569
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64c8f04f-534"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 7959e5d717de6610e07165827e1b7a13
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 5 KB
2 KB 40ms
37ms Stylesheet
text/css 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: e61e7542081ce3b43ef206ec0ac6bf25aa34316d27c933f65dd1029d316bf0bf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: br
cdn-edgestorageid: 1054
cdn-storageserver: DE-664
cdn-cachedat: 08/21/2023 09:45:21
cdn-pullzone: 873945
last-modified: Mon, 21 Aug 2023 09:43:23 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 647
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"64e331bb-1563"
vary: Accept-Encoding, Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
cdn-requestid: 6297eb2b0218a06dd1360903ceb7d58a
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 356 KB
123 KB 112ms
28ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

978c2e48f1c6b5d1de4c7fea12d83f972dc1b627ac5670f64799fbf968044904

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125504
x-xss-protection: 0
expires: Wed, 23 Aug 2023 07:22:38 GMT

GET
H2 200 pixel;r=839022606;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33...
pixel.quantserve.com/ 35 B
371 B 31ms
30ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=839022606;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-406694625-1692775358692;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1692775358885;tzo=-120;ogl=;ses=c6a417ee-c615-4da2-aa4e-a2f177473349;mdl=

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:38 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/r/ 35 B
190 B 34ms
33ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.08141967529889182&gjid=0.3352781706633525&_r=1&a=6261&z=0.17322783794163477&gtm=45De1110

Requested by

Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C73 603 B
534 B 391ms
322ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-41503324074158100658&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3453&oid=2&is_amp=5&amp_v=2308112021001&d_imp=1&c=6006261&ga_cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&ga_hid=6261&dt=1692775358833&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&bdt=925&dtd=47&__amp_source_origin=https%3A%2F%2Fwww.bg3.co

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 46
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:39 GMT
expires: Wed, 23 Aug 2023 07:22:39 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 14DC 714 B
785 B 32ms
31ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 1656
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb19b09df1d0e91-MXP
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 07:22:39 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iiThkEEulcleLPy%2FhHCYhWyWD7kfp3DvT0mlKt2Lgr8Wo8U6fDqAOBW6HUH948%2BiD1EuKzcEreSNdDItSt3rvEHNVbRL5e%2BcSU%2BeEIB0%2B3WqNSGGgRuBUB3dV5IbJeB6xoQFEFUzCPwFdrQKMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E739
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

100ms
24ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 07:22:39 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 07:22:39 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H/1.1 200
OK idsync
sync.aralego.com/ 35 B
384 B 338ms
122ms Image
image/gif 192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:39 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

GET
H3 200 cookieSyncIframe.html Show response
cdn.aralego.net/ucfad/cookie/ Frame 8A37 714 B
752 B 26ms
25ms Document
text/html 2606:4700:20::681a:567
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
age: 1656
alt-svc: h3=":443"; ma=86400
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 7fb19b09ef280e91-MXP
content-encoding: br
content-type: text/html
date: Wed, 23 Aug 2023 07:22:39 GMT
last-modified: Wed, 09 Feb 2022 05:59:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K6cEMRFFhwCz6VXnZ6b9KsjpgHsODiU9jB1IATL%2FNMykOs0Bi6OK%2FqlEDeN%2Btmx12%2B4VGbmF%2BLKwPoBA2647jYTRiv%2BjStglTFSpCt8UFCUWthCxRM9u6IRibP4DLdIUYaK6PcHelrb%2BQZ4g6A%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame E975
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
https://eus.rubiconproject.com/usync.html?p=adiiix

281 B
554 B

101ms
25ms

Document
text/html

95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by: Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 07:22:39 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Wed, 23 Aug 2023 07:22:39 GMT
location: https://eus.rubiconproject.com/usync.html?p=adiiix
server: AkamaiGHost

GET
H2 200 floating-unit.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 8 KB
3 KB 27ms
25ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/floating-unit.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 388b6bce41a3972d23fb679c2c50abf3211b7f53218f0e1e65ded62798e28979

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: nQk8rTzvDoi8fZ6Ry2uZNKVn6lLOlWa0
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: 756HK877DY0S64J7
age: 165141
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 2474
x-amz-id-2: yKHhF+vRwe7gzjblH/NX1E27b2y/6Z4+z35VyGrQeSzTxOGkxnKbNQGO3NrfKgXZz9pkBXNQA8w=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:18 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.049606,VS0,VE0
etag: "52255cbb6c5bbba6970dc3153dd4357f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1144

GET
H2 200 taboola-vignette-new-scanning.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 27 KB
8 KB 28ms
26ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d546f6df20075ea5f574cb3c57090313ad02c19b922116382e1e09303061dfd6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: V5ZgBBl_zAI6sOO4Wk9LEZ2wkSxEJWbO
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: 8VTDNVGY52033Q1V
age: 165121
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8020
x-amz-id-2: XyWbhVXoYhCc9k0FMuvtIbMcwKM0CWtT7DRE6d+KYqc6HARZhX1ZaPpX9KVW14aXpdv/rDZzMrU=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:38 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.049788,VS0,VE0
etag: "d9c0b801d576d22e1a4764c59ef5c044"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 14
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1054

GET
H2 200 distance-from-article.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 22ms
21ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 727f0c50f1b4aea021b5e91c5f7d04c5a5175d3535220e0db2ff783a6bb4df08

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: jgU_UbRr5i.mArk8v61eJuH6lAe.kXNM
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: TQ2R4YCCW91YZ5HD
age: 165151
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1133
x-amz-id-2: clcgBnpPVxCFHCxQT9VmzIAQHcgTqFYwkEIR0125LISNAed8fEbyFQJbCikNIMKvbV4Vj8xIr4Q=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:08 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.072713,VS0,VE0
etag: "933ba00cff50e669bba7065100e74e1f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 87
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4602

GET
H2 200 article-detection.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
2 KB 25ms
24ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d07f9458445f7e84bfeadd16818a7b85c9ea539efd265d9ae5c5458fb4e0a19c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 8wk_lsxIoma654RinGCWMnCDm4RmcRe6
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: ME1HF121TZRW2NB8
age: 165158
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1292
x-amz-id-2: 8F9zYAXsVkNtNSNvSjISmhQGZuBLD3tfjWOo4/6bm717m5QgynUAZNDt2MXzlmlpQnv4KCGmSXQ=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:01 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.073396,VS0,VE0
etag: "bb0a68bcbc42eefcd39c9762c02f3846"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4647

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/4.2.2/ 124 KB
35 KB 23ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf7dbe25dc553a6456d600716358f2d623df654f107f636fb0ede1e9a55d34b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 195b923a1c82c96d843c757f80ce2a18.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MXP53-P3
age: 90966
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront, HIT
content-length: 35617
x-served-by: cache-mxp6950-MXP
last-modified: Tue, 22 Aug 2023 06:05:39 GMT
server: AmazonS3
x-timer: S1692775359.077027,VS0,VE0
etag: "a30148b0d64eec629defcc5e17679a99"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: ZJ2Dux0361zj88lGd9I0ofd8kRDsHXb26xDSXSCEDUqRRsw9BblvzA==
x-cache-hits: 7235

GET
H2 200 feed-card-placeholder.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 23ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a2cf13ab1cb86a6f5613571acc19aedd7e8198a5f467371e05a19b1506721abb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: vj9LbXdOvrUyl2klowSQ9u8Zmu3_y9mg
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: MS6BQR7ES7SB6HJW
age: 165146
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: SfcRu4ViptZend2wckmJTuBTcfJNlw3QIWEbhNtBcSZo84UHY1eN+DAD+ASFxGPKd+aXPI4hJEs=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:13 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.076741,VS0,VE0
etag: "c3b52f6474604f6316400283c5db63df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 65
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 4856

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 32ms
32ms Image
image/svg+xml 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: M69MRPPN7M4PBEQF
age: 64
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: XNB8EIik98c2zNN/pIgwT7tTCujVZFxUJ9ih2e4ba3+c8yTHb0dWN9umfTF4hbpslUQ3EHDYxLs=
x-served-by: cache-mxp6950-MXP
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.079237,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 7
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 71

GET
H2 200 userx.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 30ms
30ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dde511e63e29b8f7882122fbda4cc43073dc4be991604d476f80643c059ba761

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3OQcm3a.w8N995GIqIZrD2f_14x90ecv
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: ZYF6587V6JDKFSVE
age: 165118
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: FTsOc1rrVRUNazZBkMS9AX0g3cEOxjEHrJX+MO1kGk7+bOeRM9vegKp6BsnCwbo72+itGZ4L28Y=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:41 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.081614,VS0,VE0
etag: "6884f9ebfcc69ee9eaf979cc70eba656"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 9
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1013

GET
H2 200 explore-more.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 30 KB
9 KB 24ms
23ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 112f70cd50d550927521334d7a080575cccadf3a038953ca42e45dbd0362bcd5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xNCJWuTHnYkDjTN0e2MFOvGOPgBqsjiO
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: J04N7DG4MZNBB14P
age: 165148
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 8804
x-amz-id-2: +tDvwC1uWLu64FpAgikeebERuEqQeVghmBmJulhz7vEdl6FTTm0cdukZmfzQ1+NRLow8eOpxxYI=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:11 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.132450,VS0,VE0
etag: "d7c2ff80b4e1050b324dd9376ae59aea"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 1
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3206

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 245ms
68ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=09%3A22%3A39.036&id=226&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 245ms
68ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1692775359038%7D&tim=09%3A22%3A39.038&id=7434&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 246ms
70ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692775359048%7D&tim=09%3A22%3A39.048&id=1330&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 245ms
69ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A22%3A39.120&id=9794&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
90 B 242ms
66ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A22%3A39.124&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=3332&cv=20230820-26-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 66880

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 243ms
68ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A22%3A39.125&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1125&cv=20230820-26-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 66880

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 68ms
68ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A22%3A39.149&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=9264&cv=20230820-26-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 66880

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 72ms
71ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A22%3A39.150&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6274&cv=20230820-26-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 66880

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 126ms
125ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A22%3A39.165&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2924&cv=20230820-26-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67044

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 14DC 97 KB
28 KB 93ms
92ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fed7d9dd6400f06b928511591eea7d7fb234ff0c0ed11ed9ab97ecde31e5f192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28730
x-xss-protection: 0
server: cafe
etag: 249 / 19592 / 31077272 / config-hash: 11994054189564921139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 8A37 98 KB
28 KB 156ms
155ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d19bf2b8ac5b600301584b75d853f3e3fdf1e8e14c2d847f7b26492bfcf7bf54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28945
x-xss-protection: 0
server: cafe
etag: 719 / 19592 / m202308170101 / config-hash: 11994054189564921139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B2A1 18 KB
8 KB 154ms
110ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4afb837c3239e7cebd4e083b6dcb2db84728a3313fc854dd18a622ae4e434ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7892
x-xss-protection: 0
server: cafe
etag: 779442795345097513
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H3 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ Frame B380 18 KB
8 KB 94ms
62ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: ads.aralego.com
URL: https://ads.aralego.com/sdk

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

570ddcb41dae25421346e006f4282bab0f3cbe18974791e32a3b5b2b72e6a542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7894
x-xss-protection: 0
server: cafe
etag: 17943526713366627084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H2 200 8f8a1786618d653e731922d34d30166a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
58 KB 27ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e0a205f061d7468682b0fce742317e58e224bbb0cbcd91a9e1e8f02664b5e777

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
age: 3121074
edge-cache-tag: 342835041804540676188035790093627941645,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag: 342835041804540676188035790093627941645,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 701
expiration: expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.systemed.fr/
content-length: 58188
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kiad7000149-IAD, cache-sna10728-LGB, cache-iad-kcgs7200032-IAD, cache-mxp6950-MXP
last-modified: Wed, 28 Jun 2023 09:08:37 GMT
server: nginx
x-timer: S1692775359.237700,VS0,VE1
etag: "72a358ded0cb12e33ac76d22b28ea1d0"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 259, 1

GET
H2 200 8f8a1786618d653e731922d34d30166a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 39 KB
40 KB 35ms
27ms Image
image/jpeg 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e923ed63562aa1f3ae19383a18609933aebd0afad1100006a5c8eeaef0f52662

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
age: 2836890
edge-cache-tag: 342835041804540676188035790093627941645,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag: 342835041804540676188035790093627941645,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, HIT, HIT
content-length: 39919
x-request-id: bfdf305e33348dbffa3ce2f91da90276
x-backend-name: CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by: cache-iad-kiad7000022-IAD, cache-iad-kiad7000022-IAD, cache-mxp6950-MXP
last-modified: Sat, 24 Jun 2023 19:38:32 GMT
server: cloudinary
x-timer: S1692775359.238073,VS0,VE1
etag: "2324fc27910466b17168fe81b5a6f00c"
vary: ImageFormat
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 29, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 34ms
26ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a409d74793cb8e9cb28b1fd92311d6c82d4a4b15f2301b5a63daa0057cf9aa77

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 1347902
edge-cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 158
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.9tv.co.il/
content-length: 13658
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200103-IAD, cache-iad-kiad7000057-IAD, cache-lga21930-LGA, cache-iad-kjyo7100165-IAD, cache-mxp6950-MXP
last-modified: Sun, 16 Jul 2023 08:21:22 GMT
server: nginx
x-timer: S1692775359.238033,VS0,VE1
etag: "98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 353, 1

GET
H2 200 f6f1f7db-bc0e-4a0f-b03c-d7d499fea7cd__ET4pHkN9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 5 KB
6 KB 126ms
126ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f6f1f7db-bc0e-4a0f-b03c-d7d499fea7cd__ET4pHkN9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 62078c5de4069abd5bef9018b3d8aba4484b28c0044066ff6da39fc97b369f03

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 104
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f6f1f7db-bc0e-4a0f-b03c-d7d499fea7cd__ET4pHkN9.jpg
age: 1677927
edge-cache-tag: 306024418341661774972743934937336520556,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306024418341661774972743934937336520556,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 32
req-referer: https://topmundodospets.com/entenda-se-pinscher-e-indomito-e-conheca-mais-sobre-a-raca-petz/
content-length: 5218
x-request-id: 48cfd144c29a8d90f0c275c82270b941
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100021-IAD, cache-iad-kiad7000020-IAD, cache-lax10652-LGB, cache-iad-kcgs7200047-IAD, cache-mxp6950-MXP
last-modified: Tue, 25 Jul 2023 14:56:12 GMT
server: nginx
x-timer: S1692775359.266103,VS0,VE104
etag: "39cef241e77de9e1e6d713776c8e10e8"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 2, 0

GET
H2 200 48709dddc884a6b41ad65380011c02ba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 66 KB
66 KB 19ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48709dddc884a6b41ad65380011c02ba.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 90c1cee0f47486d3aa1dd263d5cbaa761841d08d1b17322610bb56cb232ca1bb

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48709dddc884a6b41ad65380011c02ba.jpg
age: 1393008
edge-cache-tag: 503783417891195260149619034759211676670,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag: 503783417891195260149619034759211676670,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 204
req-referer: https://www.forzaroma.info/
content-length: 67134
x-request-id: 2a5a6c4a4f0bbcf07b2a8b927262ce2e
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200149-IAD, cache-iad-kiad7000142-IAD, cache-chi-klot8100112-CHI, cache-iad-kcgs7200178-IAD, cache-mxp6950-MXP
last-modified: Mon, 07 Aug 2023 04:24:59 GMT
server: nginx
x-timer: S1692775359.266088,VS0,VE1
etag: "f8783d6bb81f26a221f777807fc4b83c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 1, 1

GET
H2 200 7f8c97b81f07cbf894c33201b8720765.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
21 KB 24ms
23ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f8c97b81f07cbf894c33201b8720765.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d4a6c0b5aee0694d621df66a93271e9fd3f0340f9fa94f6083a84b351e372603

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7f8c97b81f07cbf894c33201b8720765.jpg
age: 1903369
edge-cache-tag: 408534847614083964509776046487298240849,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 408534847614083964509776046487298240849,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 225
expiration: expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.handball-world.news/
content-length: 20988
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200152-IAD, cache-iad-kjyo7100159-IAD, cache-iad-kcgs7200040-IAD, cache-mxp6950-MXP
last-modified: Mon, 17 Jul 2023 13:22:04 GMT
server: nginx
x-timer: S1692775359.267599,VS0,VE0
etag: "8c12269320cf20472d7f0d2154ee141f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 231, 3

GET
H2 200 98b41bf9d312366a0254de18d1028c0d.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 14 KB
15 KB 19ms
19ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98b41bf9d312366a0254de18d1028c0d.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d58821eb4089f598a171ec0c0c0d9bf9eefdc271a4f208e66d423eb01abe1250

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98b41bf9d312366a0254de18d1028c0d.png
age: 4377562
edge-cache-tag: 468655783263219424043203317813410915063,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag: 468655783263219424043203317813410915063,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 113
req-referer: https://www.gazzetta.it/
content-length: 14216
x-request-id: 38329a37a14c5646941ea047c45fe6b9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kiad7000061-IAD, cache-iad-kcgs7200170-IAD, cache-lga21938-LGA, cache-iad-kiad7000077-IAD, cache-mxp6950-MXP
last-modified: Fri, 30 Jun 2023 07:28:39 GMT
server: nginx
x-timer: S1692775359.291951,VS0,VE0
etag: "36e5cf1f6a55cbeaf75adc2c0b616b48"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 147, 3

GET
H2 200 8f8a1786618d653e731922d34d30166a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 27ms
25ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6ce7b2d092d8f6ae424cd0d7860e8115ff3a718e8a50115b81991479625719ea

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
age: 5080358
edge-cache-tag: 342835041804540676188035790093627941645,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 342835041804540676188035790093627941645,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 237
expiration: expiry-date="Sun, 25 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.waz.de/
content-length: 28874
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kjyo7100112-IAD, cache-iad-kcgs7200153-IAD, cache-sna10735-LGB, cache-iad-kjyo7100083-IAD, cache-mxp6950-MXP
last-modified: Thu, 25 May 2023 13:19:39 GMT
server: nginx
x-timer: S1692775359.299430,VS0,VE1
etag: "7147482fed831ba4b8a9fe51181bd506"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 7, 1, 194, 1

GET
H2 200 48709dddc884a6b41ad65380011c02ba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 73 KB
74 KB 39ms
38ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48709dddc884a6b41ad65380011c02ba.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a6ce1835c6c4eba1b298d8d99dcc30d516e90776895e1500073ccc6bf06cee1a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48709dddc884a6b41ad65380011c02ba.jpg
age: 1376760
edge-cache-tag: 503783417891195260149619034759211676670,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 503783417891195260149619034759211676670,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 289
req-referer: https://thefashionball.com/
content-length: 75186
x-request-id: 327ade27a43677000c2894e03d2b1390
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kcgs7200139-IAD, cache-iad-kjyo7100045-IAD, cache-chi-kigq8000147-CHI, cache-iad-kcgs7200064-IAD, cache-mxp6950-MXP
last-modified: Mon, 07 Aug 2023 04:25:51 GMT
server: nginx
x-timer: S1692775359.312107,VS0,VE9
etag: "fa1d3a0d0633cee2e8fd56cd4d02d712"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 0, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 31 KB
32 KB 37ms
26ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 1347901
edge-cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 321
expiration: expiry-date="Wed, 16 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.tag24.de/
content-length: 31858
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200103-IAD, cache-iad-kiad7000057-IAD, cache-sna10739-LGB, cache-iad-kiad7000139-IAD, cache-mxp6950-MXP
last-modified: Sun, 16 Jul 2023 08:21:22 GMT
server: nginx
x-timer: S1692775359.363614,VS0,VE2
etag: "98191e2eef5b9be911ac38d0d3a74348"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 20, 1

GET
H2 200 f6f1f7db-bc0e-4a0f-b03c-d7d499fea7cd__ET4pHkN9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 11 KB
12 KB 130ms
125ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f6f1f7db-bc0e-4a0f-b03c-d7d499fea7cd__ET4pHkN9.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cbd5a3a3a3f0200dd247c597d202f9d1369d2ab11df37ef22c08466182e67247

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 99
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/f6f1f7db-bc0e-4a0f-b03c-d7d499fea7cd__ET4pHkN9.jpg
age: 1785334
edge-cache-tag: 306024418341661774972743934937336520556,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 306024418341661774972743934937336520556,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, HIT, HIT, MISS
x-envoy-upstream-service-time: 245
req-referer: https://www.milliyet.com.tr/
content-length: 10916
x-request-id: 15bae56f5cbbda0e639a159f9a8e4b77
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by: cache-iad-kjyo7100084-IAD, cache-iad-kcgs7200162-IAD, cache-sna10728-LGB, cache-iad-kiad7000031-IAD, cache-mxp6950-MXP
last-modified: Tue, 25 Jul 2023 14:56:12 GMT
server: nginx
x-timer: S1692775359.364112,VS0,VE99
etag: "b6de9b0b513dcda286cbd31d7978976f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 3, 0

GET
H2 200 video.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 524 KB
155 KB 29ms
29ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
cdn-edgestorageid: 860
cdn-storageserver: DE-570
cdn-cachedat: 07/06/2023 22:30:42
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:19 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 340
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642bf623-830a3"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 11aa1c0cd269545b959ee77d4b372ed3
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E739 34 KB
10 KB 29ms
27ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9827
Connection: keep-alive
Content-Length: 10116
Expires: Wed, 23 Aug 2023 10:06:26 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame E975 34 KB
10 KB 31ms
29ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:39 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9827
Connection: keep-alive
Content-Length: 10116
Expires: Wed, 23 Aug 2023 10:06:26 GMT

GET
H2 200 next-up-widget.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 16 KB
5 KB 57ms
17ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/next-up-widget.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dfd016b7608a1e80da9f2accfffb56a4cb2f4e0818fb177cc668817192b6903

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: sK2ucbsgI8SSt6UqM0PIlMGwhyKN8KSl
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: PW79ZCDH0QVTYYHC
age: 165138
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 4623
x-amz-id-2: 6+YbTbrZdem/ASunvYKN0MPp4ptC2Fmcs9yZcDyx3Af49D+bZk8HgQ+wEaOMrBxZhm/05Fe+ZI0=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:21 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.361904,VS0,VE0
etag: "c3d790dbed49204293e5b8071c98e07d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 34
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 1109

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 118ms
116ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1455%7D%22%2C%22eventTime%22%3A1692775359361%7D&tim=09%3A22%3A39.361&id=7102&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 94ms
94ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22305.015625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A22%3A39.389&id=9084&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 0
89 B 83ms
82ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A22%3A39.400&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=5055&cv=20230820-26-RELEASE&lt=deflated&pct=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 67193

GET
H2 200 css2
fonts.googleapis.com/ 20 KB
1 KB 90ms
32ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 23 Aug 2023 06:05:22 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H2 200 spa-detector.20230820-26-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 21ms
20ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/spa-detector.20230820-26-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 001a2e84844bfe2f24ee18f9f7caa32590a3742725786672309be8c62049c9d9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: bK6WipnusepcHjv67efrtwKIXrMowi5F
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:39 GMT
x-amz-request-id: G592ACXJTK80V46W
age: 165132
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 810
x-amz-id-2: l5uvl7aKFuzUWXjhj4tmXOMN9t9Ay5odjbEawfuH8zs95tTZnG/Ezpvfa12tQ4eF9xM8HQIBu1g=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:30:27 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1692775359.425038,VS0,VE0
etag: "569461c6c5f7d55895b5c45fd8e9d52b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 84
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 3215

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 69ms
68ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A22%3A39.402&id=1456&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 72ms
71ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1692775359409%7D&tim=09%3A22%3A39.409&id=9925&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 72ms
72ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A22%3A39.411&id=9745&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 0
230 B 73ms
72ms Image
text/plain 185.106.33.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=06da84a37a202429362d9f03e6b129eb&sd=v2_ff3cc2b682bd1374ce044701ba6ed250_23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e_1692775358_1692775358_CNawjgYQ2YJdGNe_mIqiMSABKAEwKziy0A1At4gQSJrS2gNQ____________AVgAYABosa_ptcr9986tAXAA&ui=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&pi=/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&wi=-8302989341364075628&pt=text&vi=1692775358423&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1692775359414%7D&tim=09%3A22%3A39.414&id=2991&llvl=2&cv=20230820-26-RELEASE&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B380 145 KB
50 KB 121ms
120ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f78ab124506d9ee109b457c68f7faa639e79c04aeca7eaccae2cfb6b47955fff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50984
x-xss-protection: 0
server: cafe
etag: 11389341389009243588
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/ Frame 14DC 403 KB
127 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 02:53:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16121
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129841
x-xss-protection: 0
server: cafe
etag: 17107103858499901094
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 02:53:58 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E739 284 B
934 B 114ms
28ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame E975 284 B
921 B 87ms
22ms Image
image/jpg 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame B2A1 145 KB
50 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40895b9a8d5f0c1eb74dce2f7ac067caf755f82ff7492c95f1b7260662c34d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50966
x-xss-protection: 0
server: cafe
etag: 14771881220796983414
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
253 B 360ms
126ms Fetch
application/json 2600:1f18:24e6:b901:3c37:1dbb:4827:7740
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:3c37:1dbb:4827:7740 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 404 L2Evc2hpLXp1LXNhaS1kZS1ndW8tNmJpLTF4aWUteGktZHVpLXNob3Utemh1LWppYW5nLWx1by15aS1zaS15aS1zaS1yZW4tZGFpLXNpLWxpZS5odG1s.json Show response
cdn.adpushup.com/42753/ 555 B
874 B 135ms
134ms XHR
text/html 2a02:26f0:480:f::213:7ede
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.adpushup.com/42753/L2Evc2hpLXp1LXNhaS1kZS1ndW8tNmJpLTF4aWUteGktZHVpLXNob3Utemh1LWppYW5nLWx1by15aS1zaS15aS1zaS1yZW4tZGFpLXNpLWxpZS5odG1s.json
Requested by: Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ede Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country: CH
date: Wed, 23 Aug 2023 07:22:39 GMT
server: nginx/1.18.0
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
x-akamai-device: mobile:false&tablet:false
cache-control: max-age=3600
server-timing: cdn-cache; desc=MISS, edge; dur=23, origin; dur=86, ak_p; desc="1692775359525_34831774_86665835_10873_936_21_0_219";dur=1
content-length: 555
expires: Wed, 23 Aug 2023 08:22:39 GMT

GET
H2 200 videojs.ads.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 91 KB
25 KB 29ms
29ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 08/09/2023 21:21:30
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:21 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 577
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf625-16c3c"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: d156cdd2203ca096d32dd26af2bb63d0
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs.ima.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 84 KB
19 KB 37ms
37ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
cdn-edgestorageid: 1077
cdn-storageserver: DE-165
cdn-cachedat: 07/07/2023 01:07:44
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:22 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 339
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642bf626-14fe2"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 6879374fcd0c0032a2e425b140dcc415
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 can-autoplay.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 11 KB
4 KB 39ms
38ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-572
cdn-cachedat: 04/04/2023 10:10:14
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:16 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 565
cdn-requestpullcode: 200
cdn-proxyver: 1.03
etag: W/"642bf620-2ae4"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: fc26b4be3d1c94435538b06979ac923e
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 videojs-playlist.min.js Show response
cdn.unibotscdn.com/ubplayer/dist/js/ 5 KB
2 KB 38ms
38ms Script
application/javascript 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: 2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
cdn-edgestorageid: 865
cdn-storageserver: DE-167
cdn-cachedat: 08/09/2023 22:56:18
cdn-pullzone: 873945
last-modified: Tue, 04 Apr 2023 10:04:20 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 573
cdn-requestpullcode: 200
cdn-proxyver: 1.04
etag: W/"642bf624-13b1"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=3600
cdn-requestid: 17e518078c386fa51b856a3160648ab9
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/ Frame 8A37 402 KB
127 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 05:00:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8515
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129577
x-xss-protection: 0
server: cafe
etag: 2336233631454045957
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Thu, 22 Aug 2024 05:00:44 GMT

GET
BLOB 200
OK e1d906ca-48b5-49b7-86d7-bf92cdc15bda
https://www.bg3.co/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/e1d906ca-48b5-49b7-86d7-bf92cdc15bda
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

GET
H2 200 8f8a1786618d653e731922d34d30166a.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 4 KB
4 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 8893f1f5cb30948deacb5710a635c55d3f78a0cddfd54877f362d25a6ee9026d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8f8a1786618d653e731922d34d30166a.png
age: 1090739
edge-cache-tag: 342835041804540676188035790093627941645,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 342835041804540676188035790093627941645,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 196
expiration: expiry-date="Thu, 07 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.ghbase.com/
content-length: 3828
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200104-IAD, cache-iad-kcgs7200139-IAD, cache-sna10720-LGB, cache-iad-kjyo7100173-IAD, cache-mxp6950-MXP
last-modified: Mon, 07 Aug 2023 05:19:39 GMT
server: nginx
x-timer: S1692775360.625976,VS0,VE0
etag: "6b02b60ed470a0882fe06c4a793ef644"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 48, 3

GET
H2 200 48709dddc884a6b41ad65380011c02ba.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 6 KB
7 KB 34ms
34ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48709dddc884a6b41ad65380011c02ba.jpg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ee5925a1018d2f10f3cc2cfea13505681041d30d80cb381f9d7676dcb131588

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 12
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/48709dddc884a6b41ad65380011c02ba.jpg
age: 1375996
edge-cache-tag: 503783417891195260149619034759211676670,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 503783417891195260149619034759211676670,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 88
req-referer: https://www.jamaicaobserver.com/
content-length: 6200
x-request-id: 50f125d5c39f98c1dba7c2faf4c244ad
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kiad7000056-IAD, cache-iad-kjyo7100167-IAD, cache-lga21934-LGA, cache-iad-kiad7000145-IAD, cache-mxp6950-MXP
last-modified: Mon, 07 Aug 2023 04:25:51 GMT
server: nginx
x-timer: S1692775360.626138,VS0,VE12
etag: "4c912beb742ab3c90b589dcbee047ffe"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 0, 1

GET
H2 200 f3fb04727eb1c13baa3a04f9e87f0312.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 5 KB
6 KB 20ms
20ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f3fb04727eb1c13baa3a04f9e87f0312.jpeg
age: 1447255
edge-cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag: 413171760462916128786953021986728628513,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 75
req-referer: https://ziarulunirea.ro/burse-pentru-elevii-cu-media-10-la-bacalaurea-si-evaluarea-nationala-cati-bani-vor-putea-primi-elevii-cu-coronita-844864/
content-length: 4882
x-request-id: 1c3feebb02d1c47c4b9f5b558eb4d1fa
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000099-IAD, cache-iad-kjyo7100049-IAD, cache-chi-klot8100137-CHI, cache-iad-kcgs7200157-IAD, cache-mxp6950-MXP
last-modified: Fri, 28 Jul 2023 15:42:18 GMT
server: nginx
x-timer: S1692775360.626480,VS0,VE1
etag: "99f28a0677ecaf7b097db6c8ed4612ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 17, 1

GET
H/1.1

200
OK

idsync
sync.aralego.com/ Frame E739
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LLNEQQTL-D-CHB1
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLNEQQTL-D-CHB1

35 B
266 B

338ms
131ms

Image
image/gif

192.96.203.13
LEASEWEB-USA-WDC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLNEQQTL-D-CHB1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:40 GMT
Connection: close
Content-Length: 35
Content-Type: image/gif

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LLNEQQTL-D-CHB1
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H/1.1 200
OK ubpvideos Show response
newsbot.unibots.in/get_videos/ 521 B
693 B 690ms
329ms Fetch
application/json 172.105.43.230
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://newsbot.unibots.in/get_videos/ubpvideos
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: 172-105-43-230.ip.linodeusercontent.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 23 Aug 2023 07:22:40 GMT
Server: nginx/1.14.0 (Ubuntu)
Content-Length: 521
Content-Type: application/json

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/ Frame B380 392 KB
132 KB 156ms
156ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9dd71e0f2892855b04185b0c130f375634bfc7229c8bcdff78084309a65faa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134789
x-xss-protection: 0
server: cafe
etag: 2044466001028451568
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230821/r20190131/ Frame 6319 10 KB
4 KB 21ms
20ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230821/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 2830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4437
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 06:35:29 GMT
etag: 9878862242593084568
expires: Wed, 06 Sep 2023 06:35:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 14DC 492 B
265 B 63ms
63ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2704623592761534&correlator=2646910302854249&eid=31077272&output=ldjh&gdfp_req=1&vrg=202308210101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692775359705&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iv4eoq1t9i3q&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1825980599.1692775360&ga_sid=1692775360&ga_hid=1291217426&ga_fc=false&dlt=1692775359187&idt=403&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

789c2b46d72a8545a4490c18d4d2af6895159db44941b39a4fedfa8b72d27c92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 14DC 15 KB
11 KB 70ms
70ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308210101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f24e8b4121c0f773b0b049be0f374c029f305399cbeab9fa5b4bfc13117809c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11615
x-xss-protection: 0

GET
H2 200 container.html Show response
816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C112 6 KB
3 KB 109ms
30ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:39 GMT
expires: Thu, 22 Aug 2024 07:22:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 262 KB
87 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3bdcd6d5cd226c01771dd8cffbd284ab80c25ad686f2b6b26a7e7c96bcb42b37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 89255
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 07:22:39 GMT

POST
H2 202 logs Show response
http-intake.logs.datadoghq.com/api/v2/ 2 B
252 B 165ms
136ms Fetch
application/json 2600:1f18:24e6:b901:3c37:1dbb:4827:7740
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js

Requested by

Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:24e6:b901:3c37:1dbb:4827:7740 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
accept-encoding: identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type: application/json
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2

GET
H2 200 st Show response
imprammp.taboola.com/ Frame 7276 422 B
383 B 74ms
71ms Document
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=undefined&cb=1692775359756&uv=3323&tms=1692775359756&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5c4d9ce5-ceca-4c46-a62a-40bdf197d258&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0435547ae7b090f783faaffb4c2dcae17efea66fa74898fa473845f3e9d7fc15

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Wed, 23 Aug 2023 07:22:39 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-mxp6950-MXP
x-timer: S1692775360.773009,VS0,VE53

GET
H2 200 sync Show response
am-match.taboola.com/ Frame E8EC 577 B
663 B 111ms
27ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8cc9886f56ab30ce75dedf7fd7d68cb8bc5e1387ca25b0be3249f879b202cdd3

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 23 Aug 2023 07:22:39 GMT
machineid: 3402
server: nginx

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
727 B 71ms
69ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692775359765&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1543&pt=614113391&tz=120&viewable=true&ddast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b99daabe342a751c7b81a37b2c75f328f7ce10eb4b5c7f210a7bc0e357723473

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1486
x-cache: MISS
x-served-by: cache-mxp6950-MXP
pragma: no-cache
server: nginx
x-timer: S1692775360.775878,VS0,VE52
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 96ms
28ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=31589837&cb=1692775359756&uv=3323&tms=1692775359756&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1692775355495.4!ts:1692775359756&mntl=1
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-length: 0
server: nginx

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/ Frame B2A1 392 KB
132 KB 115ms
115ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

828021a34984865f714fcfac64eb9606f9065da1f93f9b7a778365b8e68a1172

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134653
x-xss-protection: 0
server: cafe
etag: 4161739408011469873
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H/1.1

200
OK

ecm3
aax-eu.amazon-adsystem.com/s/ Frame E739
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=LY6Qutz4Q4uVb6w_dUSOBA&rk=usync-other
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LY6Qutz4Q4uVb6w_dUSOBA

43 B
720 B

191ms
191ms

Image
image/gif

52.95.125.22
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LY6Qutz4Q4uVb6w_dUSOBA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.95.125.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 07:22:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: KK8DG82A57R7BW16S9GQ
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=LY6Qutz4Q4uVb6w_dUSOBA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame E739 70 B
265 B 140ms
41ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame E739
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTViZmE4OTVmMjhhMzcwODkzZjE1ZTM4NTdiYjk1ZWFmY2VmYzI4ZA

170 B
243 B

30ms
30ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTViZmE4OTVmMjhhMzcwODkzZjE1ZTM4NTdiYjk1ZWFmY2VmYzI4ZA

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MTViZmE4OTVmMjhhMzcwODkzZjE1ZTM4NTdiYjk1ZWFmY2VmYzI4ZA
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E739
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENhgMnyfgMjJVhDYNJ0yvwo&google_cver=1

42 B
678 B

23ms
23ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENhgMnyfgMjJVhDYNJ0yvwo&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESENhgMnyfgMjJVhDYNJ0yvwo&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
px.ads.linkedin.com/ Frame E739
Redirect Chain

https://token.rubiconproject.com/token?pid=36584
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLNEQQTL-D-CHB1

0
648 B

165ms
126ms

Image
text/plain

2620:1ec:21::14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLNEQQTL-D-CHB1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: H2
Server: 2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 91BCA8794FBE453DBE7C00E5AAD167C5 Ref B: ZRHEDGE1613 Ref C: 2023-08-23T07:22:39Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYDkfoEcLgrsezqXxqtMw==

Redirect headers

Location: https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LLNEQQTL-D-CHB1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame E739
Redirect Chain

https://token.rubiconproject.com/token?pid=25470
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TExORVFRVEwtRC1DSEIx
https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDBJLxehsPT8_P5w7RhQvPo&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H/1.1

200
OK

ecm3
s.amazon-adsystem.com/ Frame E739
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=uUAvGEdtTwWxUM3a0PL9dw&rk=usync-na
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uUAvGEdtTwWxUM3a0PL9dw

43 B
479 B

111ms
111ms

Image
image/gif

52.46.143.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uUAvGEdtTwWxUM3a0PL9dw

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix

Protocol

HTTP/1.1

Server

52.46.143.56 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 07:22:40 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: 4V29WHMEY0DXCX9ABHQP
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location: https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=uUAvGEdtTwWxUM3a0PL9dw
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame E739
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/o4u5PLWfxafBB8kRFgqLeQ?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tmFoD6RE2oLR3Wik.Ff0Bzs89klkYaeUQkQgfA--~A

42 B
678 B

37ms
37ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tmFoD6RE2oLR3Wik.Ff0Bzs89klkYaeUQkQgfA--~A
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 42
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-tmFoD6RE2oLR3Wik.Ff0Bzs89klkYaeUQkQgfA--~A
content-length: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 14DC 17 KB
7 KB 94ms
43ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308210101/pubads_impl.js?cb=31077272

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:22:39 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 7276 70 B
264 B 101ms
42ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=undefined&cb=1692775359756&uv=3323&tms=1692775359756&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5c4d9ce5-ceca-4c46-a62a-40bdf197d258&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 7276 43 B
426 B 454ms
42ms Image
image/gif 2a05:d018:d29:3601:f60d:7f4e:ab14:8158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e?gdpr=1&us_privacy=1---

Requested by

Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=undefined&cb=1692775359756&uv=3323&tms=1692775359756&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5c4d9ce5-ceca-4c46-a62a-40bdf197d258&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:f60d:7f4e:ab14:8158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2 200 sync
x.bidswitch.net/ Frame 7276 43 B
146 B 187ms
23ms Image
image/gif 18.159.10.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=undefined&cb=1692775359756&uv=3323&tms=1692775359756&abt=nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=5c4d9ce5-ceca-4c46-a62a-40bdf197d258&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.10.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-10-79.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 cmTagFEED_MANAGER.js Show response
vidstat.taboola.com/vpaid/units/33_2_3/infra/ 880 KB
145 KB 57ms
19ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_2_3/infra/cmTagFEED_MANAGER.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: b3b086c27f885f293e9bbeec9fb59bb661b6a23c6df7927b7438d11eaf2aed40

Request headers

Referer: https://www.bg3.co/
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1692608899
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8D996029YVQJ406X
age: 166333
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692608899
x-amz-meta-mode: 33188
content-length: 147533
x-amz-id-2: TS3hKC74Gq/jutE5zR7a2FldiER8YFCu/G5i27IDAE+C52zo72CO1yNuSOUIICO3NQIzhor0dVA=
x-served-by: cache-mxp6936-MXP
last-modified: Mon, 21 Aug 2023 09:08:20 GMT
server: AmazonS3-br
x-timer: S1692775360.924257,VS0,VE0
etag: "7d23ee83eb5120b2713eb0dfb27e5848"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 64858

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_3/assets/css/ 60 KB
8 KB 21ms
19ms Stylesheet
text/css 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/33_2_3/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1692608916
date: Wed, 23 Aug 2023 07:22:39 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 8D97CBTHENVTEXQR
age: 166333
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692608917
x-amz-meta-mode: 33188
content-length: 7924
x-amz-id-2: MV2w2VPta9QBxLhGJifhIwpaKV/p7kkH8jBbBYUkVZyzlywU4hy7Q7r8LMK9mMoT1Lt8gv8VoHY=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:08:38 GMT
server: AmazonS3-br
x-timer: S1692775360.887224,VS0,VE0
etag: "a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 69821

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8A37 492 B
263 B 58ms
57ms XHR
text/plain 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3726674125003116&correlator=2761496251080337&eid=31077254&output=ldjh&gdfp_req=1&vrg=202308170101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692775359890&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iidkxu97d9xf&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=227805750.1692775360&ga_sid=1692775360&ga_hid=470031934&ga_fc=false&dlt=1692775359189&idt=584&adks=64515409&frm=24

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b981855735074393a694e0d0fce62f4ce4c1583e9ce98b6703da5c00c23539eb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cdn.aralego.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8A37 15 KB
11 KB 74ms
74ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308170101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88b014ad607a471eddf4dc1d8ba396c827dba693447ba890069cff4a84e0fd1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:39 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11730
x-xss-protection: 0

GET
H2 200 container.html Show response
64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 98E1 6 KB
3 KB 43ms
27ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:39 GMT
expires: Thu, 22 Aug 2024 07:22:39 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame E8EC 70 B
264 B 60ms
43ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:39 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame E8EC 43 B
425 B 414ms
44ms Image
image/gif 2a05:d018:d29:3601:f60d:7f4e:ab14:8158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e?gdpr=1&us_privacy=1---

Requested by

Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:f60d:7f4e:ab14:8158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 2975 281 B
554 B 36ms
36ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 07:22:39 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 55ms
48ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38l0&_p=6261&cid=220166814.1692775360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692775359&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 2975 34 KB
10 KB 33ms
33ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9826
Connection: keep-alive
Content-Length: 10116
Expires: Wed, 23 Aug 2023 10:06:26 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8A37 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308170101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 81A4 13 KB
5 KB 26ms
25ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:14:44 GMT
expires: Thu, 22 Aug 2024 07:14:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9713 829 B
1 KB 97ms
42ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d63526977a5d91abeed3749f2a69621c0f003d703a017f68b5315deacf9bd19

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vtToc5Is3Awzd3tlGIljyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-vtToc5Is3Awzd3tlGIljyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
expires: Wed, 23 Aug 2023 07:22:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 content_v3.js Show response
vidstat.taboola.com/ 16 KB
5 KB 38ms
37ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/content_v3.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
via: 1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: MXP64-C1
age: 1368885
x-cache: Hit from cloudfront, HIT
content-length: 4839
x-served-by: cache-mxp6950-MXP
last-modified: Wed, 20 Jul 2022 13:23:50 GMT
server: AmazonS3
x-timer: S1692775360.181306,VS0,VE0
etag: "f7533e747bb02a8eb527ada4f2749620"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: GYJJg7cHa9StY_p8FziuGzT8rJ8lRYh0JE2SiZPd1FnWWMlxlyRlkA==
x-cache-hits: 7968

GET
H2 200 OvaMediaPlayer.js Show response
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.3/ 446 KB
84 KB 33ms
31ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.3/OvaMediaPlayer.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 5eea249f1966604716504a56a8ed213328334d2380d7b092f35fc286f9f6153f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime: 1692608463
date: Wed, 23 Aug 2023 07:22:40 GMT
via: 1.1 varnish
content-encoding: br
x-amz-request-id: 5SFD2PTA4N84B8AP
age: 166851
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-meta-ctime: 1692608477
x-amz-meta-mode: 33188
content-length: 85897
x-amz-id-2: /uWLWxdEwnO68aFFuD4v3WLnEJzFJ8q8vr+cNpE/Yx1kbHV9JA5tZrTemYx8Ik/oDzfA6PKZPDU=
x-served-by: cache-mxp6950-MXP
last-modified: Mon, 21 Aug 2023 09:01:18 GMT
server: AmazonS3-br
x-timer: S1692775360.209605,VS0,VE0
etag: "9c222e185bb86aee65d904de96933ca9"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 71144

GET
H2 200 sync Show response
am-match.taboola.com/ Frame 6816 577 B
671 B 32ms
32ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_3/infra/cmTagFEED_MANAGER.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: 8cc9886f56ab30ce75dedf7fd7d68cb8bc5e1387ca25b0be3249f879b202cdd3

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Wed, 23 Aug 2023 07:22:40 GMT
machineid: 3402
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 28ms
27ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&cmcv=&pix=31579697&cb=1692775360191&uv=3323&tms=1692775360191&su=3&abt=nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-length: 0
server: nginx

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B380 379 B
600 B 84ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5ede199708b8fbc78f9889879b17c53a8f32c1eb2b2797106f6a752cbc00b8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE6C 37 KB
16 KB 302ms
298ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0a2a7a78dc1d38f51ab44d7a26fc1c1efd4dee6e3a686b4388af0a0f5ef7222a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16111
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B380 15 KB
11 KB 73ms
72ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230821&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85b8f4a4d187f0f21da6d22fe0fe2c54b9f570785751126a1e6dd46a10720f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11630
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame B2A1 379 B
313 B 64ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c306bcaef1d02283946956eb6b86c780d397627cd7c5a73448c7c348b33ea1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 248
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1EE8 37 KB
16 KB 298ms
297ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

891aec381da9d083e5838e918320a0986d87e9d993e79de2b45085965f582ba7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 16005
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B2A1 15 KB
11 KB 80ms
79ms XHR
application/json 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230821&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8a35329a40b28bde10e65a94d4b245ee94a899e98ef46eb49dd18c8d232c4a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11736
x-xss-protection: 0

GET
H/1.1 204
No Content sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 2975 0
239 B 427ms
103ms Image
image/gif 8.43.72.98
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LLNEQQTL-D-CHB1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.43.72.98 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: ab995a74221271a8dc253760ec78ee1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 206 blackScreen5.mp4
vidstatb.taboola.com/vid/ 89 KB
89 KB 41ms
33ms Media
video/mp4 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer: https://www.bg3.co/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

x-amz-meta-mtime: 1497790207
date: Wed, 23 Aug 2023 07:22:40 GMT
via: 1.1 1a3a682cf8d843fe52f3224f60584fac.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop: MXP64-C1
age: 625664
x-cache: Hit from cloudfront, HIT
Content-Range: bytes 0-90783/90784
x-amz-meta-mode: 33188
Content-Length: 90784
x-served-by: cache-mxp6950-MXP
last-modified: Sun, 02 Jul 2017 20:40:57 GMT
server: AmazonS3
x-timer: S1692775360.298004,VS0,VE0
etag: "b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid: 0
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
content-type: video/mp4
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: Fr7HowXM-yDrL3QOCMXEgtHD4_DD4oO_zXSggn0QqPq3ih2Kuw7ceg==
x-cache-hits: 34985

POST
H2 204 bulk Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
318 B 122ms
122ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 86
date: Wed, 23 Aug 2023 07:22:40 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 70699
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mxp6950-MXP
pragma: no-cache
server: nginx
x-timer: S1692775360.298055,VS0,VE86
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A52D 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:14:44 GMT
expires: Thu, 22 Aug 2024 07:14:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4600 829 B
767 B 32ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6755cc89394aa85515a105edbf545584dccb59f77558d85f1568ae1d9499d7aa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-LKTvwEIAtZ2xhPOo5PGZ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cdn.aralego.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-LKTvwEIAtZ2xhPOo5PGZ5w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
expires: Wed, 23 Aug 2023 07:22:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 6816 70 B
264 B 42ms
41ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 6816 43 B
425 B 50ms
43ms Image
image/gif 2a05:d018:d29:3601:f60d:7f4e:ab14:8158
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/taboola/23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e?gdpr=1&us_privacy=1---

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3601:f60d:7f4e:ab14:8158 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame C07C 281 B
554 B 22ms
22ms Document
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&excid=22&docw=0&cijs=1&nlb=false
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://am-match.taboola.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 23 Aug 2023 07:22:40 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B380 17 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308170101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9713 0
0 120ms
120ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308210101&jk=2704623592761534&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 81A4 37 KB
14 KB 23ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 06:38:58 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame C07C 34 KB
10 KB 24ms
24ms Script
text/html 95.101.149.233
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a95-101-149-233.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 23 Aug 2023 07:22:40 GMT
Content-Encoding: gzip
Last-Modified: Tue, 22 Aug 2023 10:07:16 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=9826
Connection: keep-alive
Content-Length: 10116
Expires: Wed, 23 Aug 2023 10:06:26 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B2A1 17 KB
6 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308210101/show_ads_impl_fy2021.js?bust=31077299

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4600 0
0 119ms
119ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308170101&jk=3726674125003116&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame A52D 37 KB
14 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 06:38:58 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
88 KB 36ms
35ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV

Requested by

Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

243f0de8df446c5bee42110acf118f881419c57fddcf77a40ec6280425d19945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90319
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 265 KB
88 KB 38ms
38ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dfd7a57013d1599d0786749d02ad28ead560d44dc8425fa09e5daf4f136f46a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 90402
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
BLOB 206
Partial Content 389ac363-8158-4035-b6db-052160d43bdf
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/389ac363-8158-4035-b6db-052160d43bdf
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content e2fbb19a-1431-4f9d-a592-d2ac69acbe02
https://www.bg3.co/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/e2fbb19a-1431-4f9d-a592-d2ac69acbe02
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 65C3 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:14:44 GMT
expires: Thu, 22 Aug 2024 07:14:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 21C5 829 B
559 B 32ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ca1766bb0da6ac9b87ffcab408c08aa4203021d9e6b29a51f7cccc51a0adc1b1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-upwYVLBabBpsYMUgMn3EqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-upwYVLBabBpsYMUgMn3EqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
expires: Wed, 23 Aug 2023 07:22:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
712 B 18ms
18ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Wed, 23 Aug 2023 07:22:40 GMT
via: 1.1 varnish
x-amz-request-id: DM4PFN0WZV5ZS5NS
age: 28583
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by: cache-mxp6950-MXP
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1692775360.460166,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 63
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 2235

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FF16 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 476
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:14:44 GMT
expires: Thu, 22 Aug 2024 07:14:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4DFE 829 B
558 B 31ms
30ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0290d44024f78e41179916fdaf5fc541831c70fbef4f977843d90f774d7a7938

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-yIc72vcEje04T_t9-mM6Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 536
content-security-policy: script-src 'report-sample' 'nonce-yIc72vcEje04T_t9-mM6Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
expires: Wed, 23 Aug 2023 07:22:40 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 2 KB
1 KB 27ms
27ms Image
image/svg+xml 138.199.37.225
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.37.225 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-37-225.bunnyinfra.net
Software: BunnyCDN-DE1-1055 /
Resource Hash: dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
cdn-edgestorageid: 860
cdn-storageserver: DE-677
cdn-cachedat: 08/17/2023 06:30:53
cdn-pullzone: 873945
last-modified: Thu, 17 Aug 2023 06:20:20 GMT
server: BunnyCDN-DE1-1055
cdn-fileserver: 655
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: image/svg+xml
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control: public, max-age=2592000
cdn-requestid: b5675a9b923a4579bf1d4c007b35217e
cdn-requestcountrycode: CH
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 1EE8 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame 1EE8 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1EE8 0
0 29ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTcpQxanEOWtqh-pRspAk_SVCy9hrhBxmO3OoG8N-wkCEoXgVN1S0aoeoYhY9BpJWdGlg9gaBD5migqr_9q_qx7ybV2gw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1EE8 181 KB
57 KB 98ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame CE6C 3 KB
1 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/ Frame CE6C 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230821/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 14:22:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 61183
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Sep 2023 14:22:57 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CE6C 0
0 28ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS88T1n_BMRi3bEhVLLaeU_hhb8gXQvSRwYPxmc-l6AZqChHzPVJz9VQxuCF0g9bC_EIv9THzhYEZ_iw0ib4CQEo-Tsgw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE6C 181 KB
57 KB 121ms
62ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57781
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692618714633496"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H2 200 bridge3.586.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 43F9 720 KB
231 KB 25ms
24ms Document
text/html 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6c84b6607a1fb1669e2110c8f5cb7af35b2f5d6c2aa06ce0a6e9d1be2af99fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.bg3.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 44116
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 236436
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 19:07:24 GMT
expires: Wed, 21 Aug 2024 19:07:24 GMT
last-modified: Tue, 22 Aug 2023 19:04:36 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 86ms
34ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 23 Aug 2023 07:22:40 GMT

GET
H3 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D21A 40 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 06:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13893
x-xss-protection: 0
last-modified: Wed, 09 Aug 2023 15:57:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Wed, 23 Aug 2023 07:58:31 GMT

GET
H2 200 playlist.m3u8 Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/ 171 B
836 B 91ms
27ms XHR
application/vnd.apple.mpegurl 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
cdn-edgestorageid: 1055
cdn-storageserver: DE-661
cdn-cachedat: 08/18/2023 10:37:57
cdn-pullzone: 829957
last-modified: Fri, 18 Aug 2023 08:18:43 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 637
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: 96838bbaec6869a4cca23a0c95b00e1f
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38l0&_p=6261&cid=220166814.1692775360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692775360&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 21C5 0
0 119ms
118ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230821&jk=4214786477375320&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
BLOB 200
OK 9f48deef-8f2f-4b4f-a586-af586a51e5c4
https://www.bg3.co/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/9f48deef-8f2f-4b4f-a586-af586a51e5c4
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 4896
Content-Type: application/javascript

GET
BLOB 200
OK 5e666e45-d891-49d7-b013-dcc0a440dea6
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/5e666e45-d891-49d7-b013-dcc0a440dea6
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
BLOB 200
OK da451e11-8223-48ad-9f99-192873dffa4d
https://www.bg3.co/ 76 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.bg3.co/da451e11-8223-48ad-9f99-192873dffa4d
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 77931
Content-Type: application/javascript

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 863E 151 KB
51 KB 251ms
168ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOWzwAAEe5YFkVwSAAG2o1ye-ULwHfwtrqo-pQ&u=%7CKrteKp%2BXdryi0j8RJJA4agH9a5SsztFdF8q2ZR96LWo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnol7GiUxlLS8tf9JPGjrQOr3K3eUcmP-glNnKhpSQPrcDsDwH_gNVfxVH02sEyKK7wPs4bP3RwRIeTcGsqo-4ssuliUcUjGt36pIuIBTp-IlRJFc1bjMn0mWzhzY9euW7ERAeAe_gYNV_jhX9B2dZvlRlj_KW32F0Yze0taU_tO3Va1lfawz4a6nxkt9raU0z2pVbd5ihoFfWJsSlgX3o0oEf6kXrQsYbTJRumiGJqogCuC7X67Lsg5yB-FPw_rgJVToZkutffGd_3NRod8BKEvvhSvTCVrU-VFwHkLJ5Sx0oUIXTXJiqzWC-x46_q3kCN5MO0Hwu6hMBuJaw4NLja85jEpZqOr8Qy09d3FGBSf7h3crvODY30pIzgE5jyWKT_SLk8W8kvaY6WzZ1JSiRRnEMim-egRvX245OP_mxtqUhihgGInPCVZMlW8s_UpKdhECrYYL2AM3_aDpBuYqK5EVIrrZa54TnTSr4VAJC7xyyCi004EtrY6UcIl6PJgFgPBWxFrI80oPXlmFXn8n_SNDyPHYj8cdVyRqiNNasy9blfOTnVhHKVXirxBnV1VGgcH3CbeVeGZJDfVBNNrGhz2SctznNEwF1lX8Z89CtRc1KSMKu5G81x9Ew2iBhREkL_nLS24Yx6XqnZbm3NlProW7WaGa4O2Tg6Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChWt7wLPlZJb3EZK4xdwPo-2GoAnJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCyyOjc8xsj6oAwHIAwKqBIoCT9CJRVeWl2Poy2WVOoVI8iK-mS5WB12F56mxNRlGx_VPC0B5r5Qj-uhwIg-8odRcwQqbqtjUS0rUewOMZKF0QzScy00xj2UJOySNWM1cnrVaR4oLOvQdUl6d-8_uk86YXSGO4bN-BmveubReIAzVYXUnBLQh57X9K706XISvU8TbzEYBw9Eu95J8WYyM-IW613srURtDVDU_RUQGBIbBbxMxjLvubGpUZXsrjluofMbFntUzmk6pPvMnEiyZvCXCGEhplSRYNCvmgbmkNd3iSCcMoA-qUVSMsl2BT2ZTuEiG8BgzvZlBuE4ZjXpgv5xmj60Yh5Ya6MM7h3p3wrtxJfLdtjhC0HmRIgGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2683voMMxpBJADz2yNAm6Y4oyLUA%26client%3Dca-pub-4485239425924787%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5971e0bb9e0cacff77721beb89ffeff58d6b21f8a1e92de782344db189a146f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9sakwK1qqqpACP6vK9DbjJIfBozk1DH1ILRfZk8gwS-ZAiuncnzKO9AtHN5t09kfBi0HpAanE1NdqK0E_RSZmbKn3nY0UR-V0_YSkp47VLKhxN0KQr0yN8qq2wJrdwxo0VLpq2myYVEccX91LZoCAv3ucMPQAufHzKZ2LeTRMWOsnsQ3j-8-YOB-AT0tMxecBFM0CLjbCwOdZpNbSRHY5O2BSRjAC8Hy7OiShfm0mjE3eEsDyGOV0pG6b3vVtLZaKmK28Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57901927
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D5CC 1 KB
643 B 22ms
21ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 29263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 23:14:57 GMT
etag: 48472445140208031
expires: Wed, 23 Aug 2023 23:14:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A274 136 KB
47 KB 183ms
110ms Document
text/html 2a02:2638:d::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOWzwAAEig0KspbHAA74InACMqqED4lnVHXfWQ&u=%7CKrteKp%2BXdrxqpKjDGQJ15jycfYoYI7s9LgkjAcXsWko%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgsEYLRTC0XW27L2_tjl6erqA_RpXvp0RC7XZ7_cIKQqepYZXd-bwIUf27pCTvsPNVT3L8a0xmJh0sf_yqhRXIbw7ywxw55bKJ_saTbjlkSUNwwcXOL3m1QIBqSZc3ySDaDWP_vxyEyGY93zyGJQ6pRUR_T9s7-v6sYO4rJib_RIHc9yEPXYx_QYoko3ORMIMwy11TTx-vfOfaw8Lvs28xHJFMUHC6ZO_Ma2nGwVhDHNc3dfBnTPF_rW-Ck9eW3rJt3dJt1FQXHWM3roHWNlF51UORTcZeMK_HgTkSLCM3OVOHe9bBavsbPt8rn1w7VgIJu7sxtxfRuO8Qt_40PAaEjP0EZIFP_pGRClXsLDVc9rJDRbucJLaRxj1KTEbwqPaCaBzBvW9BTs4wpp4MBIAzxHqF7zJ7QFY8iNmIxgAESc2BXM2dd2umdjeyK6vaabX5C-Vs3xZLW0An_F5fsA-KLFwQmv6xB6hMHAW1b3Qu3W8b-y_n89iSy9XMsXvzIG0NagjNI_43vaMShNIfkt7JWBqOoamY8jbKha2Ec8nAVvYznQIUAh4UBusJ6mrG6U1E-Kk245NmFuTUyHdpJSsyCDqZWNI0zd2ijIAFBxYYzFjJlV-nTrR5J1Df0_bnYPHGWQe9H-eJAy5TqtC5MVEUopgIFixVqYHriuSO1QFa9-MTmEUAeR275gjnN9dCPEl1heQVLT2pos8abf4QuXhYa_JxEqf8hZWtbYfjipoB29B-vdkpOWOr0A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypuwwLPlZI2UEsetygWi8LuYBcme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQL8am_kHjeyPqgDAcgDAqoEkAJP0LNCtlj3V7r-XGvQiDFrac838bVJKkwdD2fjy4m850GuzcUavx5nLUjG6Eb5pQP68lKEEZ3BGUz00d2XB64WDrkDXGitXEVH2AH3hE1pmBHBkgOtSQ65B1NwJFq74XVBbGLH0AZ4tEmzINXlmWtktyqMzOdC_GTnZEVT619MbcrtnzVYU_eOjyBhxdJpui06Wefo07eixgKR288aQe64nJEcpqwC-mgn6uQgL4_I2776Vu3ro5U07bERzF3WvYsS_EzjNvRAjU7Yk6k92duMIjFiuqABu8VTGQb5oSPvZpMBoZY5wVpsMrS3t9L3QPAWgQP25gnUGgWaTyc7RiNHCVLYkBeHZex8imfSuPWwpYAGx5rz14v5zflroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QFYhMMaBxpDWv-RySjIR0mQhOnA%26client%3Dca-pub-4485239425924787%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

527d889f987a625a1eff6963572b92a4ed81441d0bfc06af803056c178cde49a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 23 Aug 2023 07:22:40 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ylgCm61qqqpACP6vtEACVV48HZJgsOcberbI0BAP07F-o2Dw24J-p9N8LyjiX_8Pr3UPritYplApMu51VjKuZXK9olrLS4G_c9JF4CO9YkLmm1N16L8q2TZrtlcTAaxV1hYV1DXtBjAX5vt3NyHFNsJYpL8zdPSZC6jITl4NPPxUYpCrvYvCUVzuWhwsQulxNQHlH0F8t4NY7krPNgE-UhsLYBNRIv5Drrin7R8d4FKtZy0Z2oulNp6c5oLEYCCqb_-d7A"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 52190801
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame D753 1 KB
643 B 21ms
20ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 29263
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 22 Aug 2023 23:14:57 GMT
etag: 48472445140208031
expires: Wed, 23 Aug 2023 23:14:57 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 video.m3u8 Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 5 KB
1 KB 29ms
29ms XHR
application/vnd.apple.mpegurl 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video.m3u8
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
content-encoding: gzip
cdn-edgestorageid: 1055
cdn-storageserver: DE-664
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 646
cdn-requestpullcode: 206
cdn-proxyver: 1.04
vary: Accept-Encoding
content-type: application/vnd.apple.mpegurl
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=30
cdn-requestid: d677f558e239c778dfd3ef6e9b16e1b0
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame 65C3 37 KB
14 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89022
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 06:38:58 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 81A4 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?TNnJ_Q
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4DFE 0
0 118ms
118ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230821&jk=982439685519030&rc=
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 video0.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 310 KB
311 KB 29ms
29ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video0.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
cdn-edgestorageid: 1076
cdn-storageserver: DE-677
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
content-length: 317720
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 636
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 772d587a38a9e7a44c9abca89dd591db
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin: https://www.bg3.co
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 1EE8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 756f08d7a200ac34b8ff3bb0b4552e0c94dc3eae6d4db3f7063746f49a802ee9

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CE6C 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 848e57ca643f01d694b0326a3fdf8ffc4a15a83bdf570cf81633f8128f9459a8

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js Show response
pagead2.googlesyndication.com/bg/ Frame FF16 37 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/H7NiGUBWITXDbUXvzcl9NdwFkmo5ojjKC-Hhm2BY16o.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 22 Aug 2023 06:38:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14718
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 21 Aug 2024 06:38:58 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame D5CC
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELdgLVVMNgNEXtZKMOTzAuY&google_cver=1&google_push=AXcoOmR2PZC7WX8c4Sj7jnBy9t4Y5S8RzPE8nOx4Qz-pj2kWb23HREhBbeHLi6yXFWijFLbYUJoL4ZVAyIsbQdTOGMune0H6RpVo
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDU3ODc5MDE3NTIyNjQyNDkxMw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELdgLVVMNgNEXtZKMOTzAuY&google_cver=1

43 B
398 B

62ms
32ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELdgLVVMNgNEXtZKMOTzAuY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELdgLVVMNgNEXtZKMOTzAuY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame D5CC 35 B
363 B 26ms
22ms Image
image/gif 2620:116:800d:21:c5a4:625:6563:a5bb
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEIKL3MFU9PeEX96es9qlvko&google_cver=1&google_push=AXcoOmQWefoBLUgSVrftHwCYAAnwXk7zNBN5YCfa9zdHNoIi4oOVZJFqsQhbMu-c4tNj7ekr-LWDlWzhAsPYGKGglMSudxF2TH6f

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:c5a4:625:6563:a5bb , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEIrmxOVElP13uoYk23fkevI&google_cver=1&google_push=AXcoOmTPUBUvPVZMAoyk_a8wKsq_q8F13_zMmiuIqR6fVmvtPGgCRjRDXOHyYkysetAjJIuseoVZKJGiMWUgqc...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDQxNDgxNDk3MjgwMzIyNA%3D%3D&google_push=AXcoOmTPUBUvPVZMAoyk_a8wKsq_q8F13_zMmiuIqR6fVmvtPGgCRjRDXOHyYkysetAjJIuseoVZKJGiMWUgqcEOwt...

170 B
188 B

33ms
33ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDQxNDgxNDk3MjgwMzIyNA%3D%3D&google_push=AXcoOmTPUBUvPVZMAoyk_a8wKsq_q8F13_zMmiuIqR6fVmvtPGgCRjRDXOHyYkysetAjJIuseoVZKJGiMWUgqcEOwtACsCIqX-55

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI3MDQxNDgxNDk3MjgwMzIyNA%3D%3D&google_push=AXcoOmTPUBUvPVZMAoyk_a8wKsq_q8F13_zMmiuIqR6fVmvtPGgCRjRDXOHyYkysetAjJIuseoVZKJGiMWUgqcEOwtACsCIqX-55
Date: Wed, 23 Aug 2023 07:22:41 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEODApywSeBpqyaFxqz64lfQ&google_cver=1&google_push=AXcoOmSUv8Kqv3Bwd9z-CPN_qfKCmKnKLPkwC4JliEuyoNpH1BvCm_BL77SQjKPMOxP2_8QHRCejaTrqFWz6N_6m2K0HA50...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSUv8Kqv3Bwd9z-CPN_qfKCmKnKLPkwC4JliEuyoNpH1BvCm_BL77SQjKPMOxP2_8QHRCejaTrqFWz6N_6m2K0HA50jbLlv&google_hm=eS13U3kyS2c5RTJwRVNyQz...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSUv8Kqv3Bwd9z-CPN_qfKCmKnKLPkwC4JliEuyoNpH1BvCm_BL77SQjKPMOxP2_8QHRCejaTrqFWz6N_6m2K0HA50jbLlv&google_hm=eS13U3kyS2c5RTJwRVNyQzg2TER0aTM1UnZNZVhBMUZxZn5B

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSUv8Kqv3Bwd9z-CPN_qfKCmKnKLPkwC4JliEuyoNpH1BvCm_BL77SQjKPMOxP2_8QHRCejaTrqFWz6N_6m2K0HA50jbLlv&google_hm=eS13U3kyS2c5RTJwRVNyQzg2TER0aTM1UnZNZVhBMUZxZn5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeIutmK4Tp2EiMl0lETM4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeIutmK4Tp2EiMl0lETM4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSPOiaD4ynyvOCEGGz-57ZUCguw2rsZZgv25k9EMi7Z9y8B8GIPS-LXuxQxQ5w7nsdaKDVAu8PZ6fnEP_SEUlPddjfJrN8

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=UeIutmK4Tp2EiMl0lETM4g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmSPOiaD4ynyvOCEGGz-57ZUCguw2rsZZgv25k9EMi7Z9y8B8GIPS-LXuxQxQ5w7nsdaKDVAu8PZ6fnEP_SEUlPddjfJrN8
date: Wed, 23 Aug 2023 07:22:39 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEDBJLxehsPT8_P5w7RhQvPo&google_cver=1&google_push=AXcoOmTaOLn19aRCdR_FDB8HHtLrQvBsO_bNvOua2utzlxkqp--Y0cqu39sYd6C6PpwK2_nzRnC...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=AXcoOmTaOLn19aRCdR_FDB8HHtLrQvBsO_bNvOua2utzlxkqp--Y0cqu39sYd6C6PpwK2_nzRnCckVfS3MXzJr6dmKV5B-a_bda6

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=AXcoOmTaOLn19aRCdR_FDB8HHtLrQvBsO_bNvOua2utzlxkqp--Y0cqu39sYd6C6PpwK2_nzRnCckVfS3MXzJr6dmKV5B-a_bda6

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TExORVFRVEwtRC1DSEIx&google_push=AXcoOmTaOLn19aRCdR_FDB8HHtLrQvBsO_bNvOua2utzlxkqp--Y0cqu39sYd6C6PpwK2_nzRnCckVfS3MXzJr6dmKV5B-a_bda6
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D5CC
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBiWAj2zYfA8xyBsj98yhAc&google_cver=1&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIw...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBiWAj2zYfA8xyBsj98yhAc&google_cver=1&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIw...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIwpfxvKRECONa&google_hm=HMp6uGZHdy9vNeP0QdGwm0yA

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIwpfxvKRECONa&google_hm=HMp6uGZHdy9vNeP0QdGwm0yA

Requested by

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 23 Aug 2023 07:22:41 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AXcoOmRUTM_WmklV_lCFtK7a7q6f5tFKrGh0618O9ttOV2prZBShMZ43ICP83dhZXZ_9-7wiKDOAf_X01VkvoPwIwpfxvKRECONa&google_hm=HMp6uGZHdy9vNeP0QdGwm0yA
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D5CC 0
12 B 30ms
29ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JJccsLGrDYVVoTjM2eL-0Via1YRyUkU90ouLlR5cm5gqFKehg-E9X4-r6PZhIjthL4UIzO

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame D753
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBlT8u9W07qO0UlnfRX_z7E&google_cver=1&google_push=AXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBlT8u9W07qO0UlnfRX_z7E&google_cver=1&google_push=AXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuH...

43 B
418 B

197ms
197ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBlT8u9W07qO0UlnfRX_z7E&google_cver=1&google_push=AXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fb19b181e8c4bef-MXP
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 711
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBlT8u9W07qO0UlnfRX_z7E&google_cver=1&google_push=AXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQtXnQfyCICf8BA5eOUn4YoGz_ijL5AnEuNpwjrgsHSJ5VRduOehxAmCG-eT58gokKoDXqsi0UHp-ceWE4DgbEgTJBLsuHs%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7fb19b16bd234bef-MXP
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D753
Redirect Chain

https://s.uuidksinc.net/match/47/?remote_uid=CAESEHI8mjy70kI4cJVCY4EN1_w&c_param1=AXcoOmRkUcDOH2v0rQqPZKRau88dwOKMPbeT98WXzV9Xh3GOBUXuhzwPPM82p0vCC9MrnN0TP9-V_vd8rb7IE3dB2kDpjNPEUPjI&gdpr=%%GDPR%%&...
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRkUcDOH2v0rQqPZKRau88dwOKMPbeT98WXzV9Xh3GOBUXuhzwPPM82p0vCC9MrnN0TP9-V_vd8rb7IE3dB2kDpjNPEUPjI

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRkUcDOH2v0rQqPZKRau88dwOKMPbeT98WXzV9Xh3GOBUXuhzwPPM82p0vCC9MrnN0TP9-V_vd8rb7IE3dB2kDpjNPEUPjI

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AXcoOmRkUcDOH2v0rQqPZKRau88dwOKMPbeT98WXzV9Xh3GOBUXuhzwPPM82p0vCC9MrnN0TP9-V_vd8rb7IE3dB2kDpjNPEUPjI
date: Wed, 23 Aug 2023 07:22:41 GMT
server: nginx/1.23.2
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D753
Redirect Chain

https://cs.media.net/cksync?type=g&google_gid=CAESEEQzknnjvWQqx5yKXRmuauE&google_cver=1&google_push=AXcoOmQBa9fU1O8ROrhtFOB5nxCYvWe9heUuC1EpxaC3Vp_E3uDgM0bz4UDtzKr8Np4GM01ca6prpo1WkoA8J8CjdG_NQeaohzxs
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&mn_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQBa9fU1O8ROrhtFOB5nxCYvWe...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&mn_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQBa9fU1O8ROrhtFOB5nxCYvWe9heUuC1EpxaC3Vp_E3uDgM0bz4UDtzKr8Np4GM01ca6prpo1WkoA8J8CjdG_NQeaohzxs&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 07:22:41 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
Location: https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&mn_hm=MzM1Nzc2OTYxNzI1MjExMDAwMFYxMA%3d%3d&google_sc=1&google_push=AXcoOmQBa9fU1O8ROrhtFOB5nxCYvWe9heUuC1EpxaC3Vp_E3uDgM0bz4UDtzKr8Np4GM01ca6prpo1WkoA8J8CjdG_NQeaohzxs&gdpr=&gdpr_consent=
Content-Type: text/html
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 154
x-mnet-hl2: E
Expires: Wed, 23 Aug 2023 07:22:41 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D753
Redirect Chain

https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKlpkpLlJ1XNxPs24MTbfgE&google_cver=1&google_push=AXcoOmR7Rroa47b3ZUYhbiBvCedRhV7NFxg1f4TBXMfxzGqPIalhVsNlcpdgaNyaPks8qrmq436Fzq...
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR7Rroa47b3ZUYhbiBvCedRhV7NFxg1f4TBXMfxzGqPIalhVsNlcpdgaNyaPks8qrmq436FzqTYbbLQpmEM2n-FU9qMEzw&google_hm=NTA2NTM2Mzg...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR7Rroa47b3ZUYhbiBvCedRhV7NFxg1f4TBXMfxzGqPIalhVsNlcpdgaNyaPks8qrmq436FzqTYbbLQpmEM2n-FU9qMEzw&google_hm=NTA2NTM2Mzg1Njc3NTkwMzk3Ng%3D%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmR7Rroa47b3ZUYhbiBvCedRhV7NFxg1f4TBXMfxzGqPIalhVsNlcpdgaNyaPks8qrmq436FzqTYbbLQpmEM2n-FU9qMEzw&google_hm=NTA2NTM2Mzg1Njc3NTkwMzk3Ng%3D%3D
date: Wed, 23 Aug 2023 07:22:40 GMT
content-length: 0

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame D753 42 B
233 B 351ms
115ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESELr3WWu5KhoAi59a__k9gOk&google_cver=1&google_push=AXcoOmSUnxQNyB0JMD8W3Pt4LVRS9UwJWcfr6DRB9pLk8fL6AVJ8U2IhwiWDXdctS8je_a7x7ZRBAPgDflKly_ZQKEkhUCvsu8ETLA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 23 Aug 2023 07:22:41 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

/
onetag-sys.com/match/ Frame D753
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJw5q5YNyz6LXeQFc6y94EE&google_cver=1&google_push=AXcoOmRZkm2xVlEUQhYbXf1_GE7k3VJo3UGVTYT6mWvdpZuKMSB2rY9-bzKe-ScT1cRN4W0D0TFu2nYOLrD...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmRZkm2xVlEUQhYbXf1_GE7k3VJo3UGVTYT6mWvdpZuKMSB2rY9-bzKe-ScT1cRN4W0D0TFu2nYOLrD2oTYZ32Km5GzG2cIy
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

24ms
24ms

Image
text/plain

51.89.9.253
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Server

51.89.9.253 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip253.ip-51-89-9.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame D753
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJa6DmYnE...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEJa...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7750f65-8e2f-4e67-955f-ac7671957e17&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7750f65-8e2f-4e67-955f-ac7671957e17&%%GOOGLE_PUSH_PAIR%%

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=c7750f65-8e2f-4e67-955f-ac7671957e17&%%GOOGLE_PUSH_PAIR%%
date: Wed, 23 Aug 2023 07:22:41 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame D753 0
12 B 30ms
29ms Image
text/html 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LRzlzmMi0h0oIkj4e2zHy3Miki0__7tDTZbg9EdoHggXXi2QDsWaPWYOfoE7uv_HPb6Q6OjDn9

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A274 2 KB
1 KB 145ms
70ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOWzwAAEig0KspbHAA74InACMqqED4lnVHXfWQ&u=%7CKrteKp%2BXdrxqpKjDGQJ15jycfYoYI7s9LgkjAcXsWko%3D%7C&c1=wLMhjbQtwRcs3jPjsTD8ckzZrQqOtcHgsEYLRTC0XW27L2_tjl6erqA_RpXvp0RC7XZ7_cIKQqepYZXd-bwIUf27pCTvsPNVT3L8a0xmJh0sf_yqhRXIbw7ywxw55bKJ_saTbjlkSUNwwcXOL3m1QIBqSZc3ySDaDWP_vxyEyGY93zyGJQ6pRUR_T9s7-v6sYO4rJib_RIHc9yEPXYx_QYoko3ORMIMwy11TTx-vfOfaw8Lvs28xHJFMUHC6ZO_Ma2nGwVhDHNc3dfBnTPF_rW-Ck9eW3rJt3dJt1FQXHWM3roHWNlF51UORTcZeMK_HgTkSLCM3OVOHe9bBavsbPt8rn1w7VgIJu7sxtxfRuO8Qt_40PAaEjP0EZIFP_pGRClXsLDVc9rJDRbucJLaRxj1KTEbwqPaCaBzBvW9BTs4wpp4MBIAzxHqF7zJ7QFY8iNmIxgAESc2BXM2dd2umdjeyK6vaabX5C-Vs3xZLW0An_F5fsA-KLFwQmv6xB6hMHAW1b3Qu3W8b-y_n89iSy9XMsXvzIG0NagjNI_43vaMShNIfkt7JWBqOoamY8jbKha2Ec8nAVvYznQIUAh4UBusJ6mrG6U1E-Kk245NmFuTUyHdpJSsyCDqZWNI0zd2ijIAFBxYYzFjJlV-nTrR5J1Df0_bnYPHGWQe9H-eJAy5TqtC5MVEUopgIFixVqYHriuSO1QFa9-MTmEUAeR275gjnN9dCPEl1heQVLT2pos8abf4QuXhYa_JxEqf8hZWtbYfjipoB29B-vdkpOWOr0A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCypuwwLPlZI2UEsetygWi8LuYBcme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQL8am_kHjeyPqgDAcgDAqoEkAJP0LNCtlj3V7r-XGvQiDFrac838bVJKkwdD2fjy4m850GuzcUavx5nLUjG6Eb5pQP68lKEEZ3BGUz00d2XB64WDrkDXGitXEVH2AH3hE1pmBHBkgOtSQ65B1NwJFq74XVBbGLH0AZ4tEmzINXlmWtktyqMzOdC_GTnZEVT619MbcrtnzVYU_eOjyBhxdJpui06Wefo07eixgKR288aQe64nJEcpqwC-mgn6uQgL4_I2776Vu3ro5U07bERzF3WvYsS_EzjNvRAjU7Yk6k92duMIjFiuqABu8VTGQb5oSPvZpMBoZY5wVpsMrS3t9L3QPAWgQP25gnUGgWaTyc7RiNHCVLYkBeHZex8imfSuPWwpYAGx5rz14v5zflroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2QFYhMMaBxpDWv-RySjIR0mQhOnA%26client%3Dca-pub-4485239425924787%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A274 2 KB
1 KB 144ms
69ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A274 308 B
637 B 54ms
36ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A274 293 B
621 B 54ms
37ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame A274 43 B
348 B 141ms
38ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=OrzuvikSD0UQ68kR8iDt_2lhbL6HcvnLBKtAdYzgJ8vNV9JptMgiV8iU090MJkMxk3xyyP3dAgHn7Ve7pEjb4qeN4Op0LctBPBT-sJEq8q6SgopxyQDLcUdu0uUdvlQoDlUv1EdZ7HUhxSbKK3rYOx9LevXlCv6LPDn19CMQZ3JdaqcU5kkG1lozOMF5tFkwBLuI5wVfzzX23WkP0WXPAiIdBm6dMw1-8MmTHSdJuUqPnlvAUL9580neWGaaDkxDX59ynrBAIGdhc164EKiSIX7aopt_eYn_DeVv5FtKoM5xGyhcFIacHb09GK3_Y-inQ3LxT1ZuNaIGK3K4xmJRhbpFxeyI9yYNhV5JYPDSe2tmH07wThAiIvpkFQ2tIxvb-29dHvM8bS_a0TGGvL6MH_WhS95NY1Kpiy8F9WeZ53VhuoKiX54id6AfWi2vjS3LVIsGIMP7Qyv8qOYq9qcaP0oRI7sCLfe-lqE7XWJA75ETs8G3nOyyd40FdQ_DaBl6nTg8AGX89PTlm-FXhBYXMJzG5IuzWiTon6Q8NIFbCplXsDwZ4wUq7137V74z9Fq0o5wKoQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1574206
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 863E 2 KB
1 KB 81ms
37ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZOWzwAAEe5YFkVwSAAG2o1ye-ULwHfwtrqo-pQ&u=%7CKrteKp%2BXdryi0j8RJJA4agH9a5SsztFdF8q2ZR96LWo%3D%7C&c1=wLMhjbQtwRerfuYQvtYvucUfx71c_57o2eAKtbyUnkzCgAZe2TqI9t-30jvbb4jJ4J0HrkfUVwV9W7X5y17J5sh0sko3T2VIET76KXVgnol7GiUxlLS8tf9JPGjrQOr3K3eUcmP-glNnKhpSQPrcDsDwH_gNVfxVH02sEyKK7wPs4bP3RwRIeTcGsqo-4ssuliUcUjGt36pIuIBTp-IlRJFc1bjMn0mWzhzY9euW7ERAeAe_gYNV_jhX9B2dZvlRlj_KW32F0Yze0taU_tO3Va1lfawz4a6nxkt9raU0z2pVbd5ihoFfWJsSlgX3o0oEf6kXrQsYbTJRumiGJqogCuC7X67Lsg5yB-FPw_rgJVToZkutffGd_3NRod8BKEvvhSvTCVrU-VFwHkLJ5Sx0oUIXTXJiqzWC-x46_q3kCN5MO0Hwu6hMBuJaw4NLja85jEpZqOr8Qy09d3FGBSf7h3crvODY30pIzgE5jyWKT_SLk8W8kvaY6WzZ1JSiRRnEMim-egRvX245OP_mxtqUhihgGInPCVZMlW8s_UpKdhECrYYL2AM3_aDpBuYqK5EVIrrZa54TnTSr4VAJC7xyyCi004EtrY6UcIl6PJgFgPBWxFrI80oPXlmFXn8n_SNDyPHYj8cdVyRqiNNasy9blfOTnVhHKVXirxBnV1VGgcH3CbeVeGZJDfVBNNrGhz2SctznNEwF1lX8Z89CtRc1KSMKu5G81x9Ew2iBhREkL_nLS24Yx6XqnZbm3NlProW7WaGa4O2Tg6Y&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DChWt7wLPlZJb3EZK4xdwPo-2GoAnJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCyyOjc8xsj6oAwHIAwKqBIoCT9CJRVeWl2Poy2WVOoVI8iK-mS5WB12F56mxNRlGx_VPC0B5r5Qj-uhwIg-8odRcwQqbqtjUS0rUewOMZKF0QzScy00xj2UJOySNWM1cnrVaR4oLOvQdUl6d-8_uk86YXSGO4bN-BmveubReIAzVYXUnBLQh57X9K706XISvU8TbzEYBw9Eu95J8WYyM-IW613srURtDVDU_RUQGBIbBbxMxjLvubGpUZXsrjluofMbFntUzmk6pPvMnEiyZvCXCGEhplSRYNCvmgbmkNd3iSCcMoA-qUVSMsl2BT2ZTuEiG8BgzvZlBuE4ZjXpgv5xmj60Yh5Ya6MM7h3p3wrtxJfLdtjhC0HmRIgGABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2683voMMxpBJADz2yNAm6Y4oyLUA%26client%3Dca-pub-4485239425924787%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 863E 2 KB
1 KB 87ms
42ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 863E 308 B
636 B 59ms
58ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 863E 293 B
621 B 64ms
64ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 lg.php
cat.fr3.eu.criteo.com/delivery/ Frame 863E 43 B
347 B 112ms
38ms Image
image/gif 178.250.7.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=p_nBix0rqOpHnIth6-Awl8Qw4fiUySPBlywBbYcRIsCVUdjThJv55fTTEzmQ7a6VFaTKY7AWK93NBVP737A6wesKRheNunHzTkHGdwpCEEuyGHOCzI78D5HS0r-h--Lhm9-mNapGIX3Q02uZOcTl2LiupqHaSXTmNM9gv242VKPYUdQnhFB9YAEIJv8FHKzf4B8sH3_3xoCFoNBkxCD1Fmzv-1dWhfj132eEuy0-km0tYuU6s7-wTUZSDKGqqKcOEluxWUj29NzldxnFXriAjZ9rX7MjphiK3IWChTBQnFA-4L8vXq-TTL5dlSs-oUrIH7aSt94vLrBXBblsf_1NZRXpeOCF7Yg-TGl7tGNlph6cHCqr_DWtd1V4Kqutg3VuonncwU_8baVf1rfYd16gb8kQPXWsQsT8T2w6iuZcisljssWilod4bDPojfetZQciltQEY86N_I7M9Mm-lrmQDwoQ8iXNnyvRHxDROUshd9pglV4SQXU2WpHsrLwK6KmFVMG9MUTSesyDqwhb_8hu6E9C4PwMJNarUT6syqupXzulz8yy2MjlGUobLFGw5N6CqM6iog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.7.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1596345
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A274 12 KB
5 KB 62ms
23ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 387203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z68mL5qOirJ8WgNTs8JaAPcppUR46lLjhdhaCAI7sDcHAxfY10YhP9zvhFg0sBa2EX6JddXKPQmQoq6K7QPAPmnA5Yc6zsAqgO%2FT533YI%2BCaWueeRdSc3DZdgVzB4EuCdgZBNnDIqXzEklPSHLzAlBSi"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb19b172a5e4be1-MXP
expires: Mon, 12 Aug 2024 07:22:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A274 12 KB
6 KB 50ms
41ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ 3 KB
2 KB 22ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:41 GMT
x-amz-request-id: H94FJWAASNXACN8Y
age: 1641
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1340
x-amz-id-2: 8WdH+xczaFe1eqbP6uhBtmeiAXrbpYFeRAWQ5dFgC6C272jCeuos7M3xJKCXQ+u1QBjnGzDHVZQ=
x-served-by: cache-mxp6950-MXP
last-modified: Wed, 12 Oct 2022 13:57:57 GMT
server: AmazonS3
x-timer: S1692775361.119448,VS0,VE0
etag: "383fa66d2a0a09f4a6e64a9593ad43bb"
vary: Accept-Encoding
content-type: application/javascript
abp: 74
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 5318

GET
H2 200 eidf.es5.js Show response
cdn.taboola.com/scripts/ 17 KB
7 KB 22ms
22ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/eidf.es5.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 3979WkHCSLO5cQCJAWoE4w7tW4Dv40AW
content-encoding: gzip
via: 1.1 varnish
date: Wed, 23 Aug 2023 07:22:41 GMT
x-amz-request-id: E0K3EADYPH4DYY6V
age: 5369
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6467
x-amz-id-2: o84c2xeVrQDatJK5eXb5G91D+ix4Rc43AkKKvwz6enw4FiKp4x48sJSXDujLJwZa9RBWxK/kpqA=
x-served-by: cache-mxp6950-MXP
last-modified: Sun, 02 Apr 2023 13:49:08 GMT
server: AmazonS3
x-timer: S1692775361.119431,VS0,VE0
etag: "2fdf3e79d5e851201a0d52a886453d8b"
vary: Accept-Encoding
content-type: application/javascript
abp: 45
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1660

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 863E 12 KB
5 KB 35ms
25ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 387203
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4418
last-modified: Thu, 22 Jun 2023 11:22:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942f04-1142"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QzRXvXTy14JAbHF8VmQ2jObGU%2FbnTPlp1hzhE4DiboqH24wxu77kBYDVaUwkNcaj1TANeb3NJOTjAKhPkKtZ4vC8Qp4xXZSImuu47ycY9w%2BX8hVWl2iv70wZKYdCLBdQ%2F6%2Fe8JRY4sd5Nv61sztesUB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7fb19b172a5f4be1-MXP
expires: Mon, 12 Aug 2024 07:22:41 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 863E 12 KB
6 KB 54ms
54ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A52D 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?9jwGdQ
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 a176243967584ae1a4611dd7ea70a0b7_cpn_336x280_1.jpg
static.criteo.net/design/dt/12230/230131/ Frame A274 58 KB
59 KB 54ms
52ms Image
image/jpeg 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/12230/230131/a176243967584ae1a4611dd7ea70a0b7_cpn_336x280_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

fea70afe99d1a20296cadbb987078ef5b7a6a522982afee9964da99da19b4645

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 31 Jan 2023 10:27:35 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63d8ed17-e8e3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 59619
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A274 13 KB
13 KB 122ms
46ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F12230%2F4853594%2F3049ebe35fa240e09f5ba31096708313_logo_n_horizontal_13.png&v=3&w=668&s=f8eaoVFYIkuX9T7n21UwWBXk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c949da1c108d4da25947fd15d5fee3be68b03f0f33f85550b0b6a86f53144b43

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 12820
expires: Thu, 01 Aug 2024 15:48:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A274 177 KB
177 KB 225ms
149ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F12230%2F4909271%2Ff65cc7f5c42943739029c6ae628a74f7_img_vertical_1.jpg&v=3&w=1200&s=aJ9uXvHcAvmnoKmkUT6x_Fsr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1dd26d28c7b8ca7dabcd5438a3c5478f3691a0e195efc86f632c5c8dc115f4f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 181142
expires: Sun, 11 Aug 2024 15:34:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A274 9 KB
9 KB 152ms
75ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=12230&q=80&r=0&u=https%3A%2F%2Fmedia.walbusch.ch%2Fproducts%2Fwalbusch%2Fimages%2F1441x1922%2FEC44_6363_FA_029.jpg&v=3&w=400&s=4-v_-XxhIXAljMCSwmGeqFYB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0677236a080e3ee5009e4ac0665963d9cf538686e3ff900c0c3a974ce0092a12

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=508059
content-length: 8764
expires: Fri, 25 Aug 2023 13:39:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A274 0
128 B 78ms
25ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ylgCm61qqqpACP6vtEACVV48HZJgsOcberbI0BAP07F-o2Dw24J-p9N8LyjiX_8Pr3UPritYplApMu51VjKuZXK9olrLS4G_c9JF4CO9YkLmm1N16L8q2TZrtlcTAaxV1hYV1DXtBjAX5vt3NyHFNsJYpL8zdPSZC6jITl4NPPxUYpCrvYvCUVzuWhwsQulxNQHlH0F8t4NY7krPNgE-UhsLYBNRIv5Drrin7R8d4FKtZy0Z2oulNp6c5oLEYCCqb_-d7A&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A274 2 KB
1 KB 90ms
89ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A274 2 KB
1 KB 88ms
88ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 15 KB
15 KB 197ms
158ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=92&m=0&partner=102789&q=80&r=0&u=http%3A%2F%2Fstatic.fr3.eu.criteo.net%2Fdesign%2Fdt%2F102789%2F4782559%2F7a34ef86a86540a5adebf22d382f4e90_digicomp_logo_white_criteobanner_cta_horizontal.png&v=3&w=668&s=jE2gZoG1tNbQutE2yyZXUCGG

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 14927
expires: Tue, 06 Aug 2024 01:41:38 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 13 KB
13 KB 165ms
126ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=102789&q=80&r=0&u=https%3A%2F%2Fres.cloudinary.com%2Fdigicomp-academy-ag%2Fimage%2Fupload%2Ffeed%2FPMI.jpg&v=3&w=400&s=zrR7gf3CXIgjDwu6wMri6SfO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9665823d1a5a86c5f90ba14ef833d0b728baa4144085e868108d3dd281dbb5da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 13214
expires: Sun, 10 Sep 2023 08:56:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 21 KB
21 KB 147ms
108ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad3eada0ebd5b34b6b1ae6e0939cadd21d2e024979b93fac9cbedb3074ab9464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 21652
expires: Sun, 10 Sep 2023 10:09:07 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 19 KB
20 KB 223ms
185ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f730f1828528478136d59dd9906e0b1bcff864301c4e2a7d543f7bfde8d436c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 19786
expires: Sun, 10 Sep 2023 11:31:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 12 KB
13 KB 126ms
88ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a430792804944c3e26299b4382e05f5dc1cf278039ca203019896c5f45b2502b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 12684
expires: Sun, 10 Sep 2023 11:09:39 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 13 KB
13 KB 113ms
76ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f538b18149ea8f232f7fcee860f92d75fd8e928dabae5a8095bb542eb29eb255

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 13238
expires: Sun, 10 Sep 2023 09:50:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 863E 18 KB
18 KB 183ms
183ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2ad0ee5567bc7afec587e0219f6ab09ebbc1fd37ef914ac28691dca65c78aa92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 18130
expires: Sun, 10 Sep 2023 09:26:18 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 863E 0
127 B 39ms
26ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=9sakwK1qqqpACP6vK9DbjJIfBozk1DH1ILRfZk8gwS-ZAiuncnzKO9AtHN5t09kfBi0HpAanE1NdqK0E_RSZmbKn3nY0UR-V0_YSkp47VLKhxN0KQr0yN8qq2wJrdwxo0VLpq2myYVEccX91LZoCAv3ucMPQAufHzKZ2LeTRMWOsnsQ3j-8-YOB-AT0tMxecBFM0CLjbCwOdZpNbSRHY5O2BSRjAC8Hy7OiShfm0mjE3eEsDyGOV0pG6b3vVtLZaKmK28Q&sds=2&rev=88100&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 863E 2 KB
1 KB 52ms
51ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 863E 2 KB
1 KB 50ms
50ms Image
image/svg+xml 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 / Show response
pips.taboola.com/ 4 B
119 B 37ms
17ms XHR
text/plain 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by: cache-mxp6936-MXP
date: Wed, 23 Aug 2023 07:22:41 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://www.bg3.co
cache-control: no-store
accept-ranges: bytes
content-length: 4
retry-after: 0
x-cache-hits: 0

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame A274 2 KB
899 B 39ms
39ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame A274 2 KB
900 B 36ms
36ms Stylesheet
text/css 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 video1.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 396 KB
397 KB 37ms
36ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video1.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 1079
cdn-storageserver: DE-677
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
content-length: 405516
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 637
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: cdc6411742e5454ca874eaee80ca792e
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 204 / Show response
cds.taboola.com/ 0
82 B 339ms
108ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 07:22:41 GMT
cache-control: no-store
server: nginx

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 65C3 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KCtx_w
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame A274 16 KB
17 KB 180ms
98ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FF16 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?igKYxA
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1EE8 0
19 B 64ms
64ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C74hWwLPlZJb3EZK4xdwPo-2GoAnJntKxXNWdkfdwwI23ARABIABg9QWCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N8gBCakCCyyOjc8xsj6oAwHIAwKqBIcCT9CJRVeWl2Poy2WVOoVI8iK-mS5WB12F56mxNRlGx_VPC0B5r5Qj-uhwIg-8odRcwQqbqtjUS0rUewOMZKF0QzScy00xj2UJOySNWM1cnrVaR4oLOvQdUl6d-8_uk86YXSGO4bN-BmveubReIAzVYXUnBLQh57X9K706XISvU8TbzEYBw9Eu95J8WYyM-IW613srURtDVDU_RUQGBIbBbxMxjLvubGpUZXsrjluofMbFntUzmk6pPvMnEiyZvCXCGEhplSRYNCvmgbmkNd3iSCcMoA-qUVSMsl2BT2ZTuEiGshoSLx7OJF2mEW7Db6HAd6QMjSAQxtu5M7JKZEnOO97FM5LGw8aABu6kg6mv1d-vWaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBIIgGEQATICigI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=kD-Ph56TJks&uach_m=[UACH]&cid=CAQSKQBpAlJWZD50iavCsYo4Z8vwlMunVf5pd_1rUdD9oOx8pD2810FgskY6GAE&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 07:22:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1EE8 0
126 B 108ms
37ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k5uAFobWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQv7PlZE8G5h5FJjEK098AABIAAAoKQVFVRER3RVBEdw&wp=ZOWzwAAEe5YFkVwSAAG2o1ye-ULwHfwtrqo-pQ&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 196877
server: Kestrel
content-length: 0

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame A274 16 KB
16 KB 88ms
80ms Font
application/octet-stream 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 17 Aug 2024 07:22:41 GMT

GET
H2 200 video2.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 340 KB
341 KB 27ms
27ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video2.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 756
cdn-storageserver: DE-587
cdn-cachedat: 08/18/2023 10:37:58
cdn-pullzone: 829957
content-length: 348552
last-modified: Fri, 18 Aug 2023 08:17:59 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 647
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 8b611bdae0f808ce6780220f4e7d5d9a
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video3.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 344 KB
345 KB 28ms
27ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video3.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 865
cdn-storageserver: DE-676
cdn-cachedat: 08/18/2023 10:37:59
cdn-pullzone: 829957
content-length: 352124
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 635
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 02e037fc636e0b5072ec0de72db81ec9
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CE6C 0
19 B 62ms
61ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cfby8wLPlZI2UEsetygWi8LuYBcme0rFc1Z2R93DAjbcBEAEgAGD1BYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQL8am_kHjeyPqgDAcgDAqoEjQJP0LNCtlj3V7r-XGvQiDFrac838bVJKkwdD2fjy4m850GuzcUavx5nLUjG6Eb5pQP68lKEEZ3BGUz00d2XB64WDrkDXGitXEVH2AH3hE1pmBHBkgOtSQ65B1NwJFq74XVBbGLH0AZ4tEmzINXlmWtktyqMzOdC_GTnZEVT619MbcrtnzVYU_eOjyBhxdJpui06Wefo07eixgKR288aQe64nJEcpqwC-mgn6uQgL4_I2776Vu3ro5U07bERzF3WvYsS_EzjNvRAjU7Yk6k92duMIjFiuqABu8VTGQb5oSPvZpMBoZY5wVouMJUlMF1rU0-KlaAm268sExGQ-S0VXqHzwW9-YqiZSfT5IOPBB4AGx5rz14v5zflroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIEgiAYRABMgKKAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=aY7arBuPf5A&uach_m=[UACH]&cid=CAQSKQBpAlJWq-PrZm6OWy8wtCjRcxQCAoCkHbMjPZKPD1jq4LBcGLLJROPyGAE&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 23 Aug 2023 07:22:41 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame CE6C 0
125 B 37ms
37ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=k6f4CYbWC9ACmAKdg2ICAgAAACE5AQwCW-6I5uT8ISCbaOUQv7PlZB_Dqdk1i6g272oAABIAAAoKQVFVQkR3RUJEdw&wp=ZOWzwAAEig0KspbHAA74InACMqqED4lnVHXfWQ&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359430&bpp=250&bdt=853&idt=629&shv=r20230821&mjsv=m202308170101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=2&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=2033918122&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2690&biw=1600&bih=1200&isw=336&ish=280&ifk=3441341079&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31076838%2C31077087%2C42532315%2C44799956%2C31077300&oid=2&pvsid=4214786477375320&tmod=1881213911&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.37lrbmbeymjt&btvi=1&fsb=1&dtd=788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:40 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 175859
server: Kestrel
content-length: 0

GET
H2 200 video4.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 343 KB
344 KB 30ms
30ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video4.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 864
cdn-storageserver: DE-51
cdn-cachedat: 08/18/2023 10:37:59
cdn-pullzone: 829957
content-length: 351372
last-modified: Fri, 18 Aug 2023 08:18:03 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 647
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: e6e722ca1a9f8599755644f0ac5325e4
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 14DC 0
0 126ms
126ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308210101&jk=2704623592761534&bg=!h4SlhMvNAAZGPLJIZjw7ADQBe5WfOAJNQWCQH5INNxFWWhbQSBrQo7tYWPTJkLIl-DQGFBFUVeoH6Hq1xiI0ccaORK4MAgAAAnNSAAAADGgBB5kC3baSronvuj64sP8PjLJ7t7h518fLlqYdI5YCvxCa_mAymM_mV6MRuEgRXp6oqaXIn5kLJusi3PeTXlzkXijX2VPF-RdOkJadlOWx074sMxT4yDMPUzMWGwKtdGgNOr76KWUJecxd18yXlBbbw4NmtOTL0kYlLGPVovpsN2HMuttvgKBfjCka9TYz4f701j_G7mK3aWpCY06Hkmdd1R3WUSznvObeV-q5moIXsP5tfTUrpj5oSRHg9V8nD8Kf9erb0qoMFHR8gDxSB9zUhDr4vrohfRC4F6_W6Z1rDCnYiREP9J0t3XRYa0d3hYZ7QgXzCcx0GGV1Zztr9XDfZKm-s2mxeKn8cuOjjWEfaQUKV7HhPYHYbN3e2KtGW3vDv3r816WBCItU06MQstJlvLYz0iZJqBEZWVfGIQHQjZugtXw4UgrV6KXlytFdKswuRPu1UmF0DPE6wOmVXANiq6T68Fh1xJRBQBFtL4YeJrJuFdPmZG05bCGbBNFwMNxqHcY_5L92cVRlmjg5k4s9OHEPG55VPbm4dMaQblPf1_NZaYSMo2X3_YcsS7P5_GRdfYBlm2dJtz72WqwNOBRxXMpj4Rfyh2hsRNy9_fz5_QW8Tr7gHrXywOXbYn9ugG-480gtUjihOQmnJ__q5fmv0i1QkRMEq5nlJ22hP5u0AfBlG0ShC3gkGmin8baiWiWBP0mUtQ_H2CV6Fn2E3yunZR-433Tn3eYmagANDjB13MM5baBEEbnB-vMxrux2us2JfiBBYtEzilmQpV9YqGCWidtGFMMbPjH6AxQxBGT2OzuvZZt7HHUmNX6qAaXqNu5kvRK_vYy3bma_-hg0a9J2Z-SnpCnhUPE0jBhrkwsAbOu9wrFBgDciy9Ip34PbDJRMLGTHkWZstsWFCrSUYSKNlNRBlZPBjVxuml264vfzSV8OU_yohwIQw5a5-tczxZpBRaPFkfJjR_yKUwT-Fd-rcMk
Requested by: Host: www.bg3.co
URL: https://www.bg3.co/a/shi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 39ms
39ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=6261&cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dr=&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1692775359&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=6130&epn.domain_lookup_time=10&epn.tcp_connect_time=1167&epn.redirect_time=0&epn.server_response_time=1232&epn.page_download_time=1&epn.content_download_time=2441&epn.dom_interactive_time=2441
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308112021001/v0/amp-analytics-0.1.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:41 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
95 B 20ms
20ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-LPEqlgZV_Ac0lqm6rFSuZA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=6130&dns=10&tcp=1167&rrt=0&srt=1232&pdt=1&clt=2441&dit=2441&a=6261&z=0.4576242029043147&gtm=45De1110&t=timing

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 05:19:15 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 7406
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video5.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 337 KB
338 KB 28ms
27ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video5.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 874
cdn-storageserver: DE-383
cdn-cachedat: 08/18/2023 10:38:01
cdn-pullzone: 829957
content-length: 345544
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 645
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 53156a06cde882526ab59f349d7382d9
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video6.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 205 KB
205 KB 30ms
30ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video6.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 1047
cdn-storageserver: DE-51
cdn-cachedat: 08/18/2023 10:38:02
cdn-pullzone: 829957
content-length: 209432
last-modified: Fri, 18 Aug 2023 08:18:06 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 653
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: d89f50696a682968f2ee2f830d75925e
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 video7.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 228 KB
229 KB 30ms
30ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video7.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:41 GMT
cdn-edgestorageid: 722
cdn-storageserver: DE-165
cdn-cachedat: 08/18/2023 10:38:03
cdn-pullzone: 829957
content-length: 233496
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 645
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 511ee0657f374d0455c72994cfa9ee56
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8A37 0
0 126ms
126ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308170101&jk=3726674125003116&bg=!KimlKWbNAAZGPLJIZjw7ADQBe5WfOPb9eKizRVsPH28WjgkWUopX6U-f6iBrK5cd2w0tE7OqPuIV96TqCmARTieH_JXvAgAAAulSAAAABWgBBwoAtMfjLKnyk0Te9tNtuB7ExfYH2Hfg0c0QDHfNhq6wWj_LNejDARIplLssxNK-nfpDJIkZzIfVmp9kCyi2HLn8hbMqmaiQalB_MKCWFuvzBSf2zCzTtL8FyVUeXkTYqK2YlQgPPZd4E5SdDIGjs3JvnscQ1GkCqrFhPeHjtwnhWC_kUrHgBHeazLvdSU5jZp11fxILGjpIQVyeDe33C5tRd18HqnHloU1GndD8z0uc3YlI8elVRJkCvpXJ81iiTZfZUO5xyeibQz4Vm7Gh24YLhgPWkMtbtFfFydj6X8tyxDZ3G3jmpaz1hccYhzvxJymFhhFJlHhOMNnaAmH1G42VJf01PX-OjLhgGmGq0zlRNF6g9ZKunKjw-prryIdJLX5oRRUwtgHY8kwL-3gY6VzYLgxH2R1R0htHSaPHoiU0N_rPae9M1i_Ky5ZVBACveNZRZOgFu3UwOvxHXpe6fNTBInPW8lt5_ealHkZaHy-PRh6Nvsu27xyT8qSMrdR4SHvnboeGemI6k1KtXNlsSAP0V26weEdbAlJV3IFiubREsbJqS5aJ2__uelh7FHfPIxJ2lc7SxwZW-ZtFS3RzWr5VVpJVakmlXRFOzll1MFMDN2GB3iqsui9ctIu9CciDbwwWcj8GGwFNS4b2GGDpuA_JiBVJFV8ig-V5k62QpCTmKXAD8Xq8OnMd3JiAJUBhXN3_SUnyIHvzVSl808cO9iU1y1TumWqsIFT0yopoFmaGr9vubAWAfPvKEO-1fE5BiD3lg1uy9eTm2-wzRocdKhuaGZvki0-7GkFh5wbn07l-h8xUlRQU9yiuBGnfKiARiEPsADDw0OOsjeuiecLd2xbKyZmheHvo1ZmE6tLZe7T8f2REfkpobZfeL5hw7CekwJXxMF5pPaSxJkTMJqqsH1FSB5TF5pYpNiOhGMfMcy2Qz39xx9RnMd70adDwHgCOUkShQP6WRyKRfBuMU4ClPCMWF4IJcBjAi6-arDcZsBdj5k6exgFEdpXPwcT4WRr54B-pzc_7_FM_U1J0oPexu9v4XnVNWVPdPDQznl8UaiW66tCkq94oY5dl37YuSKhImR0arCZo6gGYoFcrz5KQh7IpjksBjUob97S6cb0CCrTdg6vGhxKjgUcLoxMlapd_06ui-_4BtRlRYL93VwWwTxXSKKVLSpvL-Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://cdn.aralego.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B380 0
0 124ms
124ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230821&jk=4214786477375320&bg=!jY6ljsHNAAZGPLJIZjw7ADQBe5WfONkzM1-mfOr-3KQnPE7gAv219kMMbU7qeNImJKc-grbh1rwzAJELP_qt584nSyNCAgAAATxSAAAABWgBBwoAGsxQkm-dnEqpcOUXuiVle21bngBnwXj8nBc1mQLEsz7wpEygZAfAaXNRcxIf3ETZ7JUHiTLqPBWPYQgyp1RmWUJfg-HNVq9zVKCtyioSlG7ETvX-KTKfaffZeynAxwLWjGDvTKAlzlJjqxyjpxHMeMUugmyl-mvNOWSc8gVL_-nuN7ullKsDKUYuZvELy1AbAWtyHbEGv9yqRUYCVuhsLWD5zeX81r-iB4pPMMBQPDa-tFvzW2_H37Spxc8WZRqBhcDK-VykYi6QzP3ZUPDU-qnXYyGiafhSrXhUEKed25Kzw-xjCRKsiLeHB3IdyM8rdDSfBTCjbdphIYpEEp4Do3tP60Fynb3AJO9m1Hzc1PECEXUyJXOsn-W-2IJMgNvv18RRcnWks2G7j2GLNWETXXyAQmGta82qxrjPU02n0PzsNvqhibQl2uIbBsokMZOzc2NgLlRZAbb8hNk1HEqPsG2QpLrt4fsQEy9qI-P2ne2aFimFN2XyrZib1Ju-ltkfqPa1lEQBoyl5xenyuwN86zcUi5vR3nK_Azg_Gylbycr5hcVceUZSfgqJ7ERreTinpHVjIhzsimh2IGL2gY309dShZ5L4OebSJn2JRqRv_XtcQ0euiYgRrTpCLhGc9CWz055pu8ppVAgOPdrE3JZ5QrWKS8Akg1OPZGIhx5mq6JHHXZBp3hE6_NYeLH-JF6l0Ri3IZeuEQfDSxFRskLacz4HDwnFU8US-5NHnQ0hBZjrNf_0ou0pkP487IgVhOVoV7zSf617ozYz95RDx-gan6XOVKz9MwZgYmRfIBTsgXz0azveuD6OB78tX2Y_crIZpWPNdNcXNYOb9CfYSQ_N47Gb8fShp3qK_YiTstUo2GWjmdony5jn6juRMqynotaTT9yeYbm7eqoy7FTXEy9W-AH3k0NWfC1BigkDBQl72IYDpRejZjaN3J9LXrlYvP7SA3TpziR1v7-FsHWsmGAGPuH9e
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B2A1 0
0 124ms
124ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230821&jk=982439685519030&bg=!U1ClUB_NAAZGPLJIZjw7ADQBe5WfOOhWKzvEdShwy0_Q9hWLnlGi9AvZn5oLb5hS1hCjLdad_fNYnsTb6MxQiXhl2dDaAgAAAPBSAAAAB2gBB5kCxVnkBRzwi0YH5yN3-zn_mQBdwJxwWzfiJcwWjTqdNXkWJNSc6t7uHxSCBKOXBM3TFT-QyZTJTBPHHr6QjGkGVvgzGkvncKv47mVSwFC2LFPA_kVfVXTLO82AF-OhVlMc5RKYhk0zYU1h4pn3sfdZGTioffonqTFnOAQZhpFKCG_1pe__1nzjX6-Ag4y332G0EV6SdltCj-g69YvfADlPCRUJRq3g_wIO_ANlByl27phdYWhsp7ZctH_MafZOqWlVQi3oEQQ4Ems3IzIIV5o1Nrmok8FZVApI-4bzdbioI_axQMby3ZA9TkFOVgcO3gFlDCHbzxpSKXsgO9t0fazz0lHSUBaney1hl7_2JlBGS6vVM5eVGmQwoPccqjYb6dpNWRGkgbQdkTxUBL2tM2ZmRWwbOi_oQqhMS5aVA5yhIal1K0J2WD7q3xELlM3vSiotBAtTItLLpXo1wJdfOPtcqhrL5xznDZfala4IQLAsyWNJhqq0a56nwzClGe8ZrQvXw0CnwUprkYHf3nHDnF3xwf_9zYbO0V0rQARYvC1BTIgtAbjZNU0RJbn3oTv63U7swwS8jH-LfcZBaV_NYKS5Axlpw_k8oE-I-gdPUnROd1b7mlTaY1mXlm40TXuPG6X6rZIfT8rc6mFU3-mTDjSDNLZqOBFlvLsVY8oyp8a5HsaekC9GDejOryQw2B7Z-WEVVrREMwyNfAR4WoIqyKZUtJ2P8CG-gX6_zd0TJLrt0vXHnGhzv4FTJEGK2juklOVAwuEdP42zt2JvCSY0a7ti0ciMFYA01mYC4M68Tyo3mt6-cr26hOaJuFBG-xMnmFMpIcG5MIRLWRrg6_GPX7T9zD__yYQXstMsij7EFAQ2jQjuhe-jIO6QLuw2KmFUyqQnbua4S0HopYr2Z6xdp-CmrcS93e74_OOQbb5frIWxldIINPoD8UU
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1EE8 42 B
64 B 124ms
124ms Fetch
image/gif 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEQUZn7qdEkX9hEK5d5-jxaNSpCVE6Clh8C1TUBeb9e8LIdN8jRoRxL2BruekBB5xi-2JQ-hWqeBjXReSUo_FPlkVHf6A22Bc6pNc&sig=Cg0ArKJSzLeR1HLIjv-sEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230821&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692775360248&rpt=732&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 863E 0
127 B 26ms
25ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 23 Aug 2023 07:22:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 VideoBidRequestHandlerServlet Show response
wf.taboola.com/ 1 KB
762 B 358ms
357ms XHR
application/json 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692775362740&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1543&pt=-1114377771&tz=120&viewable=true&ddast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.2/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 69ba2e7a5daeb5c3e98bd0e8ca92e329e7c780c6bb99bfc35372aa399fad5e80

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

x-cache-hits: 0
date: Wed, 23 Aug 2023 07:22:43 GMT
content-encoding: gzip
via: 1.1 varnish
machineid: 1439
x-cache: MISS
x-served-by: cache-mxp6950-MXP
pragma: no-cache
server: nginx
x-timer: S1692775363.749581,VS0,VE339
vary: Accept-Encoding
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 video8.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 267 KB
268 KB 28ms
27ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video8.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:42 GMT
cdn-edgestorageid: 1055
cdn-storageserver: DE-51
cdn-cachedat: 08/18/2023 10:38:04
cdn-pullzone: 829957
content-length: 273164
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 657
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: aeef216909cb5bc05349623eb119033b
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 43F9 156 B
676 B 378ms
312ms XHR
text/xml 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3049282743076803&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=C5D09AE2-20F8-4244-B9E7-A87BB30FE9E5&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dlt=1692775357908&idt=2965&dt=1692775363659&cookie=ID%3Dff537983dd58fa12-2285005059de0093%3AT%3D1692775360%3ART%3D1692775360%3AS%3DALNI_MYWZEgIOW9vC25NR-3_BzIHDrHxpQ&gpic=UID%3D00000c6616786b8f%3AT%3D1692775360%3ART%3D1692775360%3AS%3DALNI_MZXH4OG3Qtwt1DxGl-QVDPRPGPg-A&scor=767369150935733&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 43F9 0
234 B 386ms
137ms Ping
image/gif 2607:f8b0:400b:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llneqrst&c=3282754599072&slotId=1641377299536&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400b:802::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 video9.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 227 KB
228 KB 29ms
29ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video9.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:44 GMT
cdn-edgestorageid: 874
cdn-storageserver: DE-167
cdn-cachedat: 08/18/2023 21:57:17
cdn-pullzone: 829957
content-length: 232368
last-modified: Fri, 18 Aug 2023 08:17:57 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 627
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: d8ee5de72aabd48f5bbb284458a74d9e
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 43F9 156 B
186 B 1269ms
1268ms XHR
text/xml 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=898762046453069&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.586.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.586.0&sid=C5D09AE2-20F8-4244-B9E7-A87BB30FE9E5&nel=0&eid=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dlt=1692775357908&idt=2965&dt=1692775364755&cookie=ID%3Dff537983dd58fa12-2285005059de0093%3AT%3D1692775360%3ART%3D1692775360%3AS%3DALNI_MYWZEgIOW9vC25NR-3_BzIHDrHxpQ&gpic=UID%3D00000c6616786b8f%3AT%3D1692775360%3ART%3D1692775360%3AS%3DALNI_MZXH4OG3Qtwt1DxGl-QVDPRPGPg-A&scor=285309484832092&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:46 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 36ms
35ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38l0&_p=6261&cid=220166814.1692775360&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692775359&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&dt=%E4%B8%96%E8%B6%B3%E8%B3%BD%EF%BC%8F%E5%BE%B7%E5%9C%8B6%E6%AF%941%E8%A1%80%E6%B4%97%E5%B0%8D%E6%89%8B%E3%80%80%E4%B8%BB%E5%B0%87%E7%BE%85%E4%BC%8A%E6%96%AF%E7%96%91%E4%BC%BC%E9%9F%8C%E5%B8%B6%E6%92%95%E8%A3%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST VideoBidRequestHandlerServlet
am-wf.taboola.com/ 0
0

POST
H2 204 csi
csi.gstatic.com/ Frame 43F9 0
54 B 136ms
135ms Ping
image/gif 2607:f8b0:400b:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llnequa3&c=3282754599072&slotId=1641377299536&ghmsh_eids=44752711%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797559%2C44797735
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.586.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400b:802::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 23 Aug 2023 07:22:46 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 visible Show response
trc.taboola.com/palmate-bg3co/log/3/ 0
277 B 93ms
93ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230820-26-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.bg3.co/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 75
date: Wed, 23 Aug 2023 07:22:46 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 70779
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-mxp6950-MXP
pragma: no-cache
server: nginx
x-timer: S1692775366.244935,VS0,VE75
content-type: image/gif
access-control-allow-origin: https://www.bg3.co
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 video10.ts Show response
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/ 271 KB
272 KB 27ms
27ms XHR
video/mp2t 138.199.36.10
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video10.ts
Requested by: Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 138.199.36.10 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS: 138-199-36-10.bunnyinfra.net
Software: BunnyCDN-DE1-1053 /
Resource Hash: 3836ee0615887017d2a7c33c1e11ae18790475d24df2a920d3aa3ece704114ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.bg3.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 23 Aug 2023 07:22:46 GMT
cdn-edgestorageid: 863
cdn-storageserver: DE-164
cdn-cachedat: 08/18/2023 10:38:04
cdn-pullzone: 829957
content-length: 277300
last-modified: Fri, 18 Aug 2023 08:17:58 GMT
server: BunnyCDN-DE1-1053
cdn-fileserver: 636
cdn-requestpullcode: 206
cdn-proxyver: 1.04
content-type: video/mp2t
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: 7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=43200
cdn-requestid: 9ebb386895ea0bb0b0f925ee749c4c04
accept-ranges: bytes
cdn-requestcountrycode: CH
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status: 200
cdn-requestpullsuccess: True

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/079c6b671a736358631ebde224937e48.jpg

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/4b45e6d074537ae4317bda5357433efc.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/d4a82314d0898dd3613a6810b7e5c8a2.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/b02ba158580ca9e03b59f5163da513fa.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/821bd42cd699880b2d7e7522c9d9d2d1.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/64228949fba6de575eda3b29777e1b96.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/98d7babbb1b9d7b57363517fd4ef472a.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/6fb06f4c63f30f7006a8c292000153fd.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/7ffdf9afbd43d8a03e12a0226176208c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/790f3e2a9cfeb14de8e3dfd9e7fc0bc7.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/ca0e6bda73936a8e518bbecc16086de5.gif?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202204/60dd7f760bd6da99d659d521469318bc.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202110/f8416d7428d7ab4f74d7d005f4c120f5.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/fabb81cb88c167181085742f920bb8f8.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/2229c518fca7cee565fa79b277d53c15.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e7cde915fab2b250e1b2fa4842402396.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/d8eb3247a05d2ee48364b8e13c46e71c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/938e549715b6d0ce5007e1899ab49960.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/c658ed87468952487a8a61cea0c38128.gif?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/e5bdab3ce26efeb300997ee081f2a0f4.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/c031626c3507c0a1d2b94b3821f7fe4b.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/5f5e5d309aec4c5bed8e4cd3d42dbb86.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202105/86ea5f925763ada0a19214a587990a72.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/ecbf36f620fa2b68ebda7d80912da6e3.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202012/f804151b4d8770025a6cf3b8d0234b4b.gif?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202107/f150f65a29806c5e3b5e9797e22e259f.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/26cd4de26e17d5e09ecef77a1b8d2d5c.jpg?w=150&h=100&q=100

Domain: static.bg3.co
URL: https://static.bg3.co/imgs/202106/7d73337537ba6571f80dc6d530af7f8a.jpg?w=150&h=100&q=100

Domain: am-wf.taboola.com
URL: https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692775365744&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1543&pt=-1114377771&tz=120&viewable=true&ddast=V8SA0CLAZALxWA0RTLaxCAXioAoymW1ygAAABgYID-AEltTCPnxuVaa1weh1u0Mc3WCttk4RYNJiabY7kbWVbDISCpjWnk3Lhca43L43CLNqbZWmGbLNyiwcRkcyx3I8tqOAUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZpaDodPte9Xvf73SU-z1zj9yv8mqPTLX29NQ-nW-Ry61x_t2zidCuGT5db-HSLXE-35uh3vaVH11vqdNh9brHr71Y-3ZqnW_l0a55uycvuFjmcbs3TLXa67ELT22wHAAAAAA_-____IQAAAABEAAAAAJAAAAAAQCGgwr8FgQsAAAAAGP7___81ADxzQJC_6Wh5ek7_AAAAAAACAAAAgAQAAvphCYAY470T__________8xBugzb2T8____3zDoAfDgA-BBCAAAwMeQ1S1DlJSg-UkiBYxFGAEAAACAVVBLODJJJ6hYVPn__--3AnAFACBAMcQIJDSL7qDEWxgAAACBMQv0sPj9Zodd43e7zP________-_mf8z_2iEenri0gDxMzer-QUEAFjzCwgAwEbdAAC8EYATdAhaMRisTkDMDgAAAMCd____fz0gZvNsPJaJbTiZmByb3WjjMoxGu8Fi4rCtTJbVYHs8bRwUYOd5RvpsCMvs9x0UlNPTY3YZZCyXySA-aBiWk0EwPxO2GK0mk81yOFsuJoPhaDga7Y8ALgdoIgbL5WSymOxWo9VoM9yNZoMFEojBBFG0aDBZjUaTxWS4Gk1Ws-Vit9sgilatZqPNYLiaTWa73Wo4GC5HIzRhi9FqMtksh7PlYjIYjoaj0RDByGbmm_k2E7dqtnGuRbuZx62wmUxriclmGy4sjuFm4lqLXh_TxWTzLDcrLxIMeNuL5GmRTjQbl3GzsCwsK-fKOVg4TKuVaWJz-VbO4cjj2LgmYonmZJFOZJd9zebZeCwT23AyMTk2u9HGZRiNdoPFxGFbmSyrwb6ymflmvs3ErZptnGvRbuZxK2wm01pistmGC4tjuJm41qLXx3Qx2TzLzcrfmC0nu91qsxruG7PlZLdbbVbDfYfO8F19zkZlWSX56Cx_28l4ujkNCpfB4n2pT-dhwViQTjtHp0r5VHZ2Rr_f7_f7_X6_3-83aD0Hs0Hhex7-wuljeS6Hs9GD2GBQxBLBRToRPMxuh-nllvg8G79FLFGaLtKJXuHXHJ1u6euteTjdIpdb5_q7ZROnWzF8utzCp1vkero1R7_rLT263lKnw-5zi11_t_Lp1jzdyqdb83RLXna3yOF0a55usdNlF5reZotYIjhdpBPRy3i6qP-IIXazuWIwVwxmc-UqAQAAAAAAAABYgmmmmwAAAAA4GdRwM1ys1ulgJrPJYLdaLoCLoCxdwCAAAAAAAADFGnusAR5mt8P0ckt8no3fygAkmPOYbfYZQazValkDAAAQwAYAABDATTfeBIJHcf_____jAAAAyMihBwAAQL8PKAsAAAAAAIAfQQ5Ww_0DUCHWarW63Vir1QpYIMvFYDmB_____w!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.quantserve.com/	1970-01-20 23:43:09	Name: mc Value: 64e5b3be-db781-c2203-a7002
.bg3.co/	1970-01-20 23:37:24	Name: __qca Value: P0-406694625-1692775358692
.aralego.com/	1970-01-20 22:58:31	Name: sspid Value: 9b0d1094-198e-3988-8b14-bf1355d19f5d
www.bg3.co/	1970-01-20 22:58:31	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D23f7f73b-56c9-47fc-afd4-bdf68ab183b5-tuctbdf393e
.aralego.com/	1970-01-20 22:58:31	Name: euconsent-v2 Value:
.aralego.com/	1970-01-20 22:58:31	Name: gdpr Value: 1
.rubiconproject.com/	1970-01-20 22:58:31	Name: khaos Value: LLNEQQTL-D-CHB1
.doubleclick.net/	1970-01-20 23:48:55	Name: IDE Value: AHWqTUniAlumw8LtZAP3g-MT2Ll60C2sOn6K7n4OLIF62uvh7YbcLz7fd-L8hL4NIKw
.bg3.co/	1970-01-20 23:48:55	Name: _ga Value: GA1.1.220166814.1692775360
.bg3.co/	1970-01-20 23:48:55	Name: _ga_Z0TZ7TDHS1 Value: GS1.1.1692775359.1.0.1692775359.0.0.0
.linkedin.com/	1970-01-20 22:58:31	Name: bcookie Value: "v=2&b9d5ac42-21b1-4f33-83f1-77c6887bbac9"
.linkedin.com/	1970-01-20 18:32:07	Name: li_gc Value: MTswOzE2OTI3NzUzNTk7MjswMjHdJqaSY8QRCER9TqzAg9ndHEnr65llwTRnIhqR7upyQA==
.linkedin.com/	1970-01-20 14:14:21	Name: lidc Value: "b=VGST00:s=V:r=V:a=V:p=V:g=3066:u=1:x=1:i=1692775360:t=1692861760:v=2:sig=AQFn2hGxHcncHoZ0gmEhubxDbp79f1Fq"
.amazon-adsystem.com/	1970-01-20 23:48:55	Name: ad-privacy Value: 0
.bg3.co/	1970-01-20 23:34:31	Name: __gads Value: ID=ff537983dd58fa12-2285005059de0093:T=1692775360:RT=1692775360:S=ALNI_MYWZEgIOW9vC25NR-3_BzIHDrHxpQ
.bg3.co/	1970-01-20 23:34:31	Name: __gpi Value: UID=00000c6616786b8f:T=1692775360:RT=1692775360:S=ALNI_MZXH4OG3Qtwt1DxGl-QVDPRPGPg-A
.yahoo.com/	1970-01-20 22:58:52	Name: A3 Value: d=AQABBMCz5WQCEBa2-lMFKg08nXUSfqLpQ1YFEgEBAQEF52TvZAAAAAAA_eMAAA&S=AQAAAn5CNT4CxvEICqr4MGJMc9I
.amazon-adsystem.com/	1970-01-20 19:32:36	Name: ad-id Value: A4RiGBnPz0iqikM7pO2OD_k
.rubiconproject.com/	1970-01-20 22:58:31	Name: audit Value: 1\|fk11LfKAo/jFdcqwfaCH3dXJaUs6YIkGeQDMv96N8SGplVs4ZuryrGbDqD4kINABqKiAG/HCpOMiZ07GJqnMno4BjqNRGrmz
.bg3.co/	1970-01-20 23:48:55	Name: _ga_700YDXWXPV Value: GS1.1.1692775360.1.0.1692775360.0.0.0
.bidswitch.net/	1970-01-20 22:58:31	Name: tuuid Value: c7750f65-8e2f-4e67-955f-ac7671957e17
.bidswitch.net/	1970-01-20 22:58:31	Name: c Value: 1692775361
.bidswitch.net/	1970-01-20 22:58:31	Name: tuuid_lu Value: 1692775361
.quantserve.com/	1970-01-20 16:22:31	Name: d Value: EFIBCQHjKYEA
.adfarm1.adition.com/	1970-01-20 16:22:31	Name: UserID1 Value: 7270414814972803224
.lijit.com/	1970-01-20 22:58:31	Name: ljt_reader Value: HMp6uGZHdy9vNeP0QdGwm0yA
.uuidksinc.net/	1970-01-20 22:58:31	Name: jcsuuid Value: ho0Hestv4bXvLWy8rPWH
.turn.com/	1970-01-20 18:32:07	Name: uid Value: 4578790175226424913
.pubmatic.com/	1970-01-20 14:14:21	Name: KTPCACOOKIE Value: YES
.media.net/	1970-01-20 22:58:31	Name: visitor-id Value: 3357769617252110000V10
.media.net/	1970-01-20 14:33:04	Name: data-g Value: CAESEEQzknnjvWQqx5yKXRmuauE~~3
.smartadserver.com/	1970-01-20 23:43:09	Name: pid Value: 5065363856775903976
.pubmatic.com/	1970-01-20 22:58:31	Name: KADUSERCOOKIE Value: 51E22EB6-62B8-4E9D-8488-C9749444CCE2
.tribalfusion.com/	1970-01-20 16:22:31	Name: ANON_ID Value: aCntuJO5nP87PRo7TGr73GBgX64Ve6cvtYHDi8WkyC3EACFTLoST7EPjvpcdI77kk8ZbO9kcRNsUcGD1Hn1WDZay0Y

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://static.bg3.co/imgs/202106/d4a82314d0898dd3613a6810b7e5c8a2.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/b02ba158580ca9e03b59f5163da513fa.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/98d7babbb1b9d7b57363517fd4ef472a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/079c6b671a736358631ebde224937e48.jpg Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/7ffdf9afbd43d8a03e12a0226176208c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/790f3e2a9cfeb14de8e3dfd9e7fc0bc7.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/4b45e6d074537ae4317bda5357433efc.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/6fb06f4c63f30f7006a8c292000153fd.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/64228949fba6de575eda3b29777e1b96.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/821bd42cd699880b2d7e7522c9d9d2d1.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202204/60dd7f760bd6da99d659d521469318bc.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/ca0e6bda73936a8e518bbecc16086de5.gif?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/fabb81cb88c167181085742f920bb8f8.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/2229c518fca7cee565fa79b277d53c15.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e7cde915fab2b250e1b2fa4842402396.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202110/f8416d7428d7ab4f74d7d005f4c120f5.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/5f5e5d309aec4c5bed8e4cd3d42dbb86.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/e5bdab3ce26efeb300997ee081f2a0f4.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/d8eb3247a05d2ee48364b8e13c46e71c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/86ea5f925763ada0a19214a587990a72.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202105/c031626c3507c0a1d2b94b3821f7fe4b.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/c658ed87468952487a8a61cea0c38128.gif?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/ecbf36f620fa2b68ebda7d80912da6e3.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/938e549715b6d0ce5007e1899ab49960.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202012/f804151b4d8770025a6cf3b8d0234b4b.gif?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202107/f150f65a29806c5e3b5e9797e22e259f.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/7d73337537ba6571f80dc6d530af7f8a.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://static.bg3.co/imgs/202106/26cd4de26e17d5e09ecef77a1b8d2d5c.jpg?w=150&h=100&q=100 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network	error	URL: https://cdn.adpushup.com/42753/L2Evc2hpLXp1LXNhaS1kZS1ndW8tNmJpLTF4aWUteGktZHVpLXNob3Utemh1LWppYW5nLWx1by15aS1zaS15aS1zaS1yZW4tZGFpLXNpLWxpZS5odG1s.json Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692768160&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fshi-zu-sai-de-guo-6bi-1xie-xi-dui-shou-zhu-jiang-luo-yi-si-yi-si-ren-dai-si-lie.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692775359502&bpp=303&bdt=945&idt=568&shv=r20230821&mjsv=m202308210101&ptt=5&saldr=sd&correlator=3282754599072&frm=23&ife=1&pv=1&ga_vid=220166814.1692775360&ga_sid=1692775360&ga_hid=270195054&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=1561034088&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31077299&oid=2&pvsid=982439685519030&tmod=409318797&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.r8w5tavftmaj&fsb=1&dtd=743 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

64864fb7d675c392756e4ce85538269e.safeframe.googlesyndication.com
816c37b2e30dfab16e3a1ac72cb85c94.safeframe.googlesyndication.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.aralego.com
ads.eu.criteo.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
ap.lijit.com
cat.fr3.eu.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cdn.unibotscdn.com
cdnjs.cloudflare.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cs.media.net
csi.gstatic.com
csm.eu.criteo.net
d-12224200013711214527.ampproject.net
delivery.adrecover.com
dsp.adfarm1.adition.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
image6.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
match.adsrvr.org
newsbot.unibots.in
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
px.ads.linkedin.com
r.turn.com
region1.google-analytics.com
rtb.fr3.eu.criteo.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
stream.unibotscdn.com
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
am-wf.taboola.com
static.bg3.co
103.231.174.251
138.199.36.10
138.199.37.225
141.226.224.32
141.226.228.48
142.250.185.66
151.101.1.44
151.101.129.44
162.210.196.208
172.105.43.230
174.137.133.49
178.250.7.9
18.159.10.79
184.30.24.22
185.106.33.48
185.64.190.78
192.96.203.13
2001:4860:4802:34::36
2001:4de0:ac18::1:a:3b
2001:678:cb4:bbbb::11
216.52.2.30
23.201.255.110
23.97.225.52
2600:1f18:24e6:b901:3c37:1dbb:4827:7740
2600:9000:223c:c800:6:44e3:f8c0:93a1
2606:4700:20::681a:567
2606:4700::6811:190e
2606:4700::6812:18ad
2606:4700:e6::ac40:c526
2607:f8b0:400b:802::2003
2620:116:800d:21:c5a4:625:6563:a5bb
2620:1ec:21::14
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:810::200a
2a00:1450:4001:812::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a00:1450:4001:831::2006
2a00:1450:400c:c00::9c
2a02:2638:3::1a
2a02:2638:3::c
2a02:2638:d::13
2a02:2638:d::2
2a02:2638:d::4
2a02:2638:d::c
2a02:26f0:480:f::213:7ed4
2a02:26f0:480:f::213:7ede
2a05:d018:d29:3601:f60d:7f4e:ab14:8158
31.220.27.134
51.89.9.253
52.223.40.198
52.46.143.56
52.95.125.22
69.173.144.139
69.173.144.165
8.43.72.98
81.17.55.108
85.114.159.118
95.101.149.233
001a2e84844bfe2f24ee18f9f7caa32590a3742725786672309be8c62049c9d9
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
0290d44024f78e41179916fdaf5fc541831c70fbef4f977843d90f774d7a7938
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0435547ae7b090f783faaffb4c2dcae17efea66fa74898fa473845f3e9d7fc15
050ec4d92c5b1d288dca8a55a237020fd146e01868b332e0b0e9daa490d79868
0677236a080e3ee5009e4ac0665963d9cf538686e3ff900c0c3a974ce0092a12
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af
0a2a7a78dc1d38f51ab44d7a26fc1c1efd4dee6e3a686b4388af0a0f5ef7222a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597
0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0dfd016b7608a1e80da9f2accfffb56a4cb2f4e0818fb177cc668817192b6903
112f70cd50d550927521334d7a080575cccadf3a038953ca42e45dbd0362bcd5
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c306bcaef1d02283946956eb6b86c780d397627cd7c5a73448c7c348b33ea1f
1dd26d28c7b8ca7dabcd5438a3c5478f3691a0e195efc86f632c5c8dc115f4f2
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1fb3621940562135c36d45efcdc97d35dc05926a39a238ca0be1e19b6058d7aa
243f0de8df446c5bee42110acf118f881419c57fddcf77a40ec6280425d19945
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
276c9e02c58a3c043348cb103438d3e09044b2698481197f84e123d487a1253c
2aa048b0b7650d1da40d360378c414bfa2a057fed7a52dbec1844094eb52751d
2ad0ee5567bc7afec587e0219f6ab09ebbc1fd37ef914ac28691dca65c78aa92
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2ee5925a1018d2f10f3cc2cfea13505681041d30d80cb381f9d7676dcb131588
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853
3836ee0615887017d2a7c33c1e11ae18790475d24df2a920d3aa3ece704114ed
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c
388b6bce41a3972d23fb679c2c50abf3211b7f53218f0e1e65ded62798e28979
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b21494e0b9fbdb189c3d293c079eb568bb7a99a49e7d054e2990ff169624772
3bdcd6d5cd226c01771dd8cffbd284ab80c25ad686f2b6b26a7e7c96bcb42b37
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40895b9a8d5f0c1eb74dce2f7ac067caf755f82ff7492c95f1b7260662c34d9b
414b99d0b12ace50c7f9564dc1312dc8dd402eee7f4e21a09c8eb985bae52e80
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4afb837c3239e7cebd4e083b6dcb2db84728a3313fc854dd18a622ae4e434ed1
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
527d889f987a625a1eff6963572b92a4ed81441d0bfc06af803056c178cde49a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56054bf9cf09691ffd386eff93c6e0d6bb37f013169e654ad69452ca46ea04f0
570ddcb41dae25421346e006f4282bab0f3cbe18974791e32a3b5b2b72e6a542
5971e0bb9e0cacff77721beb89ffeff58d6b21f8a1e92de782344db189a146f8
5b3054cad42c9d6b8c8e8dfb7e976141618f7d080f4820371e089255e41a6be8
5c2408269f0fd9cd51b9957e98166b451349f23158cc075361929c19dff66078
5c35c3d3358d4c1cdbde4f7c43f52e1f966982c040a56211549c56d9e55ddc5c
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f
5ddae47187a17644dbe7e02cdf7089521d014d35e172c5c068b16213702bd5c5
5e413d42cf9d1c86d8d876262a3aeef70291f39801e2944542677da9ea7b0b5c
5eea249f1966604716504a56a8ed213328334d2380d7b092f35fc286f9f6153f
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61bd61275d0bcb32c94307af4841ef25ed29edd6b3c01928c6d4f3e72023edd1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62078c5de4069abd5bef9018b3d8aba4484b28c0044066ff6da39fc97b369f03
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6755cc89394aa85515a105edbf545584dccb59f77558d85f1568ae1d9499d7aa
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
698ca97235d832e87fa792528d4def0e7138332916b894fb45f9911ca549e275
69ba2e7a5daeb5c3e98bd0e8ca92e329e7c780c6bb99bfc35372aa399fad5e80
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6ce7b2d092d8f6ae424cd0d7860e8115ff3a718e8a50115b81991479625719ea
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f2ca1c4adeaab0bab03c9e683666c697f34966f350baa0986ac9197a08b30f3
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727f0c50f1b4aea021b5e91c5f7d04c5a5175d3535220e0db2ff783a6bb4df08
756f08d7a200ac34b8ff3bb0b4552e0c94dc3eae6d4db3f7063746f49a802ee9
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
785ab3f607af910860161420126772503e70521c4c4f1f9991bf02d458b025a1
789c2b46d72a8545a4490c18d4d2af6895159db44941b39a4fedfa8b72d27c92
7c9898e809ba2721b9a31b38b166d74df665f29b60c3641a0040c364ff1ff42d
7d63526977a5d91abeed3749f2a69621c0f003d703a017f68b5315deacf9bd19
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
828021a34984865f714fcfac64eb9606f9065da1f93f9b7a778365b8e68a1172
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
848e57ca643f01d694b0326a3fdf8ffc4a15a83bdf570cf81633f8128f9459a8
85b8f4a4d187f0f21da6d22fe0fe2c54b9f570785751126a1e6dd46a10720f80
8893f1f5cb30948deacb5710a635c55d3f78a0cddfd54877f362d25a6ee9026d
88b014ad607a471eddf4dc1d8ba396c827dba693447ba890069cff4a84e0fd1d
891aec381da9d083e5838e918320a0986d87e9d993e79de2b45085965f582ba7
8981d56ad12440e4a887c1eadd162989de82309192f65090e0caeb6a536d0bd6
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5
8cc9886f56ab30ce75dedf7fd7d68cb8bc5e1387ca25b0be3249f879b202cdd3
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c1cee0f47486d3aa1dd263d5cbaa761841d08d1b17322610bb56cb232ca1bb
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
940b3bb9ac2687e521b2b71ece2bfeb1f029d4ff8e8e47caa532bf47d50a6df2
9665823d1a5a86c5f90ba14ef833d0b728baa4144085e868108d3dd281dbb5da
978c2e48f1c6b5d1de4c7fea12d83f972dc1b627ac5670f64799fbf968044904
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1
9fd00e2fb88916b59344b80f538257f35489939eaaad4e152d405c16e69e1859
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2cf13ab1cb86a6f5613571acc19aedd7e8198a5f467371e05a19b1506721abb
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a409d74793cb8e9cb28b1fd92311d6c82d4a4b15f2301b5a63daa0057cf9aa77
a430792804944c3e26299b4382e05f5dc1cf278039ca203019896c5f45b2502b
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a6ce1835c6c4eba1b298d8d99dcc30d516e90776895e1500073ccc6bf06cee1a
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a97ab4c49417bbd432722b79648b1ea490bf87f0c94e8c686cca379a79b02bc7
a9dd71e0f2892855b04185b0c130f375634bfc7229c8bcdff78084309a65faa2
ad3eada0ebd5b34b6b1ae6e0939cadd21d2e024979b93fac9cbedb3074ab9464
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1d4d345795eeea7020e4f7227c43d4e5179481cb54b1f374689037c48646b04
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b3b086c27f885f293e9bbeec9fb59bb661b6a23c6df7927b7438d11eaf2aed40
b4a0bdc971d688cd8183b45ab519cc1b3e41caf110fff3be4c1d8bd34e51687e
b6f86771624c80556823d18c77850c02dc5265fba52e3f1459b5de3d0519f79f
b8e8e03b984d03eb6e39a9ffdb6cb101eb51bfee351add25d30813d81242fde8
b981855735074393a694e0d0fce62f4ce4c1583e9ce98b6703da5c00c23539eb
b99daabe342a751c7b81a37b2c75f328f7ce10eb4b5c7f210a7bc0e357723473
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534
bee838dec619ff999d7a4f45b7dfd81cdf9353fcb25d0798eb722ec21bb19405
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
c949da1c108d4da25947fd15d5fee3be68b03f0f33f85550b0b6a86f53144b43
ca1766bb0da6ac9b87ffcab408c08aa4203021d9e6b29a51f7cccc51a0adc1b1
cbd5a3a3a3f0200dd247c597d202f9d1369d2ab11df37ef22c08466182e67247
cf7dbe25dc553a6456d600716358f2d623df654f107f636fb0ede1e9a55d34b6
d07f9458445f7e84bfeadd16818a7b85c9ea539efd265d9ae5c5458fb4e0a19c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19bf2b8ac5b600301584b75d853f3e3fdf1e8e14c2d847f7b26492bfcf7bf54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d4a6c0b5aee0694d621df66a93271e9fd3f0340f9fa94f6083a84b351e372603
d546f6df20075ea5f574cb3c57090313ad02c19b922116382e1e09303061dfd6
d58821eb4089f598a171ec0c0c0d9bf9eefdc271a4f208e66d423eb01abe1250
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6c84b6607a1fb1669e2110c8f5cb7af35b2f5d6c2aa06ce0a6e9d1be2af99fa
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
dde511e63e29b8f7882122fbda4cc43073dc4be991604d476f80643c059ba761
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dfd7a57013d1599d0786749d02ad28ead560d44dc8425fa09e5daf4f136f46a1
e07064914221a3992d6f0014dd422e4fa8fdbe36456c57a3476ba6945b9dc59e
e0a205f061d7468682b0fce742317e58e224bbb0cbcd91a9e1e8f02664b5e777
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e61e7542081ce3b43ef206ec0ac6bf25aa34316d27c933f65dd1029d316bf0bf
e8a35329a40b28bde10e65a94d4b245ee94a899e98ef46eb49dd18c8d232c4a2
e923ed63562aa1f3ae19383a18609933aebd0afad1100006a5c8eeaef0f52662
eada67cef809faab179bb42d56042d47c6a205526e110cab1a8f03a585104a88
ed0b6cf04cd484a5a817d7e64121674b837a42c361df9231f899270acbf49dfb
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f24e8b4121c0f773b0b049be0f374c029f305399cbeab9fa5b4bfc13117809c5
f538b18149ea8f232f7fcee860f92d75fd8e928dabae5a8095bb542eb29eb255
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5ede199708b8fbc78f9889879b17c53a8f32c1eb2b2797106f6a752cbc00b8e
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f730f1828528478136d59dd9906e0b1bcff864301c4e2a7d543f7bfde8d436c7
f78ab124506d9ee109b457c68f7faa639e79c04aeca7eaccae2cfb6b47955fff
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fea70afe99d1a20296cadbb987078ef5b7a6a522982afee9964da99da19b4645
fed7d9dd6400f06b928511591eea7d7fb234ff0c0ed11ed9ab97ecde31e5f192
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

www.bg3.co Open in urlscan Pro 103.231.174.251 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

339 Requests

83 %HTTPS

55 %IPv6

44 Domains

84 Subdomains

63 IPs

9 Countries

7714 kBTransfer

16537 kBSize

34 Cookies

23 Outgoing links

Redirected requests

339 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.bg3.co Open in urlscan Pro
103.231.174.251 Public Scan

Screenshot
Live screenshot

Full Image

339
Requests

83 %
HTTPS

55 %
IPv6

44
Domains

84
Subdomains

63
IPs

9
Countries

7714 kB
Transfer

16537 kB
Size

34
Cookies

339 HTTP transactions
7 data transactions