urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-r...
Submission: On December 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 51 IPs in 10 countries across 39 domains to perform 261 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
46 151.101.1.44 54113 (FASTLY)
1 4 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
15 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a04:4e42:400... 54113 (FASTLY)
2 2600:1f18:24e... 14618 (AMAZON-AES)
2 23.97.225.52 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::c 44788 (ASN-CRITE...)
2 2620:116:800d... 16509 (AMAZON-02)
4 2001:4860:480... 15169 (GOOGLE)
1 2600:9000:20c... 16509 (AMAZON-02)
2 51.77.64.70 16276 (OVH)
4 151.101.193.44 54113 (FASTLY)
19 141.226.228.48 200478 (TABOOLA-AS)
1 172.104.206.52 63949 (AKAMAI-LI...)
3 2a00:1450:400... 15169 (GOOGLE)
22 2a00:1450:400... 15169 (GOOGLE)
1 1 23.56.202.187 16625 (AKAMAI-AS)
6 2.19.217.60 16625 (AKAMAI-AS)
3 35.71.131.137 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
1 3.69.104.214 16509 (AMAZON-02)
3 69.173.144.165 26667 (RUBICONPR...)
1 65.9.66.13 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
10 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 138.199.37.230 60068 (CDN77 ^_^)
2 2a00:1450:400... 15169 (GOOGLE)
12 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2a00:1450:400... 15169 (GOOGLE)
4 9 142.250.186.162 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 37.252.171.53 29990 (ASN-APPNEX)
2 142.250.186.34 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
1 2 2001:678:cb4:... 56396 (AMOBEE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
1 178.250.1.9 44788 (ASN-CRITE...)
2 2 37.157.5.132 198622 (ADFORM)
1 198.47.127.19 62713 (AS-PUBMATIC)
1 1 69.173.144.139 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
261 51
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
5    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
4    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
46    151.101.1.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
4    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
3    2606:4700:20::681a:567 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
15    2400:52e0:1e00::1076:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
2    2600:1f18:24e6:b901:1c22:376c:9c1e:cbbf (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
2    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fundingchoicesmessages.google.com
1    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2600:9000:20c3:5600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    51.77.64.70 (Germany)

ASN16276 (OVH, FR)
PTR: de-fra-1.pro.ip-api.com
pro.ip-api.com
4    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
19    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
1    172.104.206.52 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-104-206-52.ip.linodeusercontent.com
socket.unibots.in
3    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
22    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    2.19.217.60 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-217-60.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
3    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    2a05:d018:d29:3602:8b08:3c9:f238:ee96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    3.69.104.214 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
x.bidswitch.net
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    65.9.66.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-13.fra56.r.cloudfront.net
cdn.socket.io
1    2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com
4    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
10    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
vjs.zencdn.net
3    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    138.199.37.230 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 138-199-37-230.bunnyinfra.net
unibots.b-cdn.net
2    2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
12    2400:52e0:1e00::1078:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
1    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
9    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    37.252.171.53 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
googleads4.g.doubleclick.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
2    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
r.turn.com
2    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    35.204.158.49 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com
um.simpli.fi
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    37.157.5.132 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
1    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
70 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1020
trc.taboola.com — Cisco Umbrella Rank: 648
vidstat.taboola.com — Cisco Umbrella Rank: 3027
am-trc-events.taboola.com — Cisco Umbrella Rank: 15316
images.taboola.com — Cisco Umbrella Rank: 1870
imprammp.taboola.com — Cisco Umbrella Rank: 15008
am-match.taboola.com — Cisco Umbrella Rank: 15404
wf.taboola.com — Cisco Umbrella Rank: 3217
am-vid-events.taboola.com — Cisco Umbrella Rank: 14680
vidstatb.taboola.com — Cisco Umbrella Rank: 5135
pips.taboola.com — Cisco Umbrella Rank: 1659
cds.taboola.com — Cisco Umbrella Rank: 1860
2 MB
33 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 102
28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 148
387 KB
27 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 30330
stream.unibotscdn.com — Cisco Umbrella Rank: 43289
4 MB
23 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 219
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 515
pubads.g.doubleclick.net — Cisco Umbrella Rank: 414
384 KB
11 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 946
eus.rubiconproject.com — Cisco Umbrella Rank: 588
token.rubiconproject.com — Cisco Umbrella Rank: 461
pixel.rubiconproject.com — Cisco Umbrella Rank: 339
43 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 17372
e3.adpushup.com — Cisco Umbrella Rank: 20838
308 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578
2 KB
4 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2189
330 B
4 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1404
www.google.com — Cisco Umbrella Rank: 2
12 KB
4 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30716
sync.aralego.com — Cisco Umbrella Rank: 2837
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 36
362 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 428
89 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 229
2 KB
3 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 474
1 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 331
445 B
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
imasdk.googleapis.com — Cisco Umbrella Rank: 487
368 KB
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 16103
41 KB
2 gstatic.com
csi.gstatic.com
279 B
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 560
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 802
s.tribalfusion.com — Cisco Umbrella Rank: 2218
1 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 773
r.turn.com — Cisco Umbrella Rank: 3570
869 B
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
94 KB
2 ip-api.com
pro.ip-api.com — Cisco Umbrella Rank: 6331
540 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1276
pixel.quantserve.com — Cisco Umbrella Rank: 1011
9 KB
2 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 424
dis.criteo.com — Cisco Umbrella Rank: 550
651 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8866
505 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 735
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28506
12 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15885
c.statcounter.com — Cisco Umbrella Rank: 10182
15 KB
1 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 793
166 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 780
713 B
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 206
64 KB
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 46663
1 KB
1 zencdn.net
vjs.zencdn.net — Cisco Umbrella Rank: 5507
145 KB
1 socket.io
cdn.socket.io — Cisco Umbrella Rank: 43098
13 KB
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 336
146 B
1 unibots.in
socket.unibots.in — Cisco Umbrella Rank: 63121
4 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1296
643 B
1 bg3.co
www.bg3.co
static.bg3.co Failed
17 KB
261 39
Domain Requested by
24 images.taboola.com
22 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
imasdk.googleapis.com
googleads.g.doubleclick.net
16 am-trc-events.taboola.com
15 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
14 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 stream.unibotscdn.com vjs.zencdn.net
10 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
9 cm.g.doubleclick.net 4 redirects googleads.g.doubleclick.net
6 eus.rubiconproject.com ads.aralego.com
am-match.taboola.com
imprammp.taboola.com
eus.rubiconproject.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
cdn.aralego.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 region1.google-analytics.com www.googletagmanager.com
4 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
cdn.unibotscdn.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
3 token.rubiconproject.com eus.rubiconproject.com
3 pr-bh.ybp.yahoo.com am-match.taboola.com
imprammp.taboola.com
3 match.adsrvr.org am-match.taboola.com
imprammp.taboola.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 csi.gstatic.com imasdk.googleapis.com
2 c1.adform.net 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 s0.2mdn.net imasdk.googleapis.com
googleads.g.doubleclick.net
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 pro.ip-api.com cdn.unibotscdn.com
2 sync.aralego.com ads.aralego.com
2 trc.taboola.com cdn.taboola.com
2 e3.adpushup.com www.bg3.co
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
1 pixel.rubiconproject.com 1 redirects
1 image6.pubmatic.com googleads.g.doubleclick.net
1 dis.criteo.com googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 s.tribalfusion.com
1 a.tribalfusion.com 1 redirects
1 r.turn.com
1 ad.turn.com 1 redirects
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 unibots.b-cdn.net cdn.unibotscdn.com
1 vjs.zencdn.net cdn.unibotscdn.com
1 28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.socket.io cdn.unibotscdn.com
1 x.bidswitch.net am-match.taboola.com
1 vidstatb.taboola.com
1 am-vid-events.taboola.com
1 imprammp.taboola.com vidstat.taboola.com
1 secure-assets.rubiconproject.com 1 redirects
1 fonts.googleapis.com cdn.taboola.com
1 socket.unibots.in cdn.unibotscdn.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 gum.criteo.com cdn.taboola.com
1 fundingchoicesmessages.google.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 static.bg3.co Failed www.bg3.co
261 70
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
cdn.unibotscdn.com
R3		 2023-11-27 -
2024-02-25		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-01 -
2024-03-01		 3 months crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
*.ip-api.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-25 -
2023-12-26		 a year crt.sh
socket.unibots.in
R3		 2023-11-06 -
2024-02-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
cdn.socket.io
Amazon RSA 2048 M03		 2023-10-22 -
2024-11-17		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
vjs.zencdn.net
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2023-11-05 -
2024-11-11		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-11-02 -
2024-01-31		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 22 frames:

Primary Page: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Frame ID: E20434B87E92E67AF48AF1B8E603B911
Requests: 177 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: C5D3A1AA9F36EC6BEADFF472FCDAFF94
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 9FFFFAB7939EEDFCA0E3D7D9FADD9055
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 4EC7C9DAB32DA3927B35F64B4084853C
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&cmcv=&pix=undefined&cb=1701948482866&uv=3364&tms=1701948482866&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=88929fa6-3022-4328-b843-9c58a24c9b6c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 8881C39460A7AA1218FD5EF775C0C617
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 36450437E5145053FCE771C25F7D5C04
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: EA3B3ECE66C2F6EF4B63F73EDDDC76D3
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 7F97206129FB8E008B47532E95EBA29A
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: AD1584C20DD58D9F4BE7789421953765
Requests: 4 HTTP requests in this frame

Frame: https://28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F1174CDC0DDFF507D09AFE9DB7ECE1A6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/zrt_lookup_fy2021.html
Frame ID: A9929F1A6DD21B991C451C122292502E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Frame ID: 5AFF7BBD1A65C1AE2F123D4441786FF5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F170AAFC6CD137CFFD6331F4BE4AD5A6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9B6A3E75AF44E8D1674E53156FFBB7A9
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9523833FF0F8B59065401ED492607C28
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CA9DB17616999EF3DBAB24C941F9D739
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Frame ID: 92EB1324C480C3C60A7A53EC7B244DA8
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 61894B9D291FE8589F86F2F45D53F2E3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY4vOB-AEwAQ&v=APEucNULToGjkBlcLMk2YVZTrKltivNM_wVhe4t7UTh63hANJ1A5QHpbjnRu74INrMS_tBoCBi0wiTnpk89JyWxMOBsqKOL--Imf75AAwYo669XBhwzx6YdBPssBXIGVjPgw6pMPUtBODTUfj39goIS-zoahG2-D4DFS7a_3G79XqT8zj2wWuRA
Frame ID: 4379C03D1F9E87F1CF7E9FED70963BBC
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: D74398B966729612B732D74EBB747B95
Requests: 17 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 41427EB1B3CBFD1931CFB8D8DDB1DD84
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BDFF700C35382B28945503DA01508110
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

雷瑟琳貼新歡親密照大公開 神秘美男身分曝光超驚人! - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • socket\.io.*\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

261
Requests

84 %
HTTPS

50 %
IPv6

39
Domains

70
Subdomains

51
IPs

10
Countries

8210 kB
Transfer

16566 kB
Size

26
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 117
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 213
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
Request Chain 214
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXGsRHUaAKAmABPwGGFHSwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
Request Chain 215
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAR_UYNFjnXM17lkrXUDUcc&google_cver=1
Request Chain 216
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU1Mjc4OTIyMzI4MTQ4
Request Chain 234
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDakbRL5K3rNpsl-WW5rMc0&google_cver=1&google_push=AXcoOmQ7tpk2RsvZbWpPp3STFAWvvaRLcj9bqKmkET4V8k0Oi_R7_CaXLwzAh4vMNsrv1f_s0gO0ePfao7jhaDhgqW4tRF9hahfexA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk2NTk2MzM2NzQ5Njg3NDE0Mw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDakbRL5K3rNpsl-WW5rMc0&google_cver=1
Request Chain 235
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIoflf82Nqhw7r0UyXrp6Cw&google_cver=1&google_push=AXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoflf82Nqhw7r0UyXrp6Cw&google_cver=1&google_push=AXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 236
  • https://um.simpli.fi/gp_match?google_gid=CAESEK2AUygKk2XEprYDRZ8Rmh4&google_cver=1&google_push=AXcoOmTD6bw6Cyxl22RMJU3tE4M5Hv-C9dLv-IZcN66C6gNB5-WzRSl5DAJQMocdfip0eSNKmCys9SsrR65bOqa24DIavPN4DWXm4A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=981931392E3549CE87AD85509792CEA3&google_push=AXcoOmTD6bw6Cyxl22RMJU3tE4M5Hv-C9dLv-IZcN66C6gNB5-WzRSl5DAJQMocdfip0eSNKmCys9SsrR65bOqa24DIavPN4DWXm4A
Request Chain 238
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELToCguQoTxHeb4MBFgrKp8&google_cver=1&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_2OhQ3alI-ZLuBzqwnRwenzLQ HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELToCguQoTxHeb4MBFgrKp8&google_cver=1&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_2OhQ3alI-ZLuBzqwnRwenzLQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE4MTE2MTk5MTk0MTYxODY3Nw&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_2OhQ3alI-ZLuBzqwnRwenzLQ
Request Chain 240
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMl7gvZo0b3F7H2AMu7gMzg&google_cver=1&google_push=AXcoOmQ3BSe942TfsmOQzNORBFhafcIJZp6FaiYjCd4FabTS9Wqjq4JphBlQA0JS7dqnP5iQfIvjISSJi9XgGrvGa3LnnVyVIC_D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWNDZOSFgtMjAtM1JKNA==&google_push=AXcoOmQ3BSe942TfsmOQzNORBFhafcIJZp6FaiYjCd4FabTS9Wqjq4JphBlQA0JS7dqnP5iQfIvjISSJi9XgGrvGa3LnnVyVIC_D

261 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
www.bg3.co/a/ 		57 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0ecc84095f56371b8d679beee2267f8408f02b079a9c8ab422aeedc7e9dcd8c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 07 Dec 2023 11:28:01 GMT
etag
"e5a1-4W6oSIOmFRoTNFa8s0cFrLbZMnA"
expires
Thu, 07 Dec 2023 11:29:01 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b592f5eed8ec86ee327080e89bbc6c151e4027664e5b65a669b8be202a0be895
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 11:28:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73109
x-xss-protection
0
server
sffe
etag
"edc2dedc0eb3578e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Dec 2023 11:28:01 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb60fd301cb681ec6625d150b740b728811c608f8d910ec61c87a7ab24eeec72
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Thu, 07 Dec 2023 11:28:01 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9652
x-xss-protection
0
server
sffe
etag
"36db30639150a57a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 07 Dec 2023 11:28:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
861ae6f08f62136db7ddef4c60f7cdf118c2b2b174d3eb6ad537420a2a39a51f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30008
x-xss-protection
0
server
cafe
etag
73 / 19698 / m202311290101 / config-hash: 16835354973066905572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:01 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
659df049e5bcdc230c8e13869429e2dd8a3c97788c45684ea024aff5a383c1fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91638
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 11:28:01 GMT
counter.js
www.statcounter.com/counter/ 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 06 Dec 2023 17:27:04 GMT
server
cloudflare
age
25129
etag
W/"6570aee8-a313"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
cf-ray
831c6c3b1b105d79-FRA
expires
Thu, 07 Dec 2023 16:29:12 GMT
adRecover.js
delivery.adrecover.com/43519/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CF4) /
Resource Hash
d9560c5e850f35c072e4cdbe92cc1beae698fa2208783847f60dd15578631264

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
age
7773
x-cache
HIT
x-client-device
desktop
content-length
11642
x-ap-device
DESKTOP
last-modified
Thu, 07 Dec 2023 07:59:10 GMT
server
ECAcc (frc/4CF4)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
DE
accept-ranges
bytes
expires
Thu, 07 Dec 2023 12:28:01 GMT
adpushup.js
cdn.adpushup.com/42753/ 		790 KB
162 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
2ef23db53e1e6caf7c5c6267c699dd9fd24be604dc31aeab20deb265f7c3ea4c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
age
82714
x-cache
HIT
x-client-device
desktop
content-length
165716
x-ap-device
DESKTOP
last-modified
Wed, 06 Dec 2023 12:23:47 GMT
server
ECAcc (frc/4CC5)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
DE
accept-ranges
bytes
expires
Thu, 07 Dec 2023 12:28:01 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
46cd716f62f8a5537ddfb2c981c6ebf743d6a2ced5ebc27b63c27cf19eabcc33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
wO0dTmbY3UrKV1kkftBo.YMXtV0GOwRw
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:01 GMT
x-amz-request-id
545FAMJVSKJPMMV7
age
52
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
56988
x-amz-id-2
K8kn4a6nU1OLhYW/UGJoSSIN5bDHSygkdwajXgMYfLD9Q0WpUjD06OAhyuK/8Igzc1WjW8MiBcs=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 11:53:52 GMT
server
AmazonS3
x-timer
S1701948482.810517,VS0,VE2
etag
"4117ab8e0a2bc66e9c12d548a340ed24"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
85
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9668
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ5zYvDUUPYOe7HufhWA5EVYTv%2FRguaXgeN1iW1zeM6w7Uwpb9iXosPYCqh7dtQEf905xIRMNRSWwSXsSrnMpytA0lLfvFbc%2BRH1%2FcdKlgClxfQ8T73q5qOTwbOZaEXDbfQDU%2FpnO1HWVNzDww%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
831c6c3e393c9061-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/player/mvp/ 		336 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/mvp/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
50c3f6649b2781350af86249ea37a46996fd268915ef7aabbd91287abe0b7631

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-164
cdn-cachedat
12/06/2023 11:26:56
cdn-pullzone
873945
last-modified
Wed, 06 Dec 2023 06:42:21 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
656
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"657017cd-53f26"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d51e1afb5c46b7e6dd28be935cde62d8
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
t.php
c.statcounter.com/ 		192 B
565 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=3635212E01C44FD947184F54F03F4F1D&java=1&security=dd738f34&sc_snum=1&sess=75b702&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&t=%E9%9B%B7%E7%91%9F%E7%90%B3%E8%B2%BC%E6%96%B0%E6%AD%A1%E8%A6%AA%E5%AF%86%E7%85%A7%E5%A4%A7%E5%85%AC%E9%96%8B%E3%80%80%E7%A5%9E%E7%A7%98%E7%BE%8E%E7%94%B7%E8%BA%AB%E5%88%86%E6%9B%9D%E5%85%89%E8%B6%85%E9%A9%9A%E4%BA%BA%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2385&sc_rum_e_e=2389&sc_rum_f_s=0&sc_rum_f_e=2382&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
831c6c3b8b6a5d79-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
2524613
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-fra-eddf8230032-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701948482.920540,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
44, 13335
impl.20231206-6-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
fefe013eaa20a899ce226c91270817a52c9a1aea9493b37f45d0fdc35da6f67a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
eAEX0OutHTDtGIx21SLdtq5ZKGf.X4BI
content-encoding
br
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:01 GMT
x-amz-request-id
6JG01TGQZCRYV5D6
age
3698
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173791
x-amz-id-2
Bg8QpRs8uy4DrwiqcXI9zSQOcc5T+0gSGBCY7qstQKJkpkhLai/GsZBY13pl2WaG7yHTxKPbs8A=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 10:24:38 GMT
server
AmazonS3-br
x-timer
S1701948482.919605,VS0,VE0
etag
"207c5c9e77415ff3bd52a702b77cf033"
vary
Accept-Encoding
content-type
application/javascript
abp
6
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
13362
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
1345865
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-fra-eddf8230032-FRA
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1701948482.941234,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
4, 717095
block.jpg
delivery.adrecover.com/ 		631 B
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1701948481962
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC2) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Fri, 06 Dec 2024 11:28:01 GMT
date
Thu, 07 Dec 2023 11:28:01 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (frc/4CC2)
age
9678757
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
DE
pb.42753.1701273326076.js
cdn.adpushup.com/prebid/ 		432 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1701273326076.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CFE) /
Resource Hash
b7ecc88d37cd9e494d4f56d3b4e6170434f77bd7bf23190acb14e7c63448488e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Dec 2023 11:28:01 GMT
content-encoding
br
age
665769
x-cache
HIT
x-client-device
desktop
content-length
129026
last-modified
Wed, 29 Nov 2023 15:54:27 GMT
server
ECAcc (frc/4CFE)
etag
W/"65675eb3-6c00b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 11:28:01 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
356 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
br
age
8122222
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (frc/4CD4)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 11:28:02 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:1c22:376c:9c1e:cbbf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D07) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-client-geo
DE
date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
br
age
7291667
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (frc/4D07)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 11:28:02 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDE5NDg0ODIwMDEsInBhY2tldElkIjoiMDAwMEE3MDEtOWJmOTE1MWYtMGYyYi00ZjExLWI4MDgtNzNjZjk1Nzc2ZWMzIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2xlaS1zZS1saW4tdGllLXhpbi1odWFuLXFpbi1taS16aGFvLWRhLWdvbmcta2FpLXNoZW4tbWktbWVpLW5hbi1zaGVuLWZlbi1wdS1ndWFuZy1jaGFvLWxpYW5nLXJlbi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJERSJ9&c_b=2572.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
21ced978-abc1-4eaa-8e7e-090ca2f04cf4
https://www.bg3.co/ 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/21ced978-abc1-4eaa-8e7e-090ca2f04cf4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
645c58677e2bfe285d26f92ad76260b7e17c1099970fb4833dd338230ddb2a64

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length
1601
Content-Type
application/javascript
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/ 		22 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a2821073fd21440666ef21d5a132265293c02cedc9f160cab788d8ff141048ee
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ymyYcETUnZB5kmWsyHt1xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ymyYcETUnZB5kmWsyHt1xQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
232656
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		75 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=12%3A28%3A02.020&lti=deflated&data=%7B%22id%22%3A892%2C%22ii%22%3A%22%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1701863627011%2C%22vi%22%3A1701948482019%2C%22cv%22%3A%2220231206-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html%22%2C%22vpi%22%3A%22%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3458%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1876.390625%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d08a451eb43b74cc8d7cf7b4f58354d998bf8581cb998ecc185115b8f5fc851f

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
427
date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.9942500000000001
x-fastly-to-nlb-rtt
7386
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230105-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1701948482.044116,VS0,VE427
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 14 Dec 2023 11:28:02 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 13:36:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
78692
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Dec 2024 13:36:30 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3bt0v9102959953&_p=1701948481686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1249414168.1701948482&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701948482&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dt=%E9%9B%B7%E7%91%9F%E7%90%B3%E8%B2%BC%E6%96%B0%E6%AD%A1%E8%A6%AA%E5%AF%86%E7%85%A7%E5%A4%A7%E5%85%AC%E9%96%8B%E3%80%80%E7%A5%9E%E7%A7%98%E7%BE%8E%E7%94%B7%E8%BA%AB%E5%88%86%E6%9B%9D%E5%85%89%E8%B6%85%E9%A9%9A%E4%BA%BA%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2711
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c899498398e2060b5e86c6117b34175f.jpg
static.bg3.co/imgs/202105/ 		0
0
c7b9c4dfbb28aa640c427603e6918eb3.jpg
static.bg3.co/imgs/202105/ 		0
0
2ca5425e0e5a1516abaf670b598bbc94.jpg
static.bg3.co/imgs/202106/ 		0
0
60747b96e5d219b04c67757cc85e2165.jpg
static.bg3.co/imgs/202201/ 		0
0
2cd7d2599ab52e72fb88ae114d575a38.jpg
static.bg3.co/imgs/202105/ 		0
0
cb93003ab7eab79f6a7d2d14427211b1.jpg
static.bg3.co/imgs/202105/ 		0
0
f7fd9b4d69820145a4988dfe74a0b108.jpg
static.bg3.co/imgs/202105/ 		0
0
51ef860881784f56d2675dcde176c599.jpg
static.bg3.co/imgs/202105/ 		0
0
3abfa2ab5f6e1546cd93c27452a586ab.jpg
static.bg3.co/imgs/202105/ 		0
0
320735647021d92cf748e9cdc7af7962.jpg
static.bg3.co/imgs/202310/ 		0
0
f39b66fc163a1717f0581d57bc53da0d.jpg
static.bg3.co/imgs/202105/ 		0
0
fb173b0c8c4522fe26c6712dd1c8fb06.jpg
static.bg3.co/imgs/202109/ 		0
0
d2fdb66a5f5aebc82e163bd77c82920d.jpg
static.bg3.co/imgs/202309/ 		0
0
0bf3f31da57139e4e15e8ca9b04a41db.jpg
static.bg3.co/imgs/202011/ 		0
0
889a73b11d832acb24007d797af89734.jpg
static.bg3.co/imgs/202105/ 		0
0
81f172231d23061c303ca84471900487.jpg
static.bg3.co/imgs/202204/ 		0
0
e4b643bcc6d2b407ca965ccdcc5602c0.jpg
static.bg3.co/imgs/202105/ 		0
0
37b5726bfc8063ce62809829e276cb23.jpg
static.bg3.co/imgs/202105/ 		0
0
54988f685da5627d582bf504053dda97.jpg
static.bg3.co/imgs/202105/ 		0
0
baa812f06020ec5cfc42c48f8540a72f.jpg
static.bg3.co/imgs/202106/ 		0
0
e792ff870b086ef58c31b0576128e52c.jpg
static.bg3.co/imgs/202110/ 		0
0
b64d632222dd27177083017f1e7063e0.jpg
static.bg3.co/imgs/202105/ 		0
0
4cd46bc0924034fe192d422b9c3a0483.jpg
static.bg3.co/imgs/202106/ 		0
0
9f4f24a2ef7077fd3bb00e088598837a.jpg
static.bg3.co/imgs/202105/ 		0
0
03977bccd57186dd5b7f0bd552623d97.jpg
static.bg3.co/imgs/202105/ 		0
0
3f9a2fdf9c25023f59d1b3973f9ba8e4.jpg
static.bg3.co/imgs/202110/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012311212202000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012311212202000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f240de3e57aeb438168ae4892702512852e40cc5a9c9d159c66caa16ebf5b03f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Dec 2023 19:31:41 GMT
age
143781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"51668a50996f53d6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Dec 2024 19:31:41 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012311212202000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012311212202000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
67a8d6f899274e3ea88ec905d14f1fc148ce3ad49e0b598a345d646688463617
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 05 Dec 2023 19:31:41 GMT
age
143781
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3936
x-xss-protection
0
server
sffe
etag
"26ef04fd7a15321a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Dec 2024 19:31:41 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
643 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20c3:5600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:53:48 GMT
via
1.1 167c735142bc0b0bedf2cca27d970088.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-C1
age
2062
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
5bla5qjhYQVDK9zZrZpjJkOakrLZP27W4X3lTprBc73yWfTx9kQGyg==
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
635 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4090
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ouPX6bW0BFAgDgHzrowkHok%2BgEIAMXEbE%2FeCd%2BYT8TH24wIufYqmrULxIEo7Xf328zWArXW%2BheyQvMUkEaxa5HQEIPndlB0zfNQFtr4P4%2BmOBtdZlnUSRc2SuP4KEtJmD3CZgxjNgS%2B%2Bic6oNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
831c6c3e79739061-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7c1c70a2fff8d54c82ea6d756adb2ad3d870939ee42ccd0c7dafe43a55a867c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:28:02 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.7036081289911058&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:28:02 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
pixel;r=1880109247;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html;uh=e51ed67dfb8d91d...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1880109247;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1067724972-1701948482183;pbc=;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1701948482319;tzo=-60;ogl=;ses=b0da9098-171f-4532-ac7f-70532a02ffc1;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
/
pro.ip-api.com/json/ 		114 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
a2b60c0eb81488176b3d870011e44e8464248c90afe2ef3d321cb4f5e8a953df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 07 Dec 2023 11:28:02 GMT
Content-Length
114
Content-Type
application/json; charset=utf-8
floating-unit.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dd0112737f71e1e0a2d5a65863c2e12abb0495d8f8a0ca522823bebb0ca27e5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
ozlfZYqUPHMsr_x1Z3S9f2nZTW_5EBPU
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
G693HCCYWQJ60MQB
age
82404
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2492
x-amz-id-2
u+kEMR/EHNhQDhHPRKxAdyTxDphNvn16J/76oU5rxUmGN4Blq+9dQAsUkMxfuznbE6ByvacJVy8=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:38 GMT
server
AmazonS3
x-timer
S1701948483.509023,VS0,VE0
etag
"13a4ecec2b597cc22a8a9431127127f8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
79
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16750
taboola-vignette-new-scanning.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01d4c3ccea2211c04bca818254ce5a28b9c6636f601e23bf864cc61b384f6fbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
OatAD.ffzGgo8XNOWPyFwz.k730Zgb3F
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
QXBKPE73TSMVX229
age
82369
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
1tctujPVf5UObaoLOWG5me+KkJBjgCjLGj3/Ehf2TK6KAzyt1EZYKSa90cN/Sfagjx5WqRg3CnI=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:35:13 GMT
server
AmazonS3
x-timer
S1701948483.509894,VS0,VE0
etag
"7555fbfbb18bec298a4458a38a8def9f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
75
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
12845
distance-from-article.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6487ab919b7911e7b005fb51335490be3133479d0aed1ea9c5284c374e57098d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
yGztneefFuIXi99HKc1_Sm2q3uRUbRX3
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
0K31MK1MD20XZYWZ
age
82423
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1132
x-amz-id-2
uivkSN+EPT+N0BWPR2dHrwZf26Q02RL1gBUyLW0zID36NQVM/pWrR7Yo6FASwvLQ/057LKfthw8=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:20 GMT
server
AmazonS3
x-timer
S1701948483.515916,VS0,VE0
etag
"7d82a0586d2dd4c9a3685363a17946cc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
16
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
190796
article-detection.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8feade9aeef34fe3003262b880b4421eb32d8733b3e29dac9bbc758452062fe6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
0w3gUxpSo6BMtWE2Iuljm1dchFIktxKr
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
4FMKZW9KHEJ072XB
age
82434
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
a+X4e9Z8DRFdbsFxPBi/6iVK9oivyOp67q9BmBwM6QOduofGt8oHhxQdESnMJBhCHsjuwKz8qj4=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:08 GMT
server
AmazonS3
x-timer
S1701948483.515909,VS0,VE0
etag
"fe387f1226f3c8bb23bff4003bc234bf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
34
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
190778
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.6.3/ 		121 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
40573cccd1d970200105c52a3a1b06e3600e6117c3251d1bd43724023c2a27e1

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 92cfe9224b3a51aff944c5d8ac7bf798.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
AMS1-P3
age
245289
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
34268
x-served-by
cache-fra-eddf8230117-FRA
last-modified
Mon, 04 Dec 2023 15:18:26 GMT
server
AmazonS3
x-timer
S1701948483.576714,VS0,VE0
etag
"9fc7af8e0f714082daf459b74559f024"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
mRgC3kC_BWE0QdmF_BiNeVjkxvP02twOjtjMV-jdzwROvQtwBzo3DQ==
x-cache-hits
33528
feed-card-placeholder.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b2d079f33766b9e482e2affec4a226324a73bb0299fe0d7f81fcc9f27cf5adfc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
exmt8QDCBpwh2j4wIF.Im9k1IgD4RmYv
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
YM45YZ6RDPKZRX2F
age
82414
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
YLNHl0KCH+XdQphe5vKsVmroZwhz6Hc8Bcz2IWu/91LqI/TXoc9aO+oM7KNK/n2KH4RTd+XJ9cE=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:29 GMT
server
AmazonS3
x-timer
S1701948483.517010,VS0,VE0
etag
"52d36c3b582052032d1b8aea6b202c1f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
9
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
168467
userx.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fa69594ed2a907e37c5416c543cbcbef831522b35db21fb15b90af09ff0eeb9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
MhpMnpMT1KC1Rv6OMVj1miL4ncYrD0Qt
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
XFEXDS7SWAMBEM6K
age
82361
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
6Nt/UVtGlv8nEUXKxXGDVWLUMejU+xt741+dy6dl7fbbg3VM9lc4ZhLKef8YXVb0iqko6qpDbH4=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:35:21 GMT
server
AmazonS3
x-timer
S1701948483.519334,VS0,VE0
etag
"e3981655072625d55c87ed261a520b8a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
48357
explore-more.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1f8dcc0badc9e3df2b74303b42840cb3454670919db445946cb6456c36af916

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
sEzL7vTUJGzj891Nq7AGmCnZKftkww87
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
AKMFDN9FB5BY4NA2
age
82416
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
7706
x-amz-id-2
n4es4X8gqzp0UNvnGoFOjp/j713qwb+fMg/BVkZjQ2rO48ikCSQ1710/QYPJxrE+U6E8y0KwuxI=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:26 GMT
server
AmazonS3
x-timer
S1701948483.523149,VS0,VE0
etag
"b12ef1a16a19c93a4e9000e247496818"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
83006
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=12%3A28%3A02.494&id=1860&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1701948482495%7D&tim=12%3A28%3A02.495&id=7555&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1701948482499%7D&tim=12%3A28%3A02.499&id=4529&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A28%3A02.509&id=5693&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A28%3A02.510&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=9391&cv=20231206-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29660
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A28%3A02.511&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=4852&cv=20231206-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29660
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A28%3A02.513&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4958&cv=20231206-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29660
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A28%3A02.513&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6146&cv=20231206-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29660
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A28%3A02.515&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=2521&cv=20231206-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29678
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
Y1PG8J215N22T8P1
age
21
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
Uw5tFQx0SXBhUtt7LR3tzPg4AwJsLw0b0pfPCtMtj2dH9WxEQG/AKgaWCN1zlzUHI1DQ4s8JfL8=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-timer
S1701948483.530357,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
13
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
37
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e871401740a67d7da6d57de355de7b4dae0f855d45db154fc3de1187fda64559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
3089190
edge-cache-tag
611941327330791342948786352276644257630,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
758
req-referer
https://www.con-nect.de/
content-length
186864
x-request-id
3eb3217ffd52f7b6caed0e836fb91543
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000113-IAD, cache-iad-kiad7000113-IAD, cache-sna10747-LGB, cache-iad-kiad7000024-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=800,height=600,bytes=94456,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.541951,VS0,VE2
etag
"0993187ae35f2e105960f66d06b1d0c1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 13, 1
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cde5a918a885932bb72c4b4e07bd23ffd0322033893c35ec2060ac6dfbd97aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
2863799
edge-cache-tag
611941327330791342948786352276644257630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
185
req-referer
https://www.suedkurier.de/
content-length
94928
x-request-id
ad2dd254c2b80d926d241c04f6c785a8
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100025-IAD, cache-sna10741-LGB, cache-iad-kcgs7200105-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=101501,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.541975,VS0,VE0
etag
"d620aae80c6cfd6f361a6ff6f5e67121"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 0, 2
1bc5b7613fdc113491899ae58106025a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29c9755af42608e78009e55806e14992b5db70479ff447ff5eef196ef05e17ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
age
3426171
edge-cache-tag
353516718184282470301678459139997834524,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
353516718184282470301678459139997834524,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
248
expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.freenet.de/
content-length
27162
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100113-IAD, cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100158-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 02 Oct 2023 15:38:21 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=52535,owidth=1200,oheight=720,obytes=183021
x-timer
S1701948483.593298,VS0,VE0
etag
"4d389ca2f1c5a7c7571309c2f9164dac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 2
9159726a9e8733feecd3ca57e70b8c86.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9159726a9e8733feecd3ca57e70b8c86.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7740b9b85025fba77d743a80962ddd88d4100656d23e71ab43638c62a2d8b136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9159726a9e8733feecd3ca57e70b8c86.png
age
1900112
edge-cache-tag
620640840769782493533731761904228975662,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
620640840769782493533731761904228975662,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
174
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ouest-france.fr/
content-length
27038
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kiad7000088-IAD, cache-sna10731-LGB, cache-iad-kcgs7200048-IAD, cache-fra-eddf8230105-FRA
last-modified
Sun, 20 Aug 2023 11:12:06 GMT
server
nginx
x-timer
S1701948483.592823,VS0,VE0
etag
"3906ea86bc2525a037f6a1daa724c81d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 554, 2
e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14ccc74038da321fa39f6b52cf20926a47da82650f7cb70f5e780a0e8f685860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
age
3784091
edge-cache-tag
365234063217138398643738586156670388386,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
365234063217138398643738586156670388386,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
207
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gourmand.viepratique.fr/
content-length
96590
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000027-IAD, cache-iad-kcgs7200124-IAD, cache-sna10747-LGB, cache-iad-kcgs7200104-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 21 Aug 2023 09:26:53 GMT
server
nginx
x-timer
S1701948483.595578,VS0,VE2
etag
"5534c31b7ad68b0e3e49eb1b693a18c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 63, 1, 3, 1
66ea87cba2d462905a3c7ec5ce8d11b1.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66ea87cba2d462905a3c7ec5ce8d11b1.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d644b5151c2d9a2694245d884db8712add684c01b8537e53347b3fc07fdf6da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
4
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66ea87cba2d462905a3c7ec5ce8d11b1.jpeg
age
270754
edge-cache-tag
447577569271238000185750107649157407603,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
447577569271238000185750107649157407603,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
57
req-referer
https://www.espn.com/
content-length
3852
x-request-id
85f338596bb4a7b83f3683db75696211
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kjyo7100110-IAD, cache-lax-kwhp1940052-LAX, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230105-FRA
last-modified
Fri, 01 Dec 2023 22:24:14 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=20093,owidth=1000,oheight=600,obytes=29069
x-timer
S1701948483.612998,VS0,VE4
etag
"2be42254a98af8f49c46579ebb3e3156"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
5c55edc890804ea9a01633a2bd64d895.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c55edc890804ea9a01633a2bd64d895.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
042194c884380bb27b6e8ec85ba0a5aa16d765ee0d7e5ff8944d807b75335864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c55edc890804ea9a01633a2bd64d895.jpg
age
4941437
edge-cache-tag
587833980858949775455408474900796942892,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
587833980858949775455408474900796942892,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
61
expiration
expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.guitarthai.com/
content-length
12280
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000034-IAD, cache-iad-kiad7000067-IAD, cache-sna10725-LGB, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230105-FRA
last-modified
Fri, 28 Jul 2023 09:12:04 GMT
server
nginx
x-timer
S1701948483.637257,VS0,VE0
etag
"84472ea3081565aab804ca054b697edf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 33, 2
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
121fc05f3f094c5af2e989217ebbb1db4b4dfdb7a372affb474ac428e5f1ce53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
6305440
edge-cache-tag
611941327330791342948786352276644257630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
260
req-referer
https://www.bbv-net.de/
content-length
109888
x-request-id
0eaee0f9cbd64bdd322b682ac8b17226
x-backend-name
US_nlb101
x-served-by
cache-iad-kjyo7100108-IAD, cache-iad-kjyo7100103-IAD, cache-iad-kjyo7100046-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=112413,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.636766,VS0,VE0
etag
"d3a4218015f56ff1a75e36bc6a3a6dc5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 4
e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a5518ffcb64618cb89fa266df36e6a86240dd1abd52c38e3d8e5537c2182279

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
age
1998163
edge-cache-tag
365234063217138398643738586156670388386,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
365234063217138398643738586156670388386,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
401
req-referer
https://www.augsburger-allgemeine.de/
content-length
108670
x-request-id
20b84df66902c744d81ed6dae20a6b4a
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kiad7000129-IAD, cache-iad-kiad7000140-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 21 Aug 2023 09:06:36 GMT
server
nginx
x-timer
S1701948483.636800,VS0,VE3
etag
"518fe5260a9ba5956b6aa81b647f6895"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 47, 1
1bc5b7613fdc113491899ae58106025a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		83 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ffce6c7f92604f0a6ae54480ff874f5faff5d263e5f0ad777da869961b048627

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
age
3651191
edge-cache-tag
353516718184282470301678459139997834524,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
353516718184282470301678459139997834524,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
238
expiration
expiry-date="Sun, 12 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://cdn.taboola.com/
content-length
84628
x-backend-name
LA_nlb201
x-served-by
cache-iad-kcgs7200047-IAD, cache-iad-kcgs7200072-IAD, cache-lax-kwhp1940066-LAX, cache-iad-kjyo7100118-IAD, cache-fra-eddf8230105-FRA
last-modified
Thu, 12 Oct 2023 08:23:11 GMT
server
nginx
surrogate-reporting
width=1200,height=666,bytes=159358,owidth=1200,oheight=720,obytes=183021
x-timer
S1701948483.665181,VS0,VE2
etag
"9bbe0e2d126d685abac5dcb37b9d0930"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 10, 1, 5, 1
9159726a9e8733feecd3ca57e70b8c86.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9159726a9e8733feecd3ca57e70b8c86.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62f8f89c7c10c6596923356a3930aef6d37520840d11fc7adcb8e41fcb739232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9159726a9e8733feecd3ca57e70b8c86.png
age
3807477
edge-cache-tag
620640840769782493533731761904228975662,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
620640840769782493533731761904228975662,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
248
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
65248
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100054-IAD, cache-iad-kiad7000144-IAD, cache-iad-kjyo7100119-IAD, cache-fra-eddf8230105-FRA
last-modified
Sun, 20 Aug 2023 11:12:06 GMT
server
nginx
x-timer
S1701948483.668254,VS0,VE2
etag
"3906ea86bc2525a037f6a1daa724c81d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 242, 1
playerConfig
socket.unibots.in/website/ 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://socket.unibots.in/website/playerConfig?playerName=bg3.co_1695642730139
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
172.104.206.52 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-104-206-52.ip.linodeusercontent.com
Software
/ Express
Resource Hash
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 11:28:03 GMT
keep-alive
timeout=5
x-powered-by
Express
content-length
3737
etag
W/"e99-DlD8MarDyco2rkZchfDXSV4nBa4"
content-type
application/json; charset=utf-8
next-up-widget.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d3ba2dd793163976ed8cbf58f14969a54c0199786ffd4106e7305265dfbbf786

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
1DlWM8t2cgNazswwsssudVC1lKan_tAA
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
8A4AZBTVKRM13J0T
age
82397
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
WBsjzijxwy89zFTR97cT49tP+4swaK/qLdUwVblyZcbSgU5lhdRsVEwDtSBtMK3iY0N5WfoN2lQ=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:45 GMT
server
AmazonS3
x-timer
S1701948483.599914,VS0,VE0
etag
"ce00119c53fd10b3010e5ff1dbc83cf3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
57
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
16186
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A922%7D%22%2C%22eventTime%22%3A1701948482587%7D&tim=12%3A28%3A02.587&id=5430&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		93 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cde5a918a885932bb72c4b4e07bd23ffd0322033893c35ec2060ac6dfbd97aa3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
2863799
edge-cache-tag
611941327330791342948786352276644257630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
185
req-referer
https://www.suedkurier.de/
content-length
94928
x-request-id
ad2dd254c2b80d926d241c04f6c785a8
x-backend-name
LA_nlb203
x-served-by
cache-iad-kjyo7100025-IAD, cache-iad-kjyo7100025-IAD, cache-sna10741-LGB, cache-iad-kcgs7200105-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=1000,height=500,bytes=101501,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.673866,VS0,VE0
etag
"d620aae80c6cfd6f361a6ff6f5e67121"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 0, 3
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e871401740a67d7da6d57de355de7b4dae0f855d45db154fc3de1187fda64559

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
3089190
edge-cache-tag
611941327330791342948786352276644257630,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
758
req-referer
https://www.con-nect.de/
content-length
186864
x-request-id
3eb3217ffd52f7b6caed0e836fb91543
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000113-IAD, cache-iad-kiad7000113-IAD, cache-sna10747-LGB, cache-iad-kiad7000024-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=800,height=600,bytes=94456,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.675915,VS0,VE0
etag
"0993187ae35f2e105960f66d06b1d0c1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 13, 2
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.9375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A28%3A02.594&id=9889&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=12%3A28%3A02.598&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=590&cv=20231206-6-RELEASE&lt=deflated&pct=1
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:02 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
29678
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 11:13:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 11:28:02 GMT
spa-detector.20231206-6-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231206-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1deac4068c4fe8f2d9bc02c029820f15ab20ca95bd817972e319bbe9db6fae9a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
s6mqdoqh5oTAjrm49mAHgifLIwXzICr1
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:02 GMT
x-amz-request-id
7M83CZ783087NZPT
age
82386
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
778
x-amz-id-2
YXZqTHJ7rJVaBd+QJyRLtJ+VielujSbQS2Bf0fHflgRKbD3o6UnqYq+u8Ip73hroUrWqLwGe4RY=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 06 Dec 2023 12:34:57 GMT
server
AmazonS3
x-timer
S1701948483.636892,VS0,VE0
etag
"0446896142e153d41b2117b1d9223354"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
51
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
85486
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A28%3A02.598&id=99&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1701948482599%7D&tim=12%3A28%3A02.599&id=1817&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=12%3A28%3A02.600&id=2906&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&tvi2=-2&tvi48=10638&tvi50=13622&lti=deflated&ri=30ac452ff53db0eb3135be0f150cb421&sd=v2_c997d2fb79ab949c2813de7d08320568_14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2_1701948482_1701948482_CNawjgYQ2YJdGOPDo6DEMSABKAEwODib4wlAgYoQSOK82QNQ____________AVgAYABotZfUqf3u3sIHcAA&ui=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&pi=/a/lei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&wi=6039441594092417604&pt=text&vi=1701948482019&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1701948482601%7D&tim=12%3A28%3A02.601&id=3282&llvl=2&cv=20231206-6-RELEASE&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:02 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
1bc5b7613fdc113491899ae58106025a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29c9755af42608e78009e55806e14992b5db70479ff447ff5eef196ef05e17ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
age
3426171
edge-cache-tag
353516718184282470301678459139997834524,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
353516718184282470301678459139997834524,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
248
expiration
expiry-date="Thu, 02 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.freenet.de/
content-length
27162
x-backend-name
US_nlb102
x-served-by
cache-iad-kjyo7100113-IAD, cache-iad-kjyo7100085-IAD, cache-iad-kjyo7100158-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 02 Oct 2023 15:38:21 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=52535,owidth=1200,oheight=720,obytes=183021
x-timer
S1701948483.698856,VS0,VE0
etag
"4d389ca2f1c5a7c7571309c2f9164dac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 3
9159726a9e8733feecd3ca57e70b8c86.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9159726a9e8733feecd3ca57e70b8c86.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7740b9b85025fba77d743a80962ddd88d4100656d23e71ab43638c62a2d8b136

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9159726a9e8733feecd3ca57e70b8c86.png
age
1900112
edge-cache-tag
620640840769782493533731761904228975662,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
620640840769782493533731761904228975662,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
174
expiration
expiry-date="Wed, 20 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.ouest-france.fr/
content-length
27038
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000088-IAD, cache-iad-kiad7000088-IAD, cache-sna10731-LGB, cache-iad-kcgs7200048-IAD, cache-fra-eddf8230105-FRA
last-modified
Sun, 20 Aug 2023 11:12:06 GMT
server
nginx
x-timer
S1701948483.702389,VS0,VE0
etag
"3906ea86bc2525a037f6a1daa724c81d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 554, 3
e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		94 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
14ccc74038da321fa39f6b52cf20926a47da82650f7cb70f5e780a0e8f685860

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
age
3784091
edge-cache-tag
365234063217138398643738586156670388386,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
365234063217138398643738586156670388386,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
207
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://gourmand.viepratique.fr/
content-length
96590
x-backend-name
LA_nlb203
x-served-by
cache-iad-kiad7000027-IAD, cache-iad-kcgs7200124-IAD, cache-sna10747-LGB, cache-iad-kcgs7200104-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 21 Aug 2023 09:26:53 GMT
server
nginx
x-timer
S1701948483.705731,VS0,VE0
etag
"5534c31b7ad68b0e3e49eb1b693a18c3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 63, 1, 3, 2
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0e9612b18833318e084d02afbaa380a2a29b5b8146b2b2e63de2674dc980013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
926231
edge-cache-tag
611941327330791342948786352276644257630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
456
req-referer
https://www.bbv-net.de/
content-length
8676
x-request-id
583f4e333bf800f6cd3f1f4b109ff280
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-lax10670-LGB, cache-iad-kcgs7200128-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=14751,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.714689,VS0,VE3
etag
"e3a495e121252ba60898ac150753398d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 1
e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2372883748dc5dbdee04ea6b4014dd300e0b70e6154978b00bd74c47a06d46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
age
2736193
edge-cache-tag
365234063217138398643738586156670388386,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
365234063217138398643738586156670388386,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
58
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.telesurtv.net/news/venezuela-seguridad-operacion-20230923-0011.html
content-length
10604
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000099-IAD, cache-iad-kjyo7100103-IAD, cache-iad-kiad7000176-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 21 Aug 2023 10:33:38 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1694,oheight=998,obytes=290525
x-timer
S1701948483.728377,VS0,VE2
etag
"198282bef633946a1d17d53c244033fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 19, 1
1bc5b7613fdc113491899ae58106025a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c5bda3072bb2d244e165935c6511820c734392e95d75cc0b04469d2a4250ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
age
2058223
edge-cache-tag
353516718184282470301678459139997834524,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
353516718184282470301678459139997834524,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
363
expiration
expiry-date="Sun, 19 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://alltagtipps.de/
content-length
9658
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000086-IAD, cache-iad-kiad7000140-IAD, cache-lax-kwhp1940070-LAX, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230105-FRA
last-modified
Thu, 19 Oct 2023 11:07:52 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=21315,owidth=1200,oheight=720,obytes=183021
x-timer
S1701948483.731654,VS0,VE1
etag
"574f2842e27f0bb7f19ea36165904ca7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
66ea87cba2d462905a3c7ec5ce8d11b1.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66ea87cba2d462905a3c7ec5ce8d11b1.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d644b5151c2d9a2694245d884db8712add684c01b8537e53347b3fc07fdf6da4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/66ea87cba2d462905a3c7ec5ce8d11b1.jpeg
age
270754
edge-cache-tag
447577569271238000185750107649157407603,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
447577569271238000185750107649157407603,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
57
req-referer
https://www.espn.com/
content-length
3852
x-request-id
85f338596bb4a7b83f3683db75696211
x-backend-name
LA_nlb201
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kjyo7100110-IAD, cache-lax-kwhp1940052-LAX, cache-iad-kcgs7200094-IAD, cache-fra-eddf8230105-FRA
last-modified
Fri, 01 Dec 2023 22:24:14 GMT
server
nginx
surrogate-reporting
width=1000,height=555,bytes=20093,owidth=1000,oheight=600,obytes=29069
x-timer
S1701948483.737121,VS0,VE0
etag
"2be42254a98af8f49c46579ebb3e3156"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 2
5c55edc890804ea9a01633a2bd64d895.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c55edc890804ea9a01633a2bd64d895.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
042194c884380bb27b6e8ec85ba0a5aa16d765ee0d7e5ff8944d807b75335864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5c55edc890804ea9a01633a2bd64d895.jpg
age
4941437
edge-cache-tag
587833980858949775455408474900796942892,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
587833980858949775455408474900796942892,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
61
expiration
expiry-date="Mon, 28 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.guitarthai.com/
content-length
12280
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000034-IAD, cache-iad-kiad7000067-IAD, cache-sna10725-LGB, cache-iad-kcgs7200164-IAD, cache-fra-eddf8230105-FRA
last-modified
Fri, 28 Jul 2023 09:12:04 GMT
server
nginx
x-timer
S1701948483.746249,VS0,VE0
etag
"84472ea3081565aab804ca054b697edf"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 1, 33, 3
a6cab587146a4e00a904597e605804ee.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f0e9612b18833318e084d02afbaa380a2a29b5b8146b2b2e63de2674dc980013

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a6cab587146a4e00a904597e605804ee.jpg
age
926231
edge-cache-tag
611941327330791342948786352276644257630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
611941327330791342948786352276644257630,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
456
req-referer
https://www.bbv-net.de/
content-length
8676
x-request-id
583f4e333bf800f6cd3f1f4b109ff280
x-backend-name
LA_nlb202
x-served-by
cache-iad-kjyo7100146-IAD, cache-iad-kcgs7200033-IAD, cache-lax10670-LGB, cache-iad-kcgs7200128-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 25 Sep 2023 11:57:24 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=14751,owidth=1000,oheight=600,obytes=129403
x-timer
S1701948483.761756,VS0,VE0
etag
"e3a495e121252ba60898ac150753398d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 8, 2
e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
6f2372883748dc5dbdee04ea6b4014dd300e0b70e6154978b00bd74c47a06d46

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/e372f060-346b-4815-8ec1-fdb65f9f5903__ug4SO2GB.jpg
age
2736193
edge-cache-tag
365234063217138398643738586156670388386,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
365234063217138398643738586156670388386,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
58
expiration
expiry-date="Thu, 21 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.telesurtv.net/news/venezuela-seguridad-operacion-20230923-0011.html
content-length
10604
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000099-IAD, cache-iad-kjyo7100103-IAD, cache-iad-kiad7000176-IAD, cache-fra-eddf8230105-FRA
last-modified
Mon, 21 Aug 2023 10:33:38 GMT
server
nginx
surrogate-reporting
width=160,height=160,owidth=1694,oheight=998,obytes=290525
x-timer
S1701948483.761745,VS0,VE0
etag
"198282bef633946a1d17d53c244033fb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 19, 2
1bc5b7613fdc113491899ae58106025a.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9c5bda3072bb2d244e165935c6511820c734392e95d75cc0b04469d2a4250ab6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1bc5b7613fdc113491899ae58106025a.jpeg
age
2058223
edge-cache-tag
353516718184282470301678459139997834524,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
353516718184282470301678459139997834524,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
363
expiration
expiry-date="Sun, 19 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://alltagtipps.de/
content-length
9658
x-backend-name
LA_nlb202
x-served-by
cache-iad-kiad7000086-IAD, cache-iad-kiad7000140-IAD, cache-lax-kwhp1940070-LAX, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230105-FRA
last-modified
Thu, 19 Oct 2023 11:07:52 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=21315,owidth=1200,oheight=720,obytes=183021
x-timer
S1701948483.791881,VS0,VE0
etag
"574f2842e27f0bb7f19ea36165904ca7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 2
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C5D3 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fdacc3071a4aa385d0442dfb5ec8132af9e4376dbab4ee4ce4219bee84ab1663
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10288
x-xss-protection
0
server
cafe
etag
3645780602701634517
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:03 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 9FFF 		714 B
784 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
4652
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
831c6c41be449bac-FRA
content-encoding
br
content-type
text/html
date
Thu, 07 Dec 2023 11:28:02 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gtYlYpWbOaKs5rFtOgJ%2BpOjzQ47jsn9JatlsDCSfRsE0s3dSj0PNzGfdTQoGwTukuWRtowPVNZ3%2B1s1pV57JMy5RZAQJFh4O9W164ThPsscgXHfBpRwI%2FoXc1qf%2FxHaXjJWI%2FVDjkFZ4p0lBBg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4EC7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 11:28:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 07 Dec 2023 11:28:02 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:28:03 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
st
imprammp.taboola.com/ Frame 8881 		577 B
478 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&cmcv=&pix=undefined&cb=1701948482866&uv=3364&tms=1701948482866&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=88929fa6-3022-4328-b843-9c58a24c9b6c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a160560ab8733442dbd899a704a6cb4c3d7c06ff944e145c65894974ef173cdb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Dec 2023 11:28:02 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230105-FRA
x-timer
S1701948483.880986,VS0,VE10
sync
am-match.taboola.com/ Frame 3645 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
a160560ab8733442dbd899a704a6cb4c3d7c06ff944e145c65894974ef173cdb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Dec 2023 11:28:02 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701948482869&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1580&pt=1674462963&tz=60&viewable=true&ddast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a3e4d093a76331483f851bf9a38a8dfe94f76574210f38171001f46e0b007a7

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 07 Dec 2023 11:28:02 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1472
x-cache
MISS
x-served-by
cache-fra-eddf8230105-FRA
pragma
no-cache
server
nginx
x-timer
S1701948483.883289,VS0,VE51
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 9FFF 		91 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb3425609fb2c78af58dbfde65510a0a00db4cfb748e86cc3dee4d5da06e498c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29914
x-xss-protection
0
server
cafe
etag
156 / 19698 / 31080009 / config-hash: 16835354973066905572
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:03 GMT
generic
match.adsrvr.org/track/cmf/ Frame 3645 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 3645 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8b08:3c9:f238:ee96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame EA3B 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 11:28:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 8881 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&cmcv=&pix=undefined&cb=1701948482866&uv=3364&tms=1701948482866&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=88929fa6-3022-4328-b843-9c58a24c9b6c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 8881 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&cmcv=&pix=undefined&cb=1701948482866&uv=3364&tms=1701948482866&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=88929fa6-3022-4328-b843-9c58a24c9b6c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8b08:3c9:f238:ee96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 7F97 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&cmcv=&pix=undefined&cb=1701948482866&uv=3364&tms=1701948482866&abt=adxsub-out_vA!adxsub-out_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=88929fa6-3022-4328-b843-9c58a24c9b6c&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 07 Dec 2023 11:28:03 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_6_4/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-meta-mtime
1701778998
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26TJTXHVDRTFD2ZP
age
169424
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701778999
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
D11YbJi7BRcJBmEOxhI/5KpihneAZ2wXjDQzD2lk9UUfX0wV6fcwM7b5WSiK+K4/3Xq6QPtdbAE=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Tue, 05 Dec 2023 12:23:20 GMT
server
AmazonS3-br
x-timer
S1701948483.963317,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
211974
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_6_4/infra/ 		603 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
d301793f9d9b3f3d1cdf530c5a1b98e1340eae0319e105465762221048167496

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-meta-mtime
1701778989
date
Thu, 07 Dec 2023 11:28:02 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
26TK9GVFF28RNW58
age
169423
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701778990
x-amz-meta-mode
33188
content-length
123317
x-amz-id-2
qGJFL1ZQZrFthBMGobkDgZBLnOQmcgvXOW5LX8c/Tal7Sey6mHr9DAcCqS4l28Nf35Yxbt4xSBY=
x-served-by
cache-fra-eddf8230117-FRA
last-modified
Tue, 05 Dec 2023 12:23:11 GMT
server
AmazonS3-br
x-timer
S1701948483.963196,VS0,VE0
etag
"0f642ea35e4a52263a9b66a152383d5b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
167058
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
2771438
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1701948483.070752,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
48519
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.8.0/ 		430 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.8.0/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f3e15c8c652037a48cdfd166c79433f19ccedbf4d660770128a4ed2f3f4ce64f

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-meta-mtime
1701937093
date
Thu, 07 Dec 2023 11:28:03 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
DY8CW7P33VNXSE6D
age
11348
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1701937106
x-amz-meta-mode
33188
content-length
82572
x-amz-id-2
JbgQzGIYRfx90kHdOwkvo5KHzkd468BcjYAjUXE5qrsgRA9pH2f8tVfFQ/C787DyAEmsgM16AR0=
x-served-by
cache-fra-eddf8230117-FRA
last-modified
Thu, 07 Dec 2023 08:18:27 GMT
server
AmazonS3-br
x-timer
S1701948483.083497,VS0,VE0
etag
"17b4a4e13dee57aa61a6da79cb58624c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
22466
sync
am-match.taboola.com/ Frame AD15 		422 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_6_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
81febe044b6c003d2c2b6ee8c098eed79383edf065492ca00126e58077236a8f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Thu, 07 Dec 2023 11:28:03 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&cmcv=&pix=31579697&cb=1701948483071&uv=3364&tms=1701948483071&su=3&abt=adxsub-out_vA!adxsub-out_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-length
0
server
nginx
usync.js
eus.rubiconproject.com/ Frame 7F97 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:28:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71198
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:41 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Thu, 07 Dec 2023 11:28:03 GMT
via
1.1 795296520f6c881b9bc43c02feb87e9a.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
WAW51-P3
age
2739574
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1701948483.106981,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
xtvdtXdg65Tse6z_ZJhus8xqGCETujMuNl_HaJqQ-1vnBjJJMisxCQ==
x-cache-hits
153468
usync.js
eus.rubiconproject.com/ Frame EA3B 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:28:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71198
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:41 GMT
L2EvbGVpLXNlLWxpbi10aWUteGluLWh1YW4tcWluLW1pLXpoYW8tZGEtZ29uZy1rYWktc2hlbi1taS1tZWktbmFuLXNoZW4tZmVuLXB1LWd1YW5nLWNoYW8tbGlhbmctcmVuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvbGVpLXNlLWxpbi10aWUteGluLWh1YW4tcWluLW1pLXpoYW8tZGEtZ29uZy1rYWktc2hlbi1taS1tZWktbmFuLXNoZW4tZmVuLXB1LWd1YW5nLWNoYW8tbGlhbmctcmVuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

expires
Fri, 06 Dec 2024 11:28:03 GMT
date
Thu, 07 Dec 2023 11:26:38 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
DE
usync.js
eus.rubiconproject.com/ Frame 4EC7 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.217.60 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-217-60.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 11:28:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 07 Dec 2023 07:14:08 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=71198
Connection
keep-alive
Content-Length
13236
Expires
Fri, 08 Dec 2023 07:14:41 GMT
generic
match.adsrvr.org/track/cmf/ Frame AD15 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
server
Kestrel
content-length
70
content-type
image/gif
14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2
pr-bh.ybp.yahoo.com/sync/taboola/ Frame AD15 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8b08:3c9:f238:ee96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame AD15 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.69.104.214 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-69-104-214.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/ Frame 9FFF 		432 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31080009
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
57312
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138184
x-xss-protection
0
server
cafe
etag
495798054771589180
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:32:51 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C5D3 		148 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c37321d2ce3b43bd0e279ad4754f93075302f143ee476208ff103f23bfc7b5ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51699
x-xss-protection
0
server
cafe
etag
11703754004496890854
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:03 GMT
mvp_parent.json
cdn.unibotscdn.com/clientdata/ 		10 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/mvp_parent.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
9c2ebabdf68779970e282735240edc1418cda1c73fe35313e516fd565e81875e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
gzip
cdn-edgestorageid
1079
cdn-storageserver
DE-679
cdn-cachedat
11/22/2023 20:57:13
cdn-pullzone
873945
last-modified
Fri, 27 Oct 2023 10:03:08 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
421
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
e9d944452882472e6b6960da33af2289
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
khaos.json
token.rubiconproject.com/ Frame EA3B 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
khaos.json
token.rubiconproject.com/ Frame 4EC7 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
khaos.json
token.rubiconproject.com/ Frame 7F97 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
54ae5f20a7acdd83fd00ddb00e96a2c1
Expires
0
basic_upr.json
cdn.unibotscdn.com/clientdata/ 		35 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/basic_upr.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
c1986f81b3342c60bfd10d9b0c77af2a7b855679cfaba546f4f2891798470b53

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
gzip
cdn-edgestorageid
863
cdn-storageserver
DE-383
cdn-cachedat
12/06/2023 12:37:26
cdn-pullzone
873945
last-modified
Wed, 06 Dec 2023 12:37:15 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
657
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
ec4dc6d3c8e7ab493c383bedc6c187eb
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
socket.io.min.js
cdn.socket.io/4.5.4/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.socket.io/4.5.4/socket.io.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-13.fra56.r.cloudfront.net
Software
Vercel /
Resource Hash
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Sun, 29 Oct 2023 16:47:17 GMT
content-encoding
gzip
via
1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
strict-transport-security
max-age=63072000
x-amz-cf-pop
FRA56-C1
age
3555253
x-cache
Hit from cloudfront
content-disposition
inline; filename="socket.io.min.js"
server
Vercel
x-vercel-id
fra1::58txd-1698598036852-d74a80e9fa02
etag
W/"db9bf2a88958a37857fb8f7b56e0fe04"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
x-amz-cf-id
_e1rnxMLWea1MsAK85ESrM_p48q6Z7QPSocjPrzXpludQiLKqKmEpQ==
prebid.js
cdn.unibotscdn.com/player/prebid/ 		502 KB
161 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/player/prebid/prebid.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
2139fcb6d5586442247ed31ab4133bfa6395b51ff5765df3f7cebf86ac809048

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-677
cdn-cachedat
11/21/2023 11:20:02
cdn-pullzone
873945
last-modified
Tue, 21 Nov 2023 11:19:52 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"655c9258-7d8ab"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
0290260d79fe3dde9fa0424c1578f989
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
ads
securepubads.g.doubleclick.net/gampad/ Frame 9FFF 		492 B
264 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2867850618471234&correlator=614497087803586&eid=31079970%2C31080009&output=ldjh&gdfp_req=1&vrg=202311290101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1701948483376&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=rll009hfycg5&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2004743640.1701948483&ga_sid=1701948483&ga_hid=155982348&ga_fc=false&dlt=1701948482870&idt=482&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31080009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2916e02cc3e622dfe51c43aa0745d0729613cbf643d408e02b37ffb8a276467e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9FFF 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311290101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31080009
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
09bd67f19e799d937ea065af8e2e7277a8795edfd6f0b46ee6b0b0e06d6dffbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12405
x-xss-protection
0
container.html
28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F117 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31080009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 11:28:03 GMT
expires
Fri, 06 Dec 2024 11:28:03 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/ Frame C5D3 		399 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31080037
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1c5f7d626e95ded296e75bc21b211086d756ca0dcc7ecf10884a5d4efbde29d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137978
x-xss-protection
0
server
cafe
etag
16479592368712000727
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:03 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/ Frame A992 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231205/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
66562
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4130
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 16:58:41 GMT
etag
5585625838579639069
expires
Wed, 20 Dec 2023 16:58:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
pro.ip-api.com/json/ 		114 B
270 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pro.ip-api.com/json/?fields=query,status,message,countryCode,country,city,region&key=LWKtz4EzQwMJRyQ
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
51.77.64.70 , Germany, ASN16276 (OVH, FR),
Reverse DNS
de-fra-1.pro.ip-api.com
Software
/
Resource Hash
a2b60c0eb81488176b3d870011e44e8464248c90afe2ef3d321cb4f5e8a953df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 07 Dec 2023 11:28:03 GMT
Content-Length
114
Content-Type
application/json; charset=utf-8
bg3.co_1695642730139.js
cdn.unibotscdn.com/clientdata/js/ 		667 B
848 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.co_1695642730139.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
1048
cdn-storageserver
DE-662
cdn-cachedat
09/26/2023 10:16:02
cdn-pullzone
873945
last-modified
Tue, 26 Sep 2023 10:14:53 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6512af1d-29b"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
741e907907f85ad03b12f00158c90eed
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-168
cdn-cachedat
12/03/2023 09:30:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
bb923b0d038e576dce53d3bc07c93e73
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-679
cdn-cachedat
11/22/2023 20:45:57
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
530e31a1b796cf01ff1152e374ddb330
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-677
cdn-cachedat
11/10/2023 21:11:01
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
8a4f3a1e20a820e43679ef84def31267
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.co_1695642730139.css
cdn.unibotscdn.com/clientdata/css/ 		446 B
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.co_1695642730139.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
8da15869533413a8810952099d847cabad8a0e58e5d62199bb429789560fb4ef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-662
cdn-cachedat
12/06/2023 10:50:51
cdn-pullzone
873945
last-modified
Wed, 06 Dec 2023 10:48:46 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
374
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"6570518e-1be"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
d7f51ed573f188d3834da9e7a1b8f421
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
main.css
cdn.unibotscdn.com/ubplayer/mvp/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
cdn-edgestorageid
1078
cdn-storageserver
DE-382
cdn-cachedat
11/26/2023 21:30:07
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 05:21:29 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e83a59-1333"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
f5e4735935aae58fd1f42fa9625c97bc
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ab2bdee249dc6f9a8858d65ec384ef177257e47f2b5d784e9c1caf4d82fa11f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128281
x-xss-protection
0
expires
Thu, 07 Dec 2023 11:28:03 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
048f6186f9062224ea85ba9e7e317bc37ae88c6986d70cd756c9eae5011f7c01
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91992
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 11:28:03 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:1c22:376c:9c1e:cbbf Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=-2&tvi48=10638&tvi50=13622&route=AM%3AAM%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
13
date
Thu, 07 Dec 2023 11:28:03 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7881
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230105-FRA
pragma
no-cache
server
nginx
x-timer
S1701948484.565200,VS0,VE13
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
712 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Thu, 07 Dec 2023 11:28:03 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
18392
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1701948484.612526,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
4
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
13622
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3bt0v886690812&_p=1701948481686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1249414168.1701948482&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701948483&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dt=%E9%9B%B7%E7%91%9F%E7%90%B3%E8%B2%BC%E6%96%B0%E6%AD%A1%E8%A6%AA%E5%AF%86%E7%85%A7%E5%A4%A7%E5%85%AC%E9%96%8B%E3%80%80%E7%A5%9E%E7%A7%98%E7%BE%8E%E7%94%B7%E8%BA%AB%E5%88%86%E6%9B%9D%E5%85%89%E8%B6%85%E9%A9%9A%E4%BA%BA%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=4217
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9FFF 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311290101/pubads_impl.js?cb=31080009
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 11:28:03 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 5AFF 		29 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31080037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9673d07ef6b4d82f77a4d8dde6f05ac7c7fc0dcf76888185a238294a5fe0009
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
12826
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 11:28:04 GMT
expires
Thu, 07 Dec 2023 11:28:04 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame C5D3 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231205&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31080037
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
75726dfa52798862c8c0420b0642670dc1be293d293bbb8355154164cd6af7e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12192
x-xss-protection
0
video.min.js
vjs.zencdn.net/7.11.4/ 		524 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vjs.zencdn.net/7.11.4/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230069-FRA
date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
gzip
last-modified
Thu, 04 Feb 2021 16:37:54 GMT
etag
"dca7de69f28da40d65353c2e9323442b"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
148475
x-cache-hits
3
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C5D3 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31080037
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Thu, 07 Dec 2023 11:28:03 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F170 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 09:57:52 GMT
expires
Fri, 06 Dec 2024 09:57:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9B6A 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
607405779fb9f1336fb0a4d3561d65bcf2b10137ffd2c75269b01889bf285a08
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-P5FXE6wfkDWcIiYqyoHQxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-P5FXE6wfkDWcIiYqyoHQxA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 11:28:04 GMT
expires
Thu, 07 Dec 2023 11:28:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9523 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
5412
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 09:57:52 GMT
expires
Fri, 06 Dec 2024 09:57:52 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame CA9D 		829 B
768 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f125a9ac9517587d75353f5901ceb12de8196c4b8a34b323ceaa0d55556f44e3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-aJpu2jXgmCcNLUBZtX1qqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-aJpu2jXgmCcNLUBZtX1qqw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 11:28:04 GMT
expires
Thu, 07 Dec 2023 11:28:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
11/28/2023 14:30:36
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d5d4af5e1b58b4881eab5ea508a4486c
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-51
cdn-cachedat
11/22/2023 20:46:41
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
914e9d8bd714eac0bf1a073303206e5f
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:50:43
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
98d342b77cc77e259ef12285061bae86
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-662
cdn-cachedat
11/28/2023 15:03:46
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d571a9aa78b52f24b8bcbc71e26b19ba
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
7d18cec3-6284-4381-8855-c6d38e4ad27b
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/7d18cec3-6284-4381-8855-c6d38e4ad27b
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/player/mvp/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
140d483675703e479c78ee0110eb1966a9e33b14ab5a14013cb4c6181c49b91c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93128
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 11:28:04 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e0cfee6f1e9277dba42dff6aaa6c7199042f843c3525ac4dcdeaceb2d4a8abe5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93098
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 07 Dec 2023 11:28:04 GMT
98e6f270-c938-4fee-8ebd-b4e8a51db68e
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/98e6f270-c938-4fee-8ebd-b4e8a51db68e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
998bcb7f-f654-41e8-b17b-88aa88c856d9
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/998bcb7f-f654-41e8-b17b-88aa88c856d9
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame F170 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
5429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 09:57:35 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1076:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1076 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:34
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-1076
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
eeb8e0682821d375995019e12f93d6eb
cdn-requestcountrycode
SE
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/mvp/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.199.37.230 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
138-199-37-230.bunnyinfra.net
Software
BunnyCDN-DE1-864 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-676
cdn-cachedat
10/31/2023 18:58:25
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
df5fd9c5c06761e734cadcefdedb308a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
bridge3.607.0_en.html
imasdk.googleapis.com/js/core/ Frame 92EB 		751 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
210034
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246373
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Dec 2023 01:07:30 GMT
expires
Wed, 04 Dec 2024 01:07:30 GMT
last-modified
Fri, 01 Dec 2023 00:14:15 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 07 Dec 2023 11:28:04 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6189 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 10:44:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2643
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 07 Dec 2023 11:44:01 GMT
playlist.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/ 		171 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/playlist.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
gzip
cdn-edgestorageid
1048
cdn-storageserver
NY-267
cdn-cachedat
04/11/2023 16:02:55
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:44:02 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
354
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
7a91308551c2547eec435975c6f9b561
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dd3bce2b-6c40-46cd-87d8-e9778c0b2256
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/dd3bce2b-6c40-46cd-87d8-e9778c0b2256
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
0a14fdd5-d0c4-4dc6-9813-c393c0832668
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/0a14fdd5-d0c4-4dc6-9813-c393c0832668
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
70ad324f-24a8-4728-80b3-a6a753351368
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/70ad324f-24a8-4728-80b3-a6a753351368
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame 9523 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
5429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 09:57:35 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 4379 		624 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY4vOB-AEwAQ&v=APEucNULToGjkBlcLMk2YVZTrKltivNM_wVhe4t7UTh63hANJ1A5QHpbjnRu74INrMS_tBoCBi0wiTnpk89JyWxMOBsqKOL--Imf75AAwYo669XBhwzx6YdBPssBXIGVjPgw6pMPUtBODTUfj39goIS-zoahG2-D4DFS7a_3G79XqT8zj2wWuRA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 07 Dec 2023 11:28:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame D743 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31485
x-xss-protection
0
server
cafe
etag
7119415641918660631
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:04 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame D743 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
5430
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 21 Dec 2023 09:57:34 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/ Frame D743 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231205/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:43:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
56667
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8571
x-xss-protection
0
server
cafe
etag
5853369240893788875
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 19:43:37 GMT
l
www.google.com/ads/measurement/ Frame D743 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRcLJ7IgOtGWPvjxYMs2iHM7icQM5Ab64OWfq0S1tcu8ppmh0dahxAl_t_sxW72_bfqIOz0k_tNgBKN_2OPujOokAS-0g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame D743 		202 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65145
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1701866768669483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 07 Dec 2023 11:28:04 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D743 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BYha4Te8af_VP7au_r2hSd2gAxMhPGCyX7y3p9IzC963SQCBRQM01MJIi23Hx1pTwathFihQHcZcyUX8ajwSCIhAFbOoRPrJRjpe1ZpfbBC7bfkRI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame F170 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?aHVjxQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
video.m3u8
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		4 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video.m3u8
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
gzip
cdn-edgestorageid
864
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 19:01:47
cdn-pullzone
829957
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
301
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
5eb1d4900072a1afe0714dd8cebe10fd
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame 9B6A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311290101&jk=2867850618471234&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame CA9D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231205&jk=715422507190966&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
video0.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		337 KB
338 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video0.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-164
cdn-cachedat
10/31/2023 19:00:16
cdn-pullzone
829957
content-length
345356
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
7a492ccdbe7df32baa36dece8280c49f
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
generate_204
tpc.googlesyndication.com/ Frame 9523 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?RvLyjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 4379
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY4vOB-AEwAQ&v=APEucNULToGjkBlcLMk2YVZTrKltivNM_wVhe4t7UTh63hANJ1A5QHpbjnRu74INrMS_tBoCBi0wiTnpk89JyWxMOBsqKOL--Imf75AAwYo669XBhwzx6YdBPssBXIGVjPgw6pMPUtBODTUfj39goIS-zoahG2-D4DFS7a_3G79XqT8zj2wWuRA
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6jXfRHJHOvSxNbn%2BG%2F%2BbWOt4yGdX1Luz12%2FqvNRmlPGDxL0nrsUZLnc3868gGVxQZjJtU62c4TgpRPH7z7vtKfNJXa0oJaSF08FH7Y%2FxGk6W%2FNF%2BzsKeV5d2kv%2BdNHKtEw7eFv8uy76Iew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831c6c4c5aba44fe-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 4379
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXGsRHUaAKAmABPwGGFHSwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
43 B
775 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY4vOB-AEwAQ&v=APEucNULToGjkBlcLMk2YVZTrKltivNM_wVhe4t7UTh63hANJ1A5QHpbjnRu74INrMS_tBoCBi0wiTnpk89JyWxMOBsqKOL--Imf75AAwYo669XBhwzx6YdBPssBXIGVjPgw6pMPUtBODTUfj39goIS-zoahG2-D4DFS7a_3G79XqT8zj2wWuRA
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=texdqmR%2F%2FXMqPRViv5thQ9CNqfG8tjWgaXwI7o9d1Yu8av736vyexrYnm0wCjkh%2B2NjGlUcN60X%2FBKfr9Y4I70pC35Qn8MsPajePw%2Bx4EMS%2BGYC7bo7XTMUv%2BZhIIK0Cr7SMVhFnTVkAvA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
831c6c4d1bfe58e4-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEGT-vYnCQthAu4TLm5AruCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 4379
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEAR_UYNFjnXM17lkrXUDUcc&google_cver=1
43 B
837 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEAR_UYNFjnXM17lkrXUDUcc&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY4vOB-AEwAQ&v=APEucNULToGjkBlcLMk2YVZTrKltivNM_wVhe4t7UTh63hANJ1A5QHpbjnRu74INrMS_tBoCBi0wiTnpk89JyWxMOBsqKOL--Imf75AAwYo669XBhwzx6YdBPssBXIGVjPgw6pMPUtBODTUfj39goIS-zoahG2-D4DFS7a_3G79XqT8zj2wWuRA
Protocol
H2
Server
37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
an-x-request-uuid
11d274d6-466e-45f9-96e7-49982119c2ee
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
193.32.248.241; 193.32.248.241; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEAR_UYNFjnXM17lkrXUDUcc&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4379
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU1Mjc4OTIyMzI4MTQ4
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU1Mjc4OTIyMzI4MTQ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLvO5QIQj7KT9gEY4vOB-AEwAQ&v=APEucNULToGjkBlcLMk2YVZTrKltivNM_wVhe4t7UTh63hANJ1A5QHpbjnRu74INrMS_tBoCBi0wiTnpk89JyWxMOBsqKOL--Imf75AAwYo669XBhwzx6YdBPssBXIGVjPgw6pMPUtBODTUfj39goIS-zoahG2-D4DFS7a_3G79XqT8zj2wWuRA
Protocol
H2
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
an-x-request-uuid
224ba03e-7b70-42d1-bd68-7aaa86b3945f
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA0MTU1Mjc4OTIyMzI4MTQ4
x-proxy-origin
193.32.248.241; 193.32.248.241; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D743 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=137281674735&version=m202309260101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D743 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=137281674735&version=m202309260101&ct=2&x=1&cor=16747101214159362000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame D743 		77 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYL-6BGL2v3vud28WxJRMK1s82ZpDSBwrYUo12QCSjvWEtpR11HxiHzQsmXL0SYceP6u_cfYwWn4Au1WDPCV5ClS2a2nqCPD67_fpo_n8FDJUjSSN0Yo3VivlEe2rZ6Og-DIo-V0jNFgcx-FK_hHcgs_1R4Ww-OyjKdekTQAj2MYCRzBc&cry=1&dbm_d=AKAmf-A_P0bRAgVtJ6Jku8SjopswrtN1Hq2CqHz1zq-CY2FM9ECN1FlYStz4Y_08yO3p_vIbumqaOQXb6xjex3J2xb5SeVCzR7oYt1GfO1jtOPICvwW6QC_j0lCda30C20JKA9feBPJLawHyO2Kg9gfv_WB6cIISzXSs4va9fxVVZHbiWeVxnBUVc-1ewlr5Bh7hHL21Ysm16tltMM1n2EhU_xFN44FN_qPs4rtPhRxzVOHmnhUQXuDLjv2eu5SRXYtIanWRKEzKNUkcQC0BYdAYtKUxwR1vEp7WmJ-hVUpbpjiwaweVVnIZTG1-A1ppCA-DLDa-1G3tjLRi1wDN0o5a8dCIiEK78omJ_riH4s909makhWFoHcDOiZ5-hle6gJcJxZ0LC66_7cuhz-bqT7uH_CuTjTZ-upn5oy7X_w5zDLXUgTdmrvbT2E8Hd2ZtyhQjzx3OVl6jiForHU42vBEh3Xjw-ODv-MIylQuoChg5CfCannMRU6SQ3nQYNhUQT00Jo-hH6isFl1f3gl9_CW1M8f076D3TfLo0FiIhlw3RddAJkatLj-DWMsFiX-5Ug7twTAPN9ggFNgPGTXhSHFEmrYWp1GGqRV47jzNJeSxKOsTKcmtxuUO5br_tpTY-LOjYbEfUpvbmxs7g9_x4dUJxmgMbSo_aKkMklRDqC8KeJjB3FRi1vPsuTNDUOCsfZ9TSmnvUtZxHzxZg9ixYHdJXJPui-DaKVeKXCenQBGTymKUuubaI8Wfhos-GkesZ8cvRWeYiW9MYJvouKg6Ha2wMrYM-3rPiZKN6e0ts9sZQUcTjhrRhhvTkOovYDuzuDtXd43JCnYgWXR1Eabmps9lcwxxeQXJ2QaBmTAUMTA_u3-WNn37X9goJhjtelZj4vm58y9tKRs7g2StZ3SOgofofGL0LFE5pNtgkfFgBWrSmpic8wTenhCF6G6fqK3Xb1PVBSQ3fDpwIdMP06PLyBNeiHdea32H2f8aPRuWsaCexPFyeft0xIaT3S9jveQ9fIhtOeut1GtN6_mEaxFvSvLSIdtUqlCte1IVv6oCMAwI6d27-NlIwNv0THeKzVfaXdXDVtiEIdfnkW2SXTdJLplgLAUHONrYECTFiOpLGNA8pgJ_1MJNJVOMoVjBggqBC09NVHcm_uI0OsX7_vWfEwYP96Sv1UocFz_FfZKp_LmKUOz-ST2zI0WVgG6f5vPLRkvyaZtWRjDVbDUv5NXVW38HDSrs52x38e6--XvMwR4jIL9AURzo5u0C6BF2R7FH7jjTTf3DxsKS11Fn_0SsMS7ZZBZsqfg-MtTKfYsfIxvcLROXHkn3j_1arTN-50z5jUPW_KPYOcYxSmj8Y7f_rbglt_Z6sdDrMIbvhH7FcWzdzWXySCduWZCPuyP_ErJUFG12IS8Jpgb-Nr-LAERRKKcw3O6Dog7CcnkmW45N6Givy4B_tUgKdx6270i276bE72Dl9Eiv-YYnBiudjXOMeCPD2Wn0bE1HWrsTqqCDQ0WTylIEE0kQf3zRCYnZa3-YyvYL-DXxCA4dda_pYF7Jaydj9Cb3zxw9nwlCIZ-O3L6j7W3XJNgUiKaJS24CQcQsxXJiQ8WAp53_hpxqTBjDyTwdOdIKrrxSQmPQcG4SiuM5POmXoL_69s2BrTHS3eafYquvaQUjM4FCFdJEwmfZ6rmOqfJuD61bxOMBaiVJfifUg4KccJXrXJrP0MdV7-B7LG-BENF6T4419Y9q7nsK_iNUYrbnvmPJ-qS7FVe4oR-5tafoQ39Hz2ourFG6n3q4nWs5HtYElcLWZ5u_ooBy9ZYQChXKwe7wgLfEo8ZTuV8ILL4oL0tV7Y--SWOROosa4tpH4bAFEP169tkAHumJzNtLVuEnYC4US7R-66vfEnbnEctfNvDYhB3sPZp_0J2agDgRXHTi045_HbktFCG0seGyljvuZ1JzCpB53ER9YBs9gKweJ5wqpVXLscEhbJQbwlK4deL3toAgs8FWpfzQrCMdZOQEzUr-h0C4N7QaaH5AANPiKchuDgsaRlfR1PqVDpg1xkEDhpe-A9CDcTliCQNRN1kuUwrAgGJPHq8AvOt6atFyjfamkiVeTC4VztHJcML0-CAOguMBWSoFb75LI0hwtHRt2ESECmkhPAFkp8z3ZchA1SbXsB295X7-J8FD1WN2ic5noO5L6YvOLX21YimYpl7AZG9aNVaTqRIwKzPpc-jSb6pu8ep3wASaK6kZ6MsceM7U3gx2x6NwFCkhbA8bFPse1GE1g5Xp2cu_-SP4N7eCtF_l7rrNE2L3-XdF7m4zzTLad8viU3YVq6EvADc1tN9jdgVrGGefnw_ElvU7peq9uFBaHJ784lT-aXJCwcm1d9FJp1Q7HMcZYEh3BnulC-XBf7HX_NgAxv4883JILh2jEeLjCme8X8TgS-eQedNchydSLx_CHriTWVVvl7Ac6lchmFSafdBbbQ751VwrU4RBBqDzfIdFDMK0NXLWO8u2GvN_k3WW4ww5zQdfF72may3rcTsK25035TZMbuiPg8AfvV_bsc5hoCUsZ1-4N9MiZJbgxk9CNc-IRwadj5_KWtT-HGm_EmmQ9xy5Uv7VXXVL6drxNax1XUgAn-tOpr_FMeBrs2xTTnybazezNIQ-UecTA84u1gzwuvcMmVinDI3550PSok-THqBxYI-T-TMFY3HY4c1FfFEbNxRvPe9rZ_w7wvaeVc1YUqTbfjxr3kpAV5AWYJlilz-naM3_b5TRhCaMAo3Bnfcn86qHFAEBXT-PilrJNaGgqVwV7iUTiRUG2D3Rop5LV8pPl7ogYtJmOLuKD0GoKN_tb78F4xf4HmUImfibx2R5tmSi2-b8jqtQWXqmoKfZ2erdzHOXeUZAltPKkItG5BesfJSZ67qgY1Z1IYoOLx6EbY2h2VK3qkEGvZIrBUVMsmECDU1DySX79GZLKTgp3jEmXIXv4szWBdJUbtMTVR1A4VppFTB6fFbD0PNSbg7_TZCnvgj9IjHnvL8BmoTEEbcFLZQHXIR75-Q7Hs3SytU9zSm2QsfL0ygnqJ3MWvM-9nWpVS_SvmeY4289CE2Wz_rI1kMc3ZfM5_b0-wxjtu6-7ZVzXBD40zv54HBFwWUQzXAK7CA7KRhOqPA8jh_QWsyG8SydOT3d6rtyl3Eb1WHPqexnABXtHZPm0N1YdTP-GgvN-zTz66tGqxrkXuDBVNV9XZfFbbRifG6hoBQ_uVv2-fBIGuK8rGZdowO-e3OEIoG0YZIQV326yWUBQfB4ohwTZWjeg4a-mHIecku3QEW3MZEI5OJTQ8wLns_S0AFNL4N8D3xmc-pvPyZtyRcyWuRTH-kocsENOVSf10Bjohaq_s-ZlSXIrA8HzVxU7zm0Qikk_StkNwtsMQcFzkwPaSpgMbps8i8_RxCGdHAAhNCCiIF_eDNECkEwfE5miyxOHSOhCSznEPQdGzB7z7OJvCPuYdE8nrorixWlSUGDj7iSJN9BxYF6uXu3TrqPXKT5dbcT7RIjR_Q5bugwJ27hRsRE_-rWGMajbAK2EvQuXVYD1bsPvxxtHbqwAwCHHOyR5aLH4BX0MWAPvMOteY7SdQhsm6FDYMFVY2Tfq0pV6OuWCXlUrWSFTmsRWefIs4YZ-p1bNb35rF3kvMCsZQgy8Pu4ofwRi64LhyRm9cw0VVrvjJDZs45YAZat9ysaSYWiHqGWLoKbMRfDa_S86SgTC09JU4ZKPudiiaokgIMn_8sMIpyvWr_Nv0aPEHzQzQowK_TTxrzDzzABw_5Pl3L4Nct0NZQkXddO7Ht2_ucjxgEiF3iqR1F5F9NUWvgqEuKAVyWdUz3hWNAu30rKZLIrKTNvi8tj26KS8bGgZ1MXaiNdeLulDR9ZfsJBC5OUiLS57nfRSz_xXfyXZdRmzB8tw3Ax6H3rIf9w5a3hSKwxXplI-BuoAEcyFJNpFSZ0YwMYC0pPsSpyBWi1cQGY9hsBlOJ_IFG5wHLkzu_3qps-9d0oP78OMdYd6v0sOQ37_5dE&cid=CAQSKQDICaaNjQ5i8ZYuacxrqLiq-J3PTQ6Jtf11Qo0bGM3Wgy-3nIaVSX3BGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16747101214159362000&adk=224573081&idt=144&cac=0&dtd=12
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aef6753e6cccb6e8095dddf52de214913e8cf435fb8e9e328e141500d420604d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34849
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je3bt0v9134755342&_p=1701948481686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1249414168.1701948482&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1701948484&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dt=%E9%9B%B7%E7%91%9F%E7%90%B3%E8%B2%BC%E6%96%B0%E6%AD%A1%E8%A6%AA%E5%AF%86%E7%85%A7%E5%A4%A7%E5%85%AC%E9%96%8B%E3%80%80%E7%A5%9E%E7%A7%98%E7%BE%8E%E7%94%B7%E8%BA%AB%E5%88%86%E6%9B%9D%E5%85%89%E8%B6%85%E9%A9%9A%E4%BA%BA%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1&tfd=4952
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video1.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		318 KB
318 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video1.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
756
cdn-storageserver
DE-663
cdn-cachedat
11/30/2023 18:50:40
cdn-pullzone
829957
content-length
325240
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
649
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
606f3a1f9c61e1a11d46a51fd41d2bcd
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video2.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		391 KB
392 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video2.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
755
cdn-storageserver
DE-664
cdn-cachedat
08/02/2023 03:56:22
cdn-pullzone
829957
content-length
400064
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
86
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
033148019ad205a651042a08816c2000
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231206-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 07 Dec 2023 11:28:04 GMT
x-amz-request-id
9T8G4R1J257WC6ZV
age
1148
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by
cache-fra-eddf8230105-FRA
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1701948485.506756,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
91
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
7474
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/ Frame D743 		31 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYL-6BGL2v3vud28WxJRMK1s82ZpDSBwrYUo12QCSjvWEtpR11HxiHzQsmXL0SYceP6u_cfYwWn4Au1WDPCV5ClS2a2nqCPD67_fpo_n8FDJUjSSN0Yo3VivlEe2rZ6Og-DIo-V0jNFgcx-FK_hHcgs_1R4Ww-OyjKdekTQAj2MYCRzBc&cry=1&dbm_d=AKAmf-A_P0bRAgVtJ6Jku8SjopswrtN1Hq2CqHz1zq-CY2FM9ECN1FlYStz4Y_08yO3p_vIbumqaOQXb6xjex3J2xb5SeVCzR7oYt1GfO1jtOPICvwW6QC_j0lCda30C20JKA9feBPJLawHyO2Kg9gfv_WB6cIISzXSs4va9fxVVZHbiWeVxnBUVc-1ewlr5Bh7hHL21Ysm16tltMM1n2EhU_xFN44FN_qPs4rtPhRxzVOHmnhUQXuDLjv2eu5SRXYtIanWRKEzKNUkcQC0BYdAYtKUxwR1vEp7WmJ-hVUpbpjiwaweVVnIZTG1-A1ppCA-DLDa-1G3tjLRi1wDN0o5a8dCIiEK78omJ_riH4s909makhWFoHcDOiZ5-hle6gJcJxZ0LC66_7cuhz-bqT7uH_CuTjTZ-upn5oy7X_w5zDLXUgTdmrvbT2E8Hd2ZtyhQjzx3OVl6jiForHU42vBEh3Xjw-ODv-MIylQuoChg5CfCannMRU6SQ3nQYNhUQT00Jo-hH6isFl1f3gl9_CW1M8f076D3TfLo0FiIhlw3RddAJkatLj-DWMsFiX-5Ug7twTAPN9ggFNgPGTXhSHFEmrYWp1GGqRV47jzNJeSxKOsTKcmtxuUO5br_tpTY-LOjYbEfUpvbmxs7g9_x4dUJxmgMbSo_aKkMklRDqC8KeJjB3FRi1vPsuTNDUOCsfZ9TSmnvUtZxHzxZg9ixYHdJXJPui-DaKVeKXCenQBGTymKUuubaI8Wfhos-GkesZ8cvRWeYiW9MYJvouKg6Ha2wMrYM-3rPiZKN6e0ts9sZQUcTjhrRhhvTkOovYDuzuDtXd43JCnYgWXR1Eabmps9lcwxxeQXJ2QaBmTAUMTA_u3-WNn37X9goJhjtelZj4vm58y9tKRs7g2StZ3SOgofofGL0LFE5pNtgkfFgBWrSmpic8wTenhCF6G6fqK3Xb1PVBSQ3fDpwIdMP06PLyBNeiHdea32H2f8aPRuWsaCexPFyeft0xIaT3S9jveQ9fIhtOeut1GtN6_mEaxFvSvLSIdtUqlCte1IVv6oCMAwI6d27-NlIwNv0THeKzVfaXdXDVtiEIdfnkW2SXTdJLplgLAUHONrYECTFiOpLGNA8pgJ_1MJNJVOMoVjBggqBC09NVHcm_uI0OsX7_vWfEwYP96Sv1UocFz_FfZKp_LmKUOz-ST2zI0WVgG6f5vPLRkvyaZtWRjDVbDUv5NXVW38HDSrs52x38e6--XvMwR4jIL9AURzo5u0C6BF2R7FH7jjTTf3DxsKS11Fn_0SsMS7ZZBZsqfg-MtTKfYsfIxvcLROXHkn3j_1arTN-50z5jUPW_KPYOcYxSmj8Y7f_rbglt_Z6sdDrMIbvhH7FcWzdzWXySCduWZCPuyP_ErJUFG12IS8Jpgb-Nr-LAERRKKcw3O6Dog7CcnkmW45N6Givy4B_tUgKdx6270i276bE72Dl9Eiv-YYnBiudjXOMeCPD2Wn0bE1HWrsTqqCDQ0WTylIEE0kQf3zRCYnZa3-YyvYL-DXxCA4dda_pYF7Jaydj9Cb3zxw9nwlCIZ-O3L6j7W3XJNgUiKaJS24CQcQsxXJiQ8WAp53_hpxqTBjDyTwdOdIKrrxSQmPQcG4SiuM5POmXoL_69s2BrTHS3eafYquvaQUjM4FCFdJEwmfZ6rmOqfJuD61bxOMBaiVJfifUg4KccJXrXJrP0MdV7-B7LG-BENF6T4419Y9q7nsK_iNUYrbnvmPJ-qS7FVe4oR-5tafoQ39Hz2ourFG6n3q4nWs5HtYElcLWZ5u_ooBy9ZYQChXKwe7wgLfEo8ZTuV8ILL4oL0tV7Y--SWOROosa4tpH4bAFEP169tkAHumJzNtLVuEnYC4US7R-66vfEnbnEctfNvDYhB3sPZp_0J2agDgRXHTi045_HbktFCG0seGyljvuZ1JzCpB53ER9YBs9gKweJ5wqpVXLscEhbJQbwlK4deL3toAgs8FWpfzQrCMdZOQEzUr-h0C4N7QaaH5AANPiKchuDgsaRlfR1PqVDpg1xkEDhpe-A9CDcTliCQNRN1kuUwrAgGJPHq8AvOt6atFyjfamkiVeTC4VztHJcML0-CAOguMBWSoFb75LI0hwtHRt2ESECmkhPAFkp8z3ZchA1SbXsB295X7-J8FD1WN2ic5noO5L6YvOLX21YimYpl7AZG9aNVaTqRIwKzPpc-jSb6pu8ep3wASaK6kZ6MsceM7U3gx2x6NwFCkhbA8bFPse1GE1g5Xp2cu_-SP4N7eCtF_l7rrNE2L3-XdF7m4zzTLad8viU3YVq6EvADc1tN9jdgVrGGefnw_ElvU7peq9uFBaHJ784lT-aXJCwcm1d9FJp1Q7HMcZYEh3BnulC-XBf7HX_NgAxv4883JILh2jEeLjCme8X8TgS-eQedNchydSLx_CHriTWVVvl7Ac6lchmFSafdBbbQ751VwrU4RBBqDzfIdFDMK0NXLWO8u2GvN_k3WW4ww5zQdfF72may3rcTsK25035TZMbuiPg8AfvV_bsc5hoCUsZ1-4N9MiZJbgxk9CNc-IRwadj5_KWtT-HGm_EmmQ9xy5Uv7VXXVL6drxNax1XUgAn-tOpr_FMeBrs2xTTnybazezNIQ-UecTA84u1gzwuvcMmVinDI3550PSok-THqBxYI-T-TMFY3HY4c1FfFEbNxRvPe9rZ_w7wvaeVc1YUqTbfjxr3kpAV5AWYJlilz-naM3_b5TRhCaMAo3Bnfcn86qHFAEBXT-PilrJNaGgqVwV7iUTiRUG2D3Rop5LV8pPl7ogYtJmOLuKD0GoKN_tb78F4xf4HmUImfibx2R5tmSi2-b8jqtQWXqmoKfZ2erdzHOXeUZAltPKkItG5BesfJSZ67qgY1Z1IYoOLx6EbY2h2VK3qkEGvZIrBUVMsmECDU1DySX79GZLKTgp3jEmXIXv4szWBdJUbtMTVR1A4VppFTB6fFbD0PNSbg7_TZCnvgj9IjHnvL8BmoTEEbcFLZQHXIR75-Q7Hs3SytU9zSm2QsfL0ygnqJ3MWvM-9nWpVS_SvmeY4289CE2Wz_rI1kMc3ZfM5_b0-wxjtu6-7ZVzXBD40zv54HBFwWUQzXAK7CA7KRhOqPA8jh_QWsyG8SydOT3d6rtyl3Eb1WHPqexnABXtHZPm0N1YdTP-GgvN-zTz66tGqxrkXuDBVNV9XZfFbbRifG6hoBQ_uVv2-fBIGuK8rGZdowO-e3OEIoG0YZIQV326yWUBQfB4ohwTZWjeg4a-mHIecku3QEW3MZEI5OJTQ8wLns_S0AFNL4N8D3xmc-pvPyZtyRcyWuRTH-kocsENOVSf10Bjohaq_s-ZlSXIrA8HzVxU7zm0Qikk_StkNwtsMQcFzkwPaSpgMbps8i8_RxCGdHAAhNCCiIF_eDNECkEwfE5miyxOHSOhCSznEPQdGzB7z7OJvCPuYdE8nrorixWlSUGDj7iSJN9BxYF6uXu3TrqPXKT5dbcT7RIjR_Q5bugwJ27hRsRE_-rWGMajbAK2EvQuXVYD1bsPvxxtHbqwAwCHHOyR5aLH4BX0MWAPvMOteY7SdQhsm6FDYMFVY2Tfq0pV6OuWCXlUrWSFTmsRWefIs4YZ-p1bNb35rF3kvMCsZQgy8Pu4ofwRi64LhyRm9cw0VVrvjJDZs45YAZat9ysaSYWiHqGWLoKbMRfDa_S86SgTC09JU4ZKPudiiaokgIMn_8sMIpyvWr_Nv0aPEHzQzQowK_TTxrzDzzABw_5Pl3L4Nct0NZQkXddO7Ht2_ucjxgEiF3iqR1F5F9NUWvgqEuKAVyWdUz3hWNAu30rKZLIrKTNvi8tj26KS8bGgZ1MXaiNdeLulDR9ZfsJBC5OUiLS57nfRSz_xXfyXZdRmzB8tw3Ax6H3rIf9w5a3hSKwxXplI-BuoAEcyFJNpFSZ0YwMYC0pPsSpyBWi1cQGY9hsBlOJ_IFG5wHLkzu_3qps-9d0oP78OMdYd6v0sOQ37_5dE&cid=CAQSKQDICaaNjQ5i8ZYuacxrqLiq-J3PTQ6Jtf11Qo0bGM3Wgy-3nIaVSX3BGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16747101214159362000&adk=224573081&idt=144&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:57:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
70251
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11943
x-xss-protection
0
server
cafe
etag
4141415479739543000
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:57:13 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/ Frame D743 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20231205/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYL-6BGL2v3vud28WxJRMK1s82ZpDSBwrYUo12QCSjvWEtpR11HxiHzQsmXL0SYceP6u_cfYwWn4Au1WDPCV5ClS2a2nqCPD67_fpo_n8FDJUjSSN0Yo3VivlEe2rZ6Og-DIo-V0jNFgcx-FK_hHcgs_1R4Ww-OyjKdekTQAj2MYCRzBc&cry=1&dbm_d=AKAmf-A_P0bRAgVtJ6Jku8SjopswrtN1Hq2CqHz1zq-CY2FM9ECN1FlYStz4Y_08yO3p_vIbumqaOQXb6xjex3J2xb5SeVCzR7oYt1GfO1jtOPICvwW6QC_j0lCda30C20JKA9feBPJLawHyO2Kg9gfv_WB6cIISzXSs4va9fxVVZHbiWeVxnBUVc-1ewlr5Bh7hHL21Ysm16tltMM1n2EhU_xFN44FN_qPs4rtPhRxzVOHmnhUQXuDLjv2eu5SRXYtIanWRKEzKNUkcQC0BYdAYtKUxwR1vEp7WmJ-hVUpbpjiwaweVVnIZTG1-A1ppCA-DLDa-1G3tjLRi1wDN0o5a8dCIiEK78omJ_riH4s909makhWFoHcDOiZ5-hle6gJcJxZ0LC66_7cuhz-bqT7uH_CuTjTZ-upn5oy7X_w5zDLXUgTdmrvbT2E8Hd2ZtyhQjzx3OVl6jiForHU42vBEh3Xjw-ODv-MIylQuoChg5CfCannMRU6SQ3nQYNhUQT00Jo-hH6isFl1f3gl9_CW1M8f076D3TfLo0FiIhlw3RddAJkatLj-DWMsFiX-5Ug7twTAPN9ggFNgPGTXhSHFEmrYWp1GGqRV47jzNJeSxKOsTKcmtxuUO5br_tpTY-LOjYbEfUpvbmxs7g9_x4dUJxmgMbSo_aKkMklRDqC8KeJjB3FRi1vPsuTNDUOCsfZ9TSmnvUtZxHzxZg9ixYHdJXJPui-DaKVeKXCenQBGTymKUuubaI8Wfhos-GkesZ8cvRWeYiW9MYJvouKg6Ha2wMrYM-3rPiZKN6e0ts9sZQUcTjhrRhhvTkOovYDuzuDtXd43JCnYgWXR1Eabmps9lcwxxeQXJ2QaBmTAUMTA_u3-WNn37X9goJhjtelZj4vm58y9tKRs7g2StZ3SOgofofGL0LFE5pNtgkfFgBWrSmpic8wTenhCF6G6fqK3Xb1PVBSQ3fDpwIdMP06PLyBNeiHdea32H2f8aPRuWsaCexPFyeft0xIaT3S9jveQ9fIhtOeut1GtN6_mEaxFvSvLSIdtUqlCte1IVv6oCMAwI6d27-NlIwNv0THeKzVfaXdXDVtiEIdfnkW2SXTdJLplgLAUHONrYECTFiOpLGNA8pgJ_1MJNJVOMoVjBggqBC09NVHcm_uI0OsX7_vWfEwYP96Sv1UocFz_FfZKp_LmKUOz-ST2zI0WVgG6f5vPLRkvyaZtWRjDVbDUv5NXVW38HDSrs52x38e6--XvMwR4jIL9AURzo5u0C6BF2R7FH7jjTTf3DxsKS11Fn_0SsMS7ZZBZsqfg-MtTKfYsfIxvcLROXHkn3j_1arTN-50z5jUPW_KPYOcYxSmj8Y7f_rbglt_Z6sdDrMIbvhH7FcWzdzWXySCduWZCPuyP_ErJUFG12IS8Jpgb-Nr-LAERRKKcw3O6Dog7CcnkmW45N6Givy4B_tUgKdx6270i276bE72Dl9Eiv-YYnBiudjXOMeCPD2Wn0bE1HWrsTqqCDQ0WTylIEE0kQf3zRCYnZa3-YyvYL-DXxCA4dda_pYF7Jaydj9Cb3zxw9nwlCIZ-O3L6j7W3XJNgUiKaJS24CQcQsxXJiQ8WAp53_hpxqTBjDyTwdOdIKrrxSQmPQcG4SiuM5POmXoL_69s2BrTHS3eafYquvaQUjM4FCFdJEwmfZ6rmOqfJuD61bxOMBaiVJfifUg4KccJXrXJrP0MdV7-B7LG-BENF6T4419Y9q7nsK_iNUYrbnvmPJ-qS7FVe4oR-5tafoQ39Hz2ourFG6n3q4nWs5HtYElcLWZ5u_ooBy9ZYQChXKwe7wgLfEo8ZTuV8ILL4oL0tV7Y--SWOROosa4tpH4bAFEP169tkAHumJzNtLVuEnYC4US7R-66vfEnbnEctfNvDYhB3sPZp_0J2agDgRXHTi045_HbktFCG0seGyljvuZ1JzCpB53ER9YBs9gKweJ5wqpVXLscEhbJQbwlK4deL3toAgs8FWpfzQrCMdZOQEzUr-h0C4N7QaaH5AANPiKchuDgsaRlfR1PqVDpg1xkEDhpe-A9CDcTliCQNRN1kuUwrAgGJPHq8AvOt6atFyjfamkiVeTC4VztHJcML0-CAOguMBWSoFb75LI0hwtHRt2ESECmkhPAFkp8z3ZchA1SbXsB295X7-J8FD1WN2ic5noO5L6YvOLX21YimYpl7AZG9aNVaTqRIwKzPpc-jSb6pu8ep3wASaK6kZ6MsceM7U3gx2x6NwFCkhbA8bFPse1GE1g5Xp2cu_-SP4N7eCtF_l7rrNE2L3-XdF7m4zzTLad8viU3YVq6EvADc1tN9jdgVrGGefnw_ElvU7peq9uFBaHJ784lT-aXJCwcm1d9FJp1Q7HMcZYEh3BnulC-XBf7HX_NgAxv4883JILh2jEeLjCme8X8TgS-eQedNchydSLx_CHriTWVVvl7Ac6lchmFSafdBbbQ751VwrU4RBBqDzfIdFDMK0NXLWO8u2GvN_k3WW4ww5zQdfF72may3rcTsK25035TZMbuiPg8AfvV_bsc5hoCUsZ1-4N9MiZJbgxk9CNc-IRwadj5_KWtT-HGm_EmmQ9xy5Uv7VXXVL6drxNax1XUgAn-tOpr_FMeBrs2xTTnybazezNIQ-UecTA84u1gzwuvcMmVinDI3550PSok-THqBxYI-T-TMFY3HY4c1FfFEbNxRvPe9rZ_w7wvaeVc1YUqTbfjxr3kpAV5AWYJlilz-naM3_b5TRhCaMAo3Bnfcn86qHFAEBXT-PilrJNaGgqVwV7iUTiRUG2D3Rop5LV8pPl7ogYtJmOLuKD0GoKN_tb78F4xf4HmUImfibx2R5tmSi2-b8jqtQWXqmoKfZ2erdzHOXeUZAltPKkItG5BesfJSZ67qgY1Z1IYoOLx6EbY2h2VK3qkEGvZIrBUVMsmECDU1DySX79GZLKTgp3jEmXIXv4szWBdJUbtMTVR1A4VppFTB6fFbD0PNSbg7_TZCnvgj9IjHnvL8BmoTEEbcFLZQHXIR75-Q7Hs3SytU9zSm2QsfL0ygnqJ3MWvM-9nWpVS_SvmeY4289CE2Wz_rI1kMc3ZfM5_b0-wxjtu6-7ZVzXBD40zv54HBFwWUQzXAK7CA7KRhOqPA8jh_QWsyG8SydOT3d6rtyl3Eb1WHPqexnABXtHZPm0N1YdTP-GgvN-zTz66tGqxrkXuDBVNV9XZfFbbRifG6hoBQ_uVv2-fBIGuK8rGZdowO-e3OEIoG0YZIQV326yWUBQfB4ohwTZWjeg4a-mHIecku3QEW3MZEI5OJTQ8wLns_S0AFNL4N8D3xmc-pvPyZtyRcyWuRTH-kocsENOVSf10Bjohaq_s-ZlSXIrA8HzVxU7zm0Qikk_StkNwtsMQcFzkwPaSpgMbps8i8_RxCGdHAAhNCCiIF_eDNECkEwfE5miyxOHSOhCSznEPQdGzB7z7OJvCPuYdE8nrorixWlSUGDj7iSJN9BxYF6uXu3TrqPXKT5dbcT7RIjR_Q5bugwJ27hRsRE_-rWGMajbAK2EvQuXVYD1bsPvxxtHbqwAwCHHOyR5aLH4BX0MWAPvMOteY7SdQhsm6FDYMFVY2Tfq0pV6OuWCXlUrWSFTmsRWefIs4YZ-p1bNb35rF3kvMCsZQgy8Pu4ofwRi64LhyRm9cw0VVrvjJDZs45YAZat9ysaSYWiHqGWLoKbMRfDa_S86SgTC09JU4ZKPudiiaokgIMn_8sMIpyvWr_Nv0aPEHzQzQowK_TTxrzDzzABw_5Pl3L4Nct0NZQkXddO7Ht2_ucjxgEiF3iqR1F5F9NUWvgqEuKAVyWdUz3hWNAu30rKZLIrKTNvi8tj26KS8bGgZ1MXaiNdeLulDR9ZfsJBC5OUiLS57nfRSz_xXfyXZdRmzB8tw3Ax6H3rIf9w5a3hSKwxXplI-BuoAEcyFJNpFSZ0YwMYC0pPsSpyBWi1cQGY9hsBlOJ_IFG5wHLkzu_3qps-9d0oP78OMdYd6v0sOQ37_5dE&cid=CAQSKQDICaaNjQ5i8ZYuacxrqLiq-J3PTQ6Jtf11Qo0bGM3Wgy-3nIaVSX3BGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16747101214159362000&adk=224573081&idt=144&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 15:49:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
70723
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4206
x-xss-protection
0
server
cafe
etag
14415875674906819925
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Dec 2023 15:49:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame D743 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWMJr6lqOORXdA-1W7RAEi0RR-MP-Jdtex4uqd2rJ9p3viWb3YOsk_ttdLnAxwLuEZn_3uEr5Cw-GJjcfrIWXyS35F_DQrRGjbJLZ0onM3U1O7ijCs7evs0XtdvqVYMIFxggZnVwDieawGR3WCfjo7Qk2BHYeV4fIIBzJLPqHEZ6mYQWHcOXWYKlpc_R-eqbAgqtyzfUeYnHdhvODyPejh-c521t2Bpqp0CviicP18mIK8mXYslxLHbbIFNauNYsqTgh4XtdHog6L-2DtLX0hGin724MVYJCmft2VbE6zE7IKKhIvjoqLMjOohJ67QmSI01jcpPSffD3tHLj6aXk5p2ABUulEO7yfohtgKaT1wHs-7Gv_lCgHmmzipl5ShYivSAw4lpBC0-gzDQfBQGjFCaCZhochDFd9VkyGqq_JVr2ahok4mbdaFruAwQ49wKmu4F4wlCABACpvUVCryXJJFDO3KwgCvPHPV5H3aCzeqe5H8yVqdlol0tzOy7hfAOf3ACs9HTjnWG37wzqm_ZztAcIc93_lfD0RqXgGRkuSaShwKmTbO40wNSpHlg7W2mVeJ1ypYzTg_wqHOnmSRelOzHLea4L6JTYr23tuTxA5NMYr5X61xKwetECGJ1aDdhEpus3yGLDcEN0sa1owj8lGe_HVLYQlyb549hqRSjKCpy4w9NQVTlvv8rZiVmP-4_lhBg9Jz2BsF32Y9lmQS5z---AhuHw9AsWlKsFwsNPMco4bun9ZbBUDls3rSQb3gC24PeQGq0kD0z2_pceYzkS5ANe0z7MxPbyPLtzyE1PpNkJbMkmg1dLnVFa9Rw9uC-OkQXL8BaYbmk66EBZp4v6wkQZIjTqa8l4VMo7lXccljc9kz4E5SNg3ll-S9WRBkfI1LUc-VxYjLXGVm5GpK60Im0gd5aYYPWUuccq-n_lg-Pavi-3n0pmkbpRPkgOvv7uwUGKG5kzd_cTQhoIQrbNqAsU_stVLnGQFqSniHX1kef-WVoOOBYsHXULTt4Ogd6d4g0XdtxXkO1BkL5sgPQ0P6uWbSrrZ-7zVW59jyix52nBRh2brTaDhn2epZ1NlZpsBtADzu6qyurdxtE9AuU2pvy8PZnsPrFoqJNIB6pIgWbDDnI5ERoA7IdguraxEpTTn5FtGL-3fnQJQ2pSDA-TTK01H1ZUI5NeKmd9VpQhEMaJWWbiqrHPoA6sdMBbew9JIdu4XeADr9NsxarEzXs9K_LkrrC8tkg5MPQauFXOvScu-MPuzvFZvzq5b6RwvG8X2mD4xfQZ0GhqCFfzrxSpCDVpOy2IGtwzYedRTS2xpHifKVHXMJ-Te0fRzmKuDs3IEenDFXbbV7wdwO&sai=AMfl-YS7mv_g8o7G6XeJIEWewImjb657Xhdacw_4oFv5FbzvrkrmL316BQlAVQ9NQY_LPOW1Ryqo32jiy2uvHoRk6k3k3J000zFzuomW2dOhh9SJfbPTFAPU0dyeuDE1CZQGvCg2tMKsVENtj_tcoW8TUdSOivWWzl14mdI2kPc3wOPeJ2RZ6p0agvHYbrWeaiUxyAnYfnmNqWEJ&sig=Cg0ArKJSzK93uykpJh9WEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20231205.85725&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYL-6BGL2v3vud28WxJRMK1s82ZpDSBwrYUo12QCSjvWEtpR11HxiHzQsmXL0SYceP6u_cfYwWn4Au1WDPCV5ClS2a2nqCPD67_fpo_n8FDJUjSSN0Yo3VivlEe2rZ6Og-DIo-V0jNFgcx-FK_hHcgs_1R4Ww-OyjKdekTQAj2MYCRzBc&cry=1&dbm_d=AKAmf-A_P0bRAgVtJ6Jku8SjopswrtN1Hq2CqHz1zq-CY2FM9ECN1FlYStz4Y_08yO3p_vIbumqaOQXb6xjex3J2xb5SeVCzR7oYt1GfO1jtOPICvwW6QC_j0lCda30C20JKA9feBPJLawHyO2Kg9gfv_WB6cIISzXSs4va9fxVVZHbiWeVxnBUVc-1ewlr5Bh7hHL21Ysm16tltMM1n2EhU_xFN44FN_qPs4rtPhRxzVOHmnhUQXuDLjv2eu5SRXYtIanWRKEzKNUkcQC0BYdAYtKUxwR1vEp7WmJ-hVUpbpjiwaweVVnIZTG1-A1ppCA-DLDa-1G3tjLRi1wDN0o5a8dCIiEK78omJ_riH4s909makhWFoHcDOiZ5-hle6gJcJxZ0LC66_7cuhz-bqT7uH_CuTjTZ-upn5oy7X_w5zDLXUgTdmrvbT2E8Hd2ZtyhQjzx3OVl6jiForHU42vBEh3Xjw-ODv-MIylQuoChg5CfCannMRU6SQ3nQYNhUQT00Jo-hH6isFl1f3gl9_CW1M8f076D3TfLo0FiIhlw3RddAJkatLj-DWMsFiX-5Ug7twTAPN9ggFNgPGTXhSHFEmrYWp1GGqRV47jzNJeSxKOsTKcmtxuUO5br_tpTY-LOjYbEfUpvbmxs7g9_x4dUJxmgMbSo_aKkMklRDqC8KeJjB3FRi1vPsuTNDUOCsfZ9TSmnvUtZxHzxZg9ixYHdJXJPui-DaKVeKXCenQBGTymKUuubaI8Wfhos-GkesZ8cvRWeYiW9MYJvouKg6Ha2wMrYM-3rPiZKN6e0ts9sZQUcTjhrRhhvTkOovYDuzuDtXd43JCnYgWXR1Eabmps9lcwxxeQXJ2QaBmTAUMTA_u3-WNn37X9goJhjtelZj4vm58y9tKRs7g2StZ3SOgofofGL0LFE5pNtgkfFgBWrSmpic8wTenhCF6G6fqK3Xb1PVBSQ3fDpwIdMP06PLyBNeiHdea32H2f8aPRuWsaCexPFyeft0xIaT3S9jveQ9fIhtOeut1GtN6_mEaxFvSvLSIdtUqlCte1IVv6oCMAwI6d27-NlIwNv0THeKzVfaXdXDVtiEIdfnkW2SXTdJLplgLAUHONrYECTFiOpLGNA8pgJ_1MJNJVOMoVjBggqBC09NVHcm_uI0OsX7_vWfEwYP96Sv1UocFz_FfZKp_LmKUOz-ST2zI0WVgG6f5vPLRkvyaZtWRjDVbDUv5NXVW38HDSrs52x38e6--XvMwR4jIL9AURzo5u0C6BF2R7FH7jjTTf3DxsKS11Fn_0SsMS7ZZBZsqfg-MtTKfYsfIxvcLROXHkn3j_1arTN-50z5jUPW_KPYOcYxSmj8Y7f_rbglt_Z6sdDrMIbvhH7FcWzdzWXySCduWZCPuyP_ErJUFG12IS8Jpgb-Nr-LAERRKKcw3O6Dog7CcnkmW45N6Givy4B_tUgKdx6270i276bE72Dl9Eiv-YYnBiudjXOMeCPD2Wn0bE1HWrsTqqCDQ0WTylIEE0kQf3zRCYnZa3-YyvYL-DXxCA4dda_pYF7Jaydj9Cb3zxw9nwlCIZ-O3L6j7W3XJNgUiKaJS24CQcQsxXJiQ8WAp53_hpxqTBjDyTwdOdIKrrxSQmPQcG4SiuM5POmXoL_69s2BrTHS3eafYquvaQUjM4FCFdJEwmfZ6rmOqfJuD61bxOMBaiVJfifUg4KccJXrXJrP0MdV7-B7LG-BENF6T4419Y9q7nsK_iNUYrbnvmPJ-qS7FVe4oR-5tafoQ39Hz2ourFG6n3q4nWs5HtYElcLWZ5u_ooBy9ZYQChXKwe7wgLfEo8ZTuV8ILL4oL0tV7Y--SWOROosa4tpH4bAFEP169tkAHumJzNtLVuEnYC4US7R-66vfEnbnEctfNvDYhB3sPZp_0J2agDgRXHTi045_HbktFCG0seGyljvuZ1JzCpB53ER9YBs9gKweJ5wqpVXLscEhbJQbwlK4deL3toAgs8FWpfzQrCMdZOQEzUr-h0C4N7QaaH5AANPiKchuDgsaRlfR1PqVDpg1xkEDhpe-A9CDcTliCQNRN1kuUwrAgGJPHq8AvOt6atFyjfamkiVeTC4VztHJcML0-CAOguMBWSoFb75LI0hwtHRt2ESECmkhPAFkp8z3ZchA1SbXsB295X7-J8FD1WN2ic5noO5L6YvOLX21YimYpl7AZG9aNVaTqRIwKzPpc-jSb6pu8ep3wASaK6kZ6MsceM7U3gx2x6NwFCkhbA8bFPse1GE1g5Xp2cu_-SP4N7eCtF_l7rrNE2L3-XdF7m4zzTLad8viU3YVq6EvADc1tN9jdgVrGGefnw_ElvU7peq9uFBaHJ784lT-aXJCwcm1d9FJp1Q7HMcZYEh3BnulC-XBf7HX_NgAxv4883JILh2jEeLjCme8X8TgS-eQedNchydSLx_CHriTWVVvl7Ac6lchmFSafdBbbQ751VwrU4RBBqDzfIdFDMK0NXLWO8u2GvN_k3WW4ww5zQdfF72may3rcTsK25035TZMbuiPg8AfvV_bsc5hoCUsZ1-4N9MiZJbgxk9CNc-IRwadj5_KWtT-HGm_EmmQ9xy5Uv7VXXVL6drxNax1XUgAn-tOpr_FMeBrs2xTTnybazezNIQ-UecTA84u1gzwuvcMmVinDI3550PSok-THqBxYI-T-TMFY3HY4c1FfFEbNxRvPe9rZ_w7wvaeVc1YUqTbfjxr3kpAV5AWYJlilz-naM3_b5TRhCaMAo3Bnfcn86qHFAEBXT-PilrJNaGgqVwV7iUTiRUG2D3Rop5LV8pPl7ogYtJmOLuKD0GoKN_tb78F4xf4HmUImfibx2R5tmSi2-b8jqtQWXqmoKfZ2erdzHOXeUZAltPKkItG5BesfJSZ67qgY1Z1IYoOLx6EbY2h2VK3qkEGvZIrBUVMsmECDU1DySX79GZLKTgp3jEmXIXv4szWBdJUbtMTVR1A4VppFTB6fFbD0PNSbg7_TZCnvgj9IjHnvL8BmoTEEbcFLZQHXIR75-Q7Hs3SytU9zSm2QsfL0ygnqJ3MWvM-9nWpVS_SvmeY4289CE2Wz_rI1kMc3ZfM5_b0-wxjtu6-7ZVzXBD40zv54HBFwWUQzXAK7CA7KRhOqPA8jh_QWsyG8SydOT3d6rtyl3Eb1WHPqexnABXtHZPm0N1YdTP-GgvN-zTz66tGqxrkXuDBVNV9XZfFbbRifG6hoBQ_uVv2-fBIGuK8rGZdowO-e3OEIoG0YZIQV326yWUBQfB4ohwTZWjeg4a-mHIecku3QEW3MZEI5OJTQ8wLns_S0AFNL4N8D3xmc-pvPyZtyRcyWuRTH-kocsENOVSf10Bjohaq_s-ZlSXIrA8HzVxU7zm0Qikk_StkNwtsMQcFzkwPaSpgMbps8i8_RxCGdHAAhNCCiIF_eDNECkEwfE5miyxOHSOhCSznEPQdGzB7z7OJvCPuYdE8nrorixWlSUGDj7iSJN9BxYF6uXu3TrqPXKT5dbcT7RIjR_Q5bugwJ27hRsRE_-rWGMajbAK2EvQuXVYD1bsPvxxtHbqwAwCHHOyR5aLH4BX0MWAPvMOteY7SdQhsm6FDYMFVY2Tfq0pV6OuWCXlUrWSFTmsRWefIs4YZ-p1bNb35rF3kvMCsZQgy8Pu4ofwRi64LhyRm9cw0VVrvjJDZs45YAZat9ysaSYWiHqGWLoKbMRfDa_S86SgTC09JU4ZKPudiiaokgIMn_8sMIpyvWr_Nv0aPEHzQzQowK_TTxrzDzzABw_5Pl3L4Nct0NZQkXddO7Ht2_ucjxgEiF3iqR1F5F9NUWvgqEuKAVyWdUz3hWNAu30rKZLIrKTNvi8tj26KS8bGgZ1MXaiNdeLulDR9ZfsJBC5OUiLS57nfRSz_xXfyXZdRmzB8tw3Ax6H3rIf9w5a3hSKwxXplI-BuoAEcyFJNpFSZ0YwMYC0pPsSpyBWi1cQGY9hsBlOJ_IFG5wHLkzu_3qps-9d0oP78OMdYd6v0sOQ37_5dE&cid=CAQSKQDICaaNjQ5i8ZYuacxrqLiq-J3PTQ6Jtf11Qo0bGM3Wgy-3nIaVSX3BGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16747101214159362000&adk=224573081&idt=144&cac=0&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Thu, 07 Dec 2023 11:28:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
content-type
image/gif
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame D743 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYL-6BGL2v3vud28WxJRMK1s82ZpDSBwrYUo12QCSjvWEtpR11HxiHzQsmXL0SYceP6u_cfYwWn4Au1WDPCV5ClS2a2nqCPD67_fpo_n8FDJUjSSN0Yo3VivlEe2rZ6Og-DIo-V0jNFgcx-FK_hHcgs_1R4Ww-OyjKdekTQAj2MYCRzBc&cry=1&dbm_d=AKAmf-A_P0bRAgVtJ6Jku8SjopswrtN1Hq2CqHz1zq-CY2FM9ECN1FlYStz4Y_08yO3p_vIbumqaOQXb6xjex3J2xb5SeVCzR7oYt1GfO1jtOPICvwW6QC_j0lCda30C20JKA9feBPJLawHyO2Kg9gfv_WB6cIISzXSs4va9fxVVZHbiWeVxnBUVc-1ewlr5Bh7hHL21Ysm16tltMM1n2EhU_xFN44FN_qPs4rtPhRxzVOHmnhUQXuDLjv2eu5SRXYtIanWRKEzKNUkcQC0BYdAYtKUxwR1vEp7WmJ-hVUpbpjiwaweVVnIZTG1-A1ppCA-DLDa-1G3tjLRi1wDN0o5a8dCIiEK78omJ_riH4s909makhWFoHcDOiZ5-hle6gJcJxZ0LC66_7cuhz-bqT7uH_CuTjTZ-upn5oy7X_w5zDLXUgTdmrvbT2E8Hd2ZtyhQjzx3OVl6jiForHU42vBEh3Xjw-ODv-MIylQuoChg5CfCannMRU6SQ3nQYNhUQT00Jo-hH6isFl1f3gl9_CW1M8f076D3TfLo0FiIhlw3RddAJkatLj-DWMsFiX-5Ug7twTAPN9ggFNgPGTXhSHFEmrYWp1GGqRV47jzNJeSxKOsTKcmtxuUO5br_tpTY-LOjYbEfUpvbmxs7g9_x4dUJxmgMbSo_aKkMklRDqC8KeJjB3FRi1vPsuTNDUOCsfZ9TSmnvUtZxHzxZg9ixYHdJXJPui-DaKVeKXCenQBGTymKUuubaI8Wfhos-GkesZ8cvRWeYiW9MYJvouKg6Ha2wMrYM-3rPiZKN6e0ts9sZQUcTjhrRhhvTkOovYDuzuDtXd43JCnYgWXR1Eabmps9lcwxxeQXJ2QaBmTAUMTA_u3-WNn37X9goJhjtelZj4vm58y9tKRs7g2StZ3SOgofofGL0LFE5pNtgkfFgBWrSmpic8wTenhCF6G6fqK3Xb1PVBSQ3fDpwIdMP06PLyBNeiHdea32H2f8aPRuWsaCexPFyeft0xIaT3S9jveQ9fIhtOeut1GtN6_mEaxFvSvLSIdtUqlCte1IVv6oCMAwI6d27-NlIwNv0THeKzVfaXdXDVtiEIdfnkW2SXTdJLplgLAUHONrYECTFiOpLGNA8pgJ_1MJNJVOMoVjBggqBC09NVHcm_uI0OsX7_vWfEwYP96Sv1UocFz_FfZKp_LmKUOz-ST2zI0WVgG6f5vPLRkvyaZtWRjDVbDUv5NXVW38HDSrs52x38e6--XvMwR4jIL9AURzo5u0C6BF2R7FH7jjTTf3DxsKS11Fn_0SsMS7ZZBZsqfg-MtTKfYsfIxvcLROXHkn3j_1arTN-50z5jUPW_KPYOcYxSmj8Y7f_rbglt_Z6sdDrMIbvhH7FcWzdzWXySCduWZCPuyP_ErJUFG12IS8Jpgb-Nr-LAERRKKcw3O6Dog7CcnkmW45N6Givy4B_tUgKdx6270i276bE72Dl9Eiv-YYnBiudjXOMeCPD2Wn0bE1HWrsTqqCDQ0WTylIEE0kQf3zRCYnZa3-YyvYL-DXxCA4dda_pYF7Jaydj9Cb3zxw9nwlCIZ-O3L6j7W3XJNgUiKaJS24CQcQsxXJiQ8WAp53_hpxqTBjDyTwdOdIKrrxSQmPQcG4SiuM5POmXoL_69s2BrTHS3eafYquvaQUjM4FCFdJEwmfZ6rmOqfJuD61bxOMBaiVJfifUg4KccJXrXJrP0MdV7-B7LG-BENF6T4419Y9q7nsK_iNUYrbnvmPJ-qS7FVe4oR-5tafoQ39Hz2ourFG6n3q4nWs5HtYElcLWZ5u_ooBy9ZYQChXKwe7wgLfEo8ZTuV8ILL4oL0tV7Y--SWOROosa4tpH4bAFEP169tkAHumJzNtLVuEnYC4US7R-66vfEnbnEctfNvDYhB3sPZp_0J2agDgRXHTi045_HbktFCG0seGyljvuZ1JzCpB53ER9YBs9gKweJ5wqpVXLscEhbJQbwlK4deL3toAgs8FWpfzQrCMdZOQEzUr-h0C4N7QaaH5AANPiKchuDgsaRlfR1PqVDpg1xkEDhpe-A9CDcTliCQNRN1kuUwrAgGJPHq8AvOt6atFyjfamkiVeTC4VztHJcML0-CAOguMBWSoFb75LI0hwtHRt2ESECmkhPAFkp8z3ZchA1SbXsB295X7-J8FD1WN2ic5noO5L6YvOLX21YimYpl7AZG9aNVaTqRIwKzPpc-jSb6pu8ep3wASaK6kZ6MsceM7U3gx2x6NwFCkhbA8bFPse1GE1g5Xp2cu_-SP4N7eCtF_l7rrNE2L3-XdF7m4zzTLad8viU3YVq6EvADc1tN9jdgVrGGefnw_ElvU7peq9uFBaHJ784lT-aXJCwcm1d9FJp1Q7HMcZYEh3BnulC-XBf7HX_NgAxv4883JILh2jEeLjCme8X8TgS-eQedNchydSLx_CHriTWVVvl7Ac6lchmFSafdBbbQ751VwrU4RBBqDzfIdFDMK0NXLWO8u2GvN_k3WW4ww5zQdfF72may3rcTsK25035TZMbuiPg8AfvV_bsc5hoCUsZ1-4N9MiZJbgxk9CNc-IRwadj5_KWtT-HGm_EmmQ9xy5Uv7VXXVL6drxNax1XUgAn-tOpr_FMeBrs2xTTnybazezNIQ-UecTA84u1gzwuvcMmVinDI3550PSok-THqBxYI-T-TMFY3HY4c1FfFEbNxRvPe9rZ_w7wvaeVc1YUqTbfjxr3kpAV5AWYJlilz-naM3_b5TRhCaMAo3Bnfcn86qHFAEBXT-PilrJNaGgqVwV7iUTiRUG2D3Rop5LV8pPl7ogYtJmOLuKD0GoKN_tb78F4xf4HmUImfibx2R5tmSi2-b8jqtQWXqmoKfZ2erdzHOXeUZAltPKkItG5BesfJSZ67qgY1Z1IYoOLx6EbY2h2VK3qkEGvZIrBUVMsmECDU1DySX79GZLKTgp3jEmXIXv4szWBdJUbtMTVR1A4VppFTB6fFbD0PNSbg7_TZCnvgj9IjHnvL8BmoTEEbcFLZQHXIR75-Q7Hs3SytU9zSm2QsfL0ygnqJ3MWvM-9nWpVS_SvmeY4289CE2Wz_rI1kMc3ZfM5_b0-wxjtu6-7ZVzXBD40zv54HBFwWUQzXAK7CA7KRhOqPA8jh_QWsyG8SydOT3d6rtyl3Eb1WHPqexnABXtHZPm0N1YdTP-GgvN-zTz66tGqxrkXuDBVNV9XZfFbbRifG6hoBQ_uVv2-fBIGuK8rGZdowO-e3OEIoG0YZIQV326yWUBQfB4ohwTZWjeg4a-mHIecku3QEW3MZEI5OJTQ8wLns_S0AFNL4N8D3xmc-pvPyZtyRcyWuRTH-kocsENOVSf10Bjohaq_s-ZlSXIrA8HzVxU7zm0Qikk_StkNwtsMQcFzkwPaSpgMbps8i8_RxCGdHAAhNCCiIF_eDNECkEwfE5miyxOHSOhCSznEPQdGzB7z7OJvCPuYdE8nrorixWlSUGDj7iSJN9BxYF6uXu3TrqPXKT5dbcT7RIjR_Q5bugwJ27hRsRE_-rWGMajbAK2EvQuXVYD1bsPvxxtHbqwAwCHHOyR5aLH4BX0MWAPvMOteY7SdQhsm6FDYMFVY2Tfq0pV6OuWCXlUrWSFTmsRWefIs4YZ-p1bNb35rF3kvMCsZQgy8Pu4ofwRi64LhyRm9cw0VVrvjJDZs45YAZat9ysaSYWiHqGWLoKbMRfDa_S86SgTC09JU4ZKPudiiaokgIMn_8sMIpyvWr_Nv0aPEHzQzQowK_TTxrzDzzABw_5Pl3L4Nct0NZQkXddO7Ht2_ucjxgEiF3iqR1F5F9NUWvgqEuKAVyWdUz3hWNAu30rKZLIrKTNvi8tj26KS8bGgZ1MXaiNdeLulDR9ZfsJBC5OUiLS57nfRSz_xXfyXZdRmzB8tw3Ax6H3rIf9w5a3hSKwxXplI-BuoAEcyFJNpFSZ0YwMYC0pPsSpyBWi1cQGY9hsBlOJ_IFG5wHLkzu_3qps-9d0oP78OMdYd6v0sOQ37_5dE&cid=CAQSKQDICaaNjQ5i8ZYuacxrqLiq-J3PTQ6Jtf11Qo0bGM3Wgy-3nIaVSX3BGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16747101214159362000&adk=224573081&idt=144&cac=0&dtd=12
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 19:32:51 GMT
content-encoding
br
x-content-type-options
nosniff
age
57313
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 19:32:51 GMT
1766229879739348166
s0.2mdn.net/simgad/ Frame D743 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/1766229879739348166?sqp=uqWu0g0ICPoBEKwCQGQ&rs=AOga4qmLYULbgo7paQSWOFQV_JwOxaEkpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
82e391d39f1c437bc413f36e77095e55da52222f33564f8c87da8bc9343f3e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:45:58 GMT
x-content-type-options
nosniff
age
218526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
78647
x-xss-protection
0
last-modified
Tue, 19 Sep 2023 16:08:54 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 03 Dec 2024 22:45:58 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 4142 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
68994
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Dec 2023 16:18:10 GMT
etag
48472445140208031
expires
Thu, 07 Dec 2023 16:18:10 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230117-FRA
date
Thu, 07 Dec 2023 11:28:04 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
truncated
/ Frame D743 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cf49b68cf6858f56625b6fac92e099832ff15ec3e7b76f39443f34900a26a2c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

Content-Type
image/png
video3.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		320 KB
320 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video3.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-576
cdn-cachedat
07/16/2023 19:53:18
cdn-pullzone
829957
content-length
327308
last-modified
Fri, 09 Dec 2022 05:43:14 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
276
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
0c825732ecdb1bb130393a1e73f77d95
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 11:28:04 GMT
cache-control
no-store
server
nginx
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 4142
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEDakbRL5K3rNpsl-WW5rMc0&google_cver=1&google_push=AXcoOmQ7tpk2RsvZbWpPp3STFAWvvaRLcj9bqKmkET4V8k0Oi_R7_CaXLwzAh4vMNsrv1f_s0gO0ePfao7jhaDhgqW4tRF9hahfexA
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjk2NTk2MzM2NzQ5Njg3NDE0Mw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDakbRL5K3rNpsl-WW5rMc0&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDakbRL5K3rNpsl-WW5rMc0&google_cver=1
Protocol
H2
Server
2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEDakbRL5K3rNpsl-WW5rMc0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 4142
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEIoflf82Nqhw7r0UyXrp6Cw&google_cver=1&google_push=AXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGy...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoflf82Nqhw7r0UyXrp6Cw&google_cver=1&google_push=AXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkH...
43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoflf82Nqhw7r0UyXrp6Cw&google_cver=1&google_push=AXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:05 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
831c6c4ef98bbf8a-WAW
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
4516
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIoflf82Nqhw7r0UyXrp6Cw&google_cver=1&google_push=AXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmR5_7cxtSqBG-7NaFPK2banbLuZHZP7YbgGsXrGBSLxxRR3G5D6jTQ2NY2IudfH_kQB1nb0x32TftdWma08G6SbYalYPkHGyQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
831c6c4d7f09bf8a-WAW
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4142
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEK2AUygKk2XEprYDRZ8Rmh4&google_cver=1&google_push=AXcoOmTD6bw6Cyxl22RMJU3tE4M5Hv-C9dLv-IZcN66C6gNB5-WzRSl5DAJQMocdfip0eSNKmCys9SsrR65bOqa24DIavPN4DWXm4A
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=981931392E3549CE87AD85509792CEA3&google_push=AXcoOmTD6bw6Cyxl22RMJU3tE4M5Hv-C9dLv-IZcN66C6gNB5-WzRSl5DAJQMocdfip0eSNKmCys9SsrR65bOqa...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=981931392E3549CE87AD85509792CEA3&google_push=AXcoOmTD6bw6Cyxl22RMJU3tE4M5Hv-C9dLv-IZcN66C6gNB5-WzRSl5DAJQMocdfip0eSNKmCys9SsrR65bOqa24DIavPN4DWXm4A
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Thu, 07 Dec 2023 11:28:04 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=981931392E3549CE87AD85509792CEA3&google_push=AXcoOmTD6bw6Cyxl22RMJU3tE4M5Hv-C9dLv-IZcN66C6gNB5-WzRSl5DAJQMocdfip0eSNKmCys9SsrR65bOqa24DIavPN4DWXm4A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Wed, 06 Dec 2023 11:28:04 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 4142 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmS7dXvYUDibgk52A0KdJRtpPkHk2apuOBcXzb7C0HtfIlVkMv2Z4gBSs661g_oCfAvbWJzK_9RvylYejRfKzQtV8myCUWlG3w&google_gid=CAESENRvjMQuf5CGV89aluVtsmk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
240518
expires
Thu, 07 Dec 2023 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 4142
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESELToCguQoTxHeb4MBFgrKp8&google_cver=1&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_2O...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESELToCguQoTxHeb4MBFgrKp8&google_cver=1&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViP...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE4MTE2MTk5MTk0MTYxODY3Nw&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE4MTE2MTk5MTk0MTYxODY3Nw&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_2OhQ3alI-ZLuBzqwnRwenzLQ
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE4MTE2MTk5MTk0MTYxODY3Nw&google_push=AXcoOmTDeu8GkzYBKNdLXPpMNAnBm4x8VhCwJ3dZ2Qw6Sd9FAtZed_Vkc8VCWCDlHxTdUt_jViPkp_2OhQ3alI-ZLuBzqwnRwenzLQ
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 4142 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEG5XCVv5OnQTrh8S1aI4hQ8&google_cver=1&google_push=AXcoOmQu8XiKsERsuJtwGH7LLPbH5sRcEzX1An9qp6wa_LlOXvnt2E6L-P5pWrtPGK_VqSj2eqNpwMD1unvYv6uLFd51KVGBX4FNjQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Thu, 07 Dec 2023 11:28:04 GMT
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 4142
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMl7gvZo0b3F7H2AMu7gMzg&google_cver=1&google_push=AXcoOmQ3BSe942TfsmOQzNORBFhafcIJZp6FaiYjCd4FabTS9Wqjq4JphBlQA0JS7dqnP5iQfIv...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWNDZOSFgtMjAtM1JKNA==&google_push=AXcoOmQ3BSe942TfsmOQzNORBFhafcIJZp6FaiYjCd4FabTS9Wqjq4JphBlQA0JS7dqnP5iQfIvjISSJi9XgGrvGa3LnnVyVIC_D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWNDZOSFgtMjAtM1JKNA==&google_push=AXcoOmQ3BSe942TfsmOQzNORBFhafcIJZp6FaiYjCd4FabTS9Wqjq4JphBlQA0JS7dqnP5iQfIvjISSJi9XgGrvGa3LnnVyVIC_D
Protocol
H3
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFBWNDZOSFgtMjAtM1JKNA==&google_push=AXcoOmQ3BSe942TfsmOQzNORBFhafcIJZp6FaiYjCd4FabTS9Wqjq4JphBlQA0JS7dqnP5iQfIvjISSJi9XgGrvGa3LnnVyVIC_D
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
attr
cm.g.doubleclick.net/pixel/ Frame 4142 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Kd22QMO-_EWF4X2l2Dr-FtKcZ-32y1QVdW8ftNLwAka7-b9LnEJ--WlRHjCY91kJXHvgYJ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1701948483&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1701948483134&bpp=279&bdt=826&idt=586&shv=r20231205&mjsv=m202312060101&ptt=5&saldr=sd&correlator=6937026438662&frm=23&ife=1&pv=2&ga_vid=1249414168.1701948482&ga_sid=1701948484&ga_hid=1950463477&ga_fc=1&nhd=1&u_tz=60&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=3631&biw=1600&bih=1200&isw=336&ish=280&ifk=3511121045&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079438%2C31079826%2C44785294%2C44795921%2C31080037%2C44807763%2C44808148%2C44808284%2C95320230%2C31080036&oid=2&pvsid=715422507190966&tmod=538629894&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.1jqnxzivttcg&btvi=1&fsb=1&dtd=593
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame BDFF 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
256899
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Dec 2023 12:06:25 GMT
expires
Tue, 03 Dec 2024 12:06:25 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
video4.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		333 KB
335 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video4.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-661
cdn-cachedat
10/31/2023 19:00:04
cdn-pullzone
829957
content-length
341032
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
7075a852dd5439dd0b1cee168b8dbb25
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video5.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		349 KB
350 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video5.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-664
cdn-cachedat
10/31/2023 18:58:48
cdn-pullzone
829957
content-length
357576
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
510
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
02723ef2582ca398f6900d92a8eb53a2
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
pagead2.googlesyndication.com/bg/ Frame BDFF 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 09:57:35 GMT
content-encoding
br
x-content-type-options
nosniff
age
5429
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15165
x-xss-protection
0
last-modified
Tue, 28 Nov 2023 18:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 06 Dec 2024 09:57:35 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9FFF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311290101&jk=2867850618471234&bg=!fH-lfzDNAAY3kmNgF5I7ADQBe5WfONv3KySnGRv84mWpsFtqHXhwKtjHH2IcgqE4pfjP02HTGmJ3q-FW9-dlmqnTrfubAgAAAD1SAAAAAWgBB5kDJeFIMYnl2tSf_HLNGY8nMQ5ODovcdBogNQf8w4Yrz9tFS3wcIbR0r5UkcZJqYXjm4xFxycFtE5vHFBWqt7L3WQsNQnt0rk6sjWkQUrNphbBJNcZjAKOwIm97ZUdyHMLnFOczIrn_pbHr9DbXCV5CPvfibCrEYP7yVD8_Sgh2pk-Vo8wOAMUQkEmz1S0Jiasx1PHJ75ilaFFnJJ8B7JmvCMjHEcsbHQn2_eLBr-JwvH8cM2GCh3TFuAdaUH-iVPgVRqdxCZJhGWY_1E7io9F4m1KnHIBkOC7RlARjzHGeMca8E8_raCAD0OOn8eg-E8IzcKpUgE4GpEA8G9Qo5DohWHkJJBVj13LZB5Drs2ji4Jsik9DCEBEk2QKUa-NIO-ZtgOXKs_bZb-PXpPDfnM7GxBpZPPA4ggzLArPtX6bRWwhKYE0vTza0CBaNrIFP7SFq3uAGu6DjQQh0HIMMdpXhwj1Fcxp_-iCi8hZKFhPfs3Nitkf89k4C8cvow9jZmZGUUhivBdq4llNYWOnFmBzfEXPsESQKItAufYTZ9FFnBVPoqhM-M9oBoL5G6jpaZ-BJjj-XjPjyjeus1km6Xw55ah3owFWUZz5pJDHUUiKD6laFXLYf4q9mPAHSZVE6MnW_9A-kswRCH8ykepcXZgkSE86TP83mvvnCYNgLJfNl8e2QUNkAQZwF3WKGXQdydMwShO8DVhvXaHT4qfHQeqYnIrD-Qd14XNarHik9vtgQ5DFfs47YXfOEOD72FlCMyv7fqgWAR44jk1JzNBh6Dw7zFBDTJgtqLD-DHFC1MQjKzHfdrbT8xOIHmZcVLD5tqRH6Kw6q2Rqj0YPw9jRTUiN-J_Pl3nZsrI5MBM_2fAVlXDduZta2AO2A7XqJ_zRPVt8fREwsLoAFblq5v5D5z-xT1C3M-s2S4f-6tFC7YfNC_TWqyT4I1sB2x40sYqx-3MnI1RLUvJ56Pjc_8uNBat94XeecXWPnN-JQMpljXHNPRRuSU-YxhuuoPrxeFvNKTq5AJmQN3uLbewlxjV2FXqeJ26GOrhzmDAMEsrVqxRj7ysFy2dF7K4Y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame D743 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWMJr6lqOORXdA-1W7RAEi0RR-MP-Jdtex4uqd2rJ9p3viWb3YOsk_ttdLnAxwLuEZn_3uEr5Cw-GJjcfrIWXyS35F_DQrRGjbJLZ0onM3U1O7ijCs7evs0XtdvqVYMIFxggZnVwDieawGR3WCfjo7Qk2BHYeV4fIIBzJLPqHEZ6mYQWHcOXWYKlpc_R-eqbAgqtyzfUeYnHdhvODyPejh-c521t2Bpqp0CviicP18mIK8mXYslxLHbbIFNauNYsqTgh4XtdHog6L-2DtLX0hGin724MVYJCmft2VbE6zE7IKKhIvjoqLMjOohJ67QmSI01jcpPSffD3tHLj6aXk5p2ABUulEO7yfohtgKaT1wHs-7Gv_lCgHmmzipl5ShYivSAw4lpBC0-gzDQfBQGjFCaCZhochDFd9VkyGqq_JVr2ahok4mbdaFruAwQ49wKmu4F4wlCABACpvUVCryXJJFDO3KwgCvPHPV5H3aCzeqe5H8yVqdlol0tzOy7hfAOf3ACs9HTjnWG37wzqm_ZztAcIc93_lfD0RqXgGRkuSaShwKmTbO40wNSpHlg7W2mVeJ1ypYzTg_wqHOnmSRelOzHLea4L6JTYr23tuTxA5NMYr5X61xKwetECGJ1aDdhEpus3yGLDcEN0sa1owj8lGe_HVLYQlyb549hqRSjKCpy4w9NQVTlvv8rZiVmP-4_lhBg9Jz2BsF32Y9lmQS5z---AhuHw9AsWlKsFwsNPMco4bun9ZbBUDls3rSQb3gC24PeQGq0kD0z2_pceYzkS5ANe0z7MxPbyPLtzyE1PpNkJbMkmg1dLnVFa9Rw9uC-OkQXL8BaYbmk66EBZp4v6wkQZIjTqa8l4VMo7lXccljc9kz4E5SNg3ll-S9WRBkfI1LUc-VxYjLXGVm5GpK60Im0gd5aYYPWUuccq-n_lg-Pavi-3n0pmkbpRPkgOvv7uwUGKG5kzd_cTQhoIQrbNqAsU_stVLnGQFqSniHX1kef-WVoOOBYsHXULTt4Ogd6d4g0XdtxXkO1BkL5sgPQ0P6uWbSrrZ-7zVW59jyix52nBRh2brTaDhn2epZ1NlZpsBtADzu6qyurdxtE9AuU2pvy8PZnsPrFoqJNIB6pIgWbDDnI5ERoA7IdguraxEpTTn5FtGL-3fnQJQ2pSDA-TTK01H1ZUI5NeKmd9VpQhEMaJWWbiqrHPoA6sdMBbew9JIdu4XeADr9NsxarEzXs9K_LkrrC8tkg5MPQauFXOvScu-MPuzvFZvzq5b6RwvG8X2mD4xfQZ0GhqCFfzrxSpCDVpOy2IGtwzYedRTS2xpHifKVHXMJ-Te0fRzmKuDs3IEenDFXbbV7wdwO&sai=AMfl-YS7mv_g8o7G6XeJIEWewImjb657Xhdacw_4oFv5FbzvrkrmL316BQlAVQ9NQY_LPOW1Ryqo32jiy2uvHoRk6k3k3J000zFzuomW2dOhh9SJfbPTFAPU0dyeuDE1CZQGvCg2tMKsVENtj_tcoW8TUdSOivWWzl14mdI2kPc3wOPeJ2RZ6p0agvHYbrWeaiUxyAnYfnmNqWEJ&sig=Cg0ArKJSzK93uykpJh9WEAE&uach_m=%5BUACH%5D&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=211&vt=11&dtpt=210&dett=2&cstd=0&cisv=r20231205.85725&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BYL-6BGL2v3vud28WxJRMK1s82ZpDSBwrYUo12QCSjvWEtpR11HxiHzQsmXL0SYceP6u_cfYwWn4Au1WDPCV5ClS2a2nqCPD67_fpo_n8FDJUjSSN0Yo3VivlEe2rZ6Og-DIo-V0jNFgcx-FK_hHcgs_1R4Ww-OyjKdekTQAj2MYCRzBc&cry=1&dbm_d=AKAmf-A_P0bRAgVtJ6Jku8SjopswrtN1Hq2CqHz1zq-CY2FM9ECN1FlYStz4Y_08yO3p_vIbumqaOQXb6xjex3J2xb5SeVCzR7oYt1GfO1jtOPICvwW6QC_j0lCda30C20JKA9feBPJLawHyO2Kg9gfv_WB6cIISzXSs4va9fxVVZHbiWeVxnBUVc-1ewlr5Bh7hHL21Ysm16tltMM1n2EhU_xFN44FN_qPs4rtPhRxzVOHmnhUQXuDLjv2eu5SRXYtIanWRKEzKNUkcQC0BYdAYtKUxwR1vEp7WmJ-hVUpbpjiwaweVVnIZTG1-A1ppCA-DLDa-1G3tjLRi1wDN0o5a8dCIiEK78omJ_riH4s909makhWFoHcDOiZ5-hle6gJcJxZ0LC66_7cuhz-bqT7uH_CuTjTZ-upn5oy7X_w5zDLXUgTdmrvbT2E8Hd2ZtyhQjzx3OVl6jiForHU42vBEh3Xjw-ODv-MIylQuoChg5CfCannMRU6SQ3nQYNhUQT00Jo-hH6isFl1f3gl9_CW1M8f076D3TfLo0FiIhlw3RddAJkatLj-DWMsFiX-5Ug7twTAPN9ggFNgPGTXhSHFEmrYWp1GGqRV47jzNJeSxKOsTKcmtxuUO5br_tpTY-LOjYbEfUpvbmxs7g9_x4dUJxmgMbSo_aKkMklRDqC8KeJjB3FRi1vPsuTNDUOCsfZ9TSmnvUtZxHzxZg9ixYHdJXJPui-DaKVeKXCenQBGTymKUuubaI8Wfhos-GkesZ8cvRWeYiW9MYJvouKg6Ha2wMrYM-3rPiZKN6e0ts9sZQUcTjhrRhhvTkOovYDuzuDtXd43JCnYgWXR1Eabmps9lcwxxeQXJ2QaBmTAUMTA_u3-WNn37X9goJhjtelZj4vm58y9tKRs7g2StZ3SOgofofGL0LFE5pNtgkfFgBWrSmpic8wTenhCF6G6fqK3Xb1PVBSQ3fDpwIdMP06PLyBNeiHdea32H2f8aPRuWsaCexPFyeft0xIaT3S9jveQ9fIhtOeut1GtN6_mEaxFvSvLSIdtUqlCte1IVv6oCMAwI6d27-NlIwNv0THeKzVfaXdXDVtiEIdfnkW2SXTdJLplgLAUHONrYECTFiOpLGNA8pgJ_1MJNJVOMoVjBggqBC09NVHcm_uI0OsX7_vWfEwYP96Sv1UocFz_FfZKp_LmKUOz-ST2zI0WVgG6f5vPLRkvyaZtWRjDVbDUv5NXVW38HDSrs52x38e6--XvMwR4jIL9AURzo5u0C6BF2R7FH7jjTTf3DxsKS11Fn_0SsMS7ZZBZsqfg-MtTKfYsfIxvcLROXHkn3j_1arTN-50z5jUPW_KPYOcYxSmj8Y7f_rbglt_Z6sdDrMIbvhH7FcWzdzWXySCduWZCPuyP_ErJUFG12IS8Jpgb-Nr-LAERRKKcw3O6Dog7CcnkmW45N6Givy4B_tUgKdx6270i276bE72Dl9Eiv-YYnBiudjXOMeCPD2Wn0bE1HWrsTqqCDQ0WTylIEE0kQf3zRCYnZa3-YyvYL-DXxCA4dda_pYF7Jaydj9Cb3zxw9nwlCIZ-O3L6j7W3XJNgUiKaJS24CQcQsxXJiQ8WAp53_hpxqTBjDyTwdOdIKrrxSQmPQcG4SiuM5POmXoL_69s2BrTHS3eafYquvaQUjM4FCFdJEwmfZ6rmOqfJuD61bxOMBaiVJfifUg4KccJXrXJrP0MdV7-B7LG-BENF6T4419Y9q7nsK_iNUYrbnvmPJ-qS7FVe4oR-5tafoQ39Hz2ourFG6n3q4nWs5HtYElcLWZ5u_ooBy9ZYQChXKwe7wgLfEo8ZTuV8ILL4oL0tV7Y--SWOROosa4tpH4bAFEP169tkAHumJzNtLVuEnYC4US7R-66vfEnbnEctfNvDYhB3sPZp_0J2agDgRXHTi045_HbktFCG0seGyljvuZ1JzCpB53ER9YBs9gKweJ5wqpVXLscEhbJQbwlK4deL3toAgs8FWpfzQrCMdZOQEzUr-h0C4N7QaaH5AANPiKchuDgsaRlfR1PqVDpg1xkEDhpe-A9CDcTliCQNRN1kuUwrAgGJPHq8AvOt6atFyjfamkiVeTC4VztHJcML0-CAOguMBWSoFb75LI0hwtHRt2ESECmkhPAFkp8z3ZchA1SbXsB295X7-J8FD1WN2ic5noO5L6YvOLX21YimYpl7AZG9aNVaTqRIwKzPpc-jSb6pu8ep3wASaK6kZ6MsceM7U3gx2x6NwFCkhbA8bFPse1GE1g5Xp2cu_-SP4N7eCtF_l7rrNE2L3-XdF7m4zzTLad8viU3YVq6EvADc1tN9jdgVrGGefnw_ElvU7peq9uFBaHJ784lT-aXJCwcm1d9FJp1Q7HMcZYEh3BnulC-XBf7HX_NgAxv4883JILh2jEeLjCme8X8TgS-eQedNchydSLx_CHriTWVVvl7Ac6lchmFSafdBbbQ751VwrU4RBBqDzfIdFDMK0NXLWO8u2GvN_k3WW4ww5zQdfF72may3rcTsK25035TZMbuiPg8AfvV_bsc5hoCUsZ1-4N9MiZJbgxk9CNc-IRwadj5_KWtT-HGm_EmmQ9xy5Uv7VXXVL6drxNax1XUgAn-tOpr_FMeBrs2xTTnybazezNIQ-UecTA84u1gzwuvcMmVinDI3550PSok-THqBxYI-T-TMFY3HY4c1FfFEbNxRvPe9rZ_w7wvaeVc1YUqTbfjxr3kpAV5AWYJlilz-naM3_b5TRhCaMAo3Bnfcn86qHFAEBXT-PilrJNaGgqVwV7iUTiRUG2D3Rop5LV8pPl7ogYtJmOLuKD0GoKN_tb78F4xf4HmUImfibx2R5tmSi2-b8jqtQWXqmoKfZ2erdzHOXeUZAltPKkItG5BesfJSZ67qgY1Z1IYoOLx6EbY2h2VK3qkEGvZIrBUVMsmECDU1DySX79GZLKTgp3jEmXIXv4szWBdJUbtMTVR1A4VppFTB6fFbD0PNSbg7_TZCnvgj9IjHnvL8BmoTEEbcFLZQHXIR75-Q7Hs3SytU9zSm2QsfL0ygnqJ3MWvM-9nWpVS_SvmeY4289CE2Wz_rI1kMc3ZfM5_b0-wxjtu6-7ZVzXBD40zv54HBFwWUQzXAK7CA7KRhOqPA8jh_QWsyG8SydOT3d6rtyl3Eb1WHPqexnABXtHZPm0N1YdTP-GgvN-zTz66tGqxrkXuDBVNV9XZfFbbRifG6hoBQ_uVv2-fBIGuK8rGZdowO-e3OEIoG0YZIQV326yWUBQfB4ohwTZWjeg4a-mHIecku3QEW3MZEI5OJTQ8wLns_S0AFNL4N8D3xmc-pvPyZtyRcyWuRTH-kocsENOVSf10Bjohaq_s-ZlSXIrA8HzVxU7zm0Qikk_StkNwtsMQcFzkwPaSpgMbps8i8_RxCGdHAAhNCCiIF_eDNECkEwfE5miyxOHSOhCSznEPQdGzB7z7OJvCPuYdE8nrorixWlSUGDj7iSJN9BxYF6uXu3TrqPXKT5dbcT7RIjR_Q5bugwJ27hRsRE_-rWGMajbAK2EvQuXVYD1bsPvxxtHbqwAwCHHOyR5aLH4BX0MWAPvMOteY7SdQhsm6FDYMFVY2Tfq0pV6OuWCXlUrWSFTmsRWefIs4YZ-p1bNb35rF3kvMCsZQgy8Pu4ofwRi64LhyRm9cw0VVrvjJDZs45YAZat9ysaSYWiHqGWLoKbMRfDa_S86SgTC09JU4ZKPudiiaokgIMn_8sMIpyvWr_Nv0aPEHzQzQowK_TTxrzDzzABw_5Pl3L4Nct0NZQkXddO7Ht2_ucjxgEiF3iqR1F5F9NUWvgqEuKAVyWdUz3hWNAu30rKZLIrKTNvi8tj26KS8bGgZ1MXaiNdeLulDR9ZfsJBC5OUiLS57nfRSz_xXfyXZdRmzB8tw3Ax6H3rIf9w5a3hSKwxXplI-BuoAEcyFJNpFSZ0YwMYC0pPsSpyBWi1cQGY9hsBlOJ_IFG5wHLkzu_3qps-9d0oP78OMdYd6v0sOQ37_5dE&cid=CAQSKQDICaaNjQ5i8ZYuacxrqLiq-J3PTQ6Jtf11Qo0bGM3Wgy-3nIaVSX3BGAE&dv3_ver=m202309260101&rfl=https%3A%2F%2Fwww.bg3.co&ds=l&xdt=1&iif=1&cor=16747101214159362000&adk=224573081&idt=144&cac=0&dtd=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
video6.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		366 KB
367 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video6.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-659
cdn-cachedat
07/19/2023 19:53:43
cdn-pullzone
829957
content-length
374496
last-modified
Wed, 19 Jul 2023 15:09:11 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
633
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
6e8fb6aaa8a72cb00fa2be62fedc6e25
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		374 KB
375 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video7.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:04 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-588
cdn-cachedat
10/31/2023 18:58:42
cdn-pullzone
829957
content-length
382956
last-modified
Fri, 09 Dec 2022 05:43:15 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
492
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
b2edd3d1cd8c2c38f394a6854a20381f
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame C5D3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231205&jk=715422507190966&bg=!RkWlRQrNAAY3kmNgF5I7ADQBe5WfON0j25IrxuZIunb9hDJhyLPG1m2nYqhAdU8GaDr3Hq-Hq1Ol9n6aANNhLGjG46YwAgAAADVSAAAAAWgBB5kDD4w1BMUyFYF9TLHwTFoPXdwHbP_cGMA-5KWkW4ZI1h2Zfu6zZo1Ih2Mr9XYmG8NAhGTBlLMuRaq0dUmwNMMC3xGeslyjHi0VYsSv26H-Idqq4fFVpHq4ZwfnybPX7nzvkMqZG3uuhKsJfvwgVuTWhtRpswgvDqu29kvRELhXI7ixxfiqlnf04mZisqX-ORkReCQTb5g779aM7DmLdx2YtMGANllzjIji0IMLmlo6kTCAM03TrS4yRzauhA6fDFegqdjC4pYOb10MPjuTkW_BREqV8K0K4wCCl3lZrnt4ifh1-bvhJEbSmF5ywGW5T11-InDHJ0yYOihb0uw4teBCEfQ_6yuRjxDVPSmPPZT3L4FPomrcH1-X2naKtLszrIYQJc11MPkWNDLGAS6RMQ9tqiCzNxlhvV5lkrJmm6SaGPysACTguFxE58BDsTXo0W3OuZESgFJMA9MUvMTUtG2o8M0onTCIf4cWbLEfE2gR8SaGI5tVW7FCOT74lAf5IgUIw_yMvKa738VdXiWxuhKCiskEwGNCl2ODnIn3fnDigfEVnrFe0i2z7ZhnXMjmjcNHwLb1K_T5e5uZ0tbckGmK5WMu0Tx7cEFzFHZNErtdJIGPn385JZyVly3TFRCw_uf21jnTLzWwE7ru_Ow8JVNKq6T4eS-_XtvPvUBi52XpeRgGSvshdMUnLjBMW5cOKgm9VWfQGbURYoHCstuP9r7xx5w-J4K2icEDD6i5Mqm-wrSZ58JajTIrA3YhDpkYHOvDtiSm6hEPxKB3g5kDx1AQjkno07aIJ6kD7NXF9KwdhkGM4UW_mYaQgY-z2VxPgI3A9A4ZPxIp7Cb_z4xwPecm75VpPxpLWoTwhfqmRk7kFtFRxieAdf6lQCdh4Oabao9Vso9yRvRXzRwF1QUPTrqvicc9Oz5XJp3hMtWmlYpnsu0XS33DvO-YcHokLoZwJVeri2ednLTnOTHERbF33bNE93BFEDjPweU4KxX5k9oiEsYAEV3Il9rUimyJuk3ocMSINaLeAvY9j4dQYhkf7b8Hjw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame BDFF 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5FvtRKxxZdzmGIWRgAens7z4BQAAAAA4AeAEAg&bg=!ra6lruHNAAY3kmNgF5I7ADQBe5WfOPopK-iZ3pD9326V82WLxzKdtxNLEEtDktMoPp2pGqwUrsJ7nUzqhdbM8S5lDZUnAgAAADpSAAAAAWgBB5kDPFOMTKZC8b8kya82R_1rgWZoH1g_KqpeL-TwDuz66tgfJu_5wNUCYBtHbFl_PvL8UAHKNWo6_kzmv03bbp-kmHo3rq4_fXbf0yMLDOEGQg8KnRDK5qcDFtJvYOz4hlTBaIN9iOrMYSlOvJ-5bWv3Yi5PiDogNvHIbbaLtShIW_J46jrdz67CPNyPAK6nknxRLCVoD9kBcIxJ7V6ufUhOe7g-KEBeln7R6_NzpVdotwtoRtREV3hBJXj3KoIuMKGYguPuq6976-usGdnjfQl3RCoMbqNocE2PYXJv7hR5VHwRpolrnrU9opzlNqCLieMfc5yeMd90ii6Sl9MbxPKiOyRdP4-QAC5mzZxGsXvAzsAxqoiVEbALQK_dI2_9aLM0j_Wa1usW6BAAyKd1szx8PCE2mklsHk79J_jP_4AreXIedPr2TF2ftdYHUC01pjzZgcBZm4ulKJjAalALDCAnQ3jU7uvFoUhflrYmGIBlj4oPgl3cNGzF8pIEtxmec0qbWygam38t1iIRZwd3WBWC1huo12XRuUrQCL2ZU5nzAWQdwRre8zmUX2nU6cC0jell0kH54qH5noQiCn0kQDIz_UUQqUG5iILO9VdHfFSUg0Gjq9wJ7AZ4-RhZ7PbEUoOuRUbVDqCt7N0sKRAofpeAhRjHm8GHmM93yceJKQ_yCmVs-D-h7HliRFU7Jq4Vc5DlvuXePLbZzQgKPLFHoEdqdRso08yxque59uBDgojK8V7HpD6QXdC2MU9R5am8wjs-4GW_k97NNUe72okdp3MxSkV2NdAqBODhIO-YQNH01qQCD88zcTMhRnzolbk9xbKIXdvv3qjtf_w5scBI_zRs8FxXosgwbvT4bqnnniYi7DP9lJi40u-YI0pIgGbeyP6DkJVke9TZIPOoSFyJZsJv51PmPotMvRky1yJz0yAqRNIpKbJv_qvWUAUuxm44vsMbiY9zdb1pHXAdtfwO_4YDQyNRc_HHDUQ4Fp8DHHbe-avOuoCdEnmCQttg8utOxLa3a9P9-JXR2eg3EQGcyioiIm7DRZYjZK-wpHp12OOg_HAbCV-OyD-ANwIe3ev38UcUj8CojttVl6-1MV76XQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D743 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=137281674735&version=m202309260101&ct=2&x=1&cor=16747101214159362000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video8.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		330 KB
331 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video8.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:05 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-165
cdn-cachedat
10/31/2023 18:51:10
cdn-pullzone
829957
content-length
338212
last-modified
Fri, 09 Dec 2022 05:43:16 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
494
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9460bc914edc2a4ae3d85103c8a971c5
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame 92EB 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=KV1%3D0.90%26max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&vpa=auto&vpmute=0&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=7A908C7F-5513-4431-A8B6-4AC8864A2E63&nel=0&eid=44772139%2C44777649%2C44781409%2C44803783%2C44804291%2C44804613&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dlt=1701948481666&idt=2675&dt=1701948485864&cookie_enabled=1&correlator=3017923026375591&scor=2181764385703009&ged=ve4_td4_tt2_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:06 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1701948486128&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1580&pt=-87615671&tz=60&viewable=true&ddast=V8h94CLAZkOUvfflm-CxDIcpa-_bJ8FygAAABgYID-AAkOl5PlzGFbawaTyVq0mQzXEuNos1ZuXMOFZbRxTmwbIyDB4XKynDlsa81gMlmLNpPhWmIcbdbKjWu4sIw2zoltYwUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZ6aDodPte9Xvf73SU-z1zj9yv8YpfTrXm5xU67W_R0uYVPu1voetjdiqfdrXa6pUeH3y1yuHV-u8-tdTjdmqPL7lY73WqX0y132N2ao8vulrnsbsHrrXM97D63xujwu8VOh93nlrzsdqHpbbYDAAAAgAf_____EAAAAAAiAAAAAEgAAAAAoBBQ4d-CwAUAAAAADP____8aAKA4GNzL6XZY_gEAAAAABAAAAAAJAAT0wxIAMcZ7J_7_________YwzQZ97I-P___79h0APgwQfAgxAAAICPIcAw2yZuaoMjRAoYizACAAAAEAyCH39kkk5Qsajy___fbwXgCgBAACMRgvhpFt1BibcwAAAAAmMW6GHx-80Ou8bvdpn_________fzP_Z_7RCA2h2KcJaoAjVfMLCACw5hcQAICNugEAeCMAJ-gQtGIwWJ2AmB0AAACAO_____96QMa53I0sM4tvubA4R8uNZbjYjFy-kWG4mQxWs-H2-Aht1ZfZ2N732RCW2e87KCinp8fsMshYLpNBfNAwLCeDYH4mbDFaTSab5XC2XEwGw9FwNNqfgZgMBmgiBsvlZLKY7Faj1Wgz3I1mgwUSiMEEUbRoMFmNRpPFZLgaTVaz5WK32yCKVq1mo81guJpNZrvdajgYLkcjNGGL0Woy2SyHs-ViMhiOhqPREMHEaGWy2Wwrt8YzG7lFE4dpLbHMVmuZY-ZYWEwmy8zhW4teH9PHNvEsNpYtEgz424vkaZFOZIuFbTYz7WYb08q2GM1Gi4XJNxxuXMaFZ-PwTCZiieZkkU5kl33HudyNLDOLb7mwOEfLjWW42IxcvpFhuJkMVrPhvjFamWw228qt8cxGbtHEYVpLLLPVWuaYORYWk8kyc_jWotfH9LFNPIuNZd_YDRbL0XA0nOwbu8FiORqOhpN9h87wXX3ORmVZJfn4hBLfNmKxOQ0Kl8Hi_UlMi2l3dvCcfUenzyVOFnVGv9_v9_v9fr_f7zdoPQezQeGbrjVX4-ZZfTZPIsfBoIglgot0IniY3Q7Tyy3xeTZ-i1iiNF2kE73CL3Y53ZqXW-y0u0VPl1v4tLuFrofdrXja3WqnW3p0-N0ih1vnt_vcWofTrTm67G610612Od1yh92tObrsbpnL7ha83jrXw-5za4wOv1vsdNh9bsnLbhea3maLWCI4XaQT0ct4uqj_yCGWm7lmMpeMhnPJaLFKAAAAAAAAAACWYJrpJgAAAABOBjXcDBerdTqYyWwy2K2WC-AiKEsXMAgAAAAAAECxxh5rgIfZ7TC93BKfZ-O3MgAJ5jxmm31GEGu1WtYAAAAEsAEAAARw0403AeFV3P____84AAAAMnLoAQAA0O8DugIfvVboieNXEJvZZLJ_ACrEWq1WtxtrtVoBC2i2mMwm8P___x8!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.6.3/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8a3e4d093a76331483f851bf9a38a8dfe94f76574210f38171001f46e0b007a7

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Thu, 07 Dec 2023 11:28:06 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1481
x-cache
MISS
x-served-by
cache-fra-eddf8230105-FRA
pragma
no-cache
server
nginx
x-timer
S1701948486.142769,VS0,VE45
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame 92EB 		0
225 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lpv46n6v&c=6937026438662&slotId=3468513219331&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:06 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 92EB 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=KV1%3D1.25%26max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&vpa=auto&vpmute=0&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=7A908C7F-5513-4431-A8B6-4AC8864A2E63&nel=0&eid=44772139%2C44777649%2C44781409%2C44803783%2C44804291%2C44804613&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dlt=1701948481666&idt=2675&dt=1701948487091&cookie_enabled=1&correlator=3994772825140909&scor=1934339156696629&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:07 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 92EB 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lpv46orz&c=6937026438662&slotId=3468513219331&ghmsh_eids=44772139%2C44777649%2C44781409%2C44803783%2C44804291%2C44804613
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:07 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video9.ts
stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/ 		339 KB
340 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/25acc3a8-9b3c-41a6-92f3-216becb358f6/640x360/video9.ts
Requested by
Host: vjs.zencdn.net
URL: https://vjs.zencdn.net/7.11.4/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1078:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1078 /
Resource Hash
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:07 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-662
cdn-cachedat
10/31/2023 18:59:54
cdn-pullzone
829957
content-length
347236
last-modified
Fri, 09 Dec 2022 05:43:17 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
275
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
584433bed22572621e7b6c26b203de2b
accept-ranges
bytes
cdn-requestcountrycode
SE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame 92EB 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&sz=1x1%7C320x180%7C320x240%7C400x225%7C400x300%7C640x360%7C640x480&vad_type=linear&tfcd=0&npa=0&gdfp_req=1&unviewed_position_start=1&vpos=preroll&output=xml_vast4&adsafe=medium&ad_type=audio_video&env=instream&cust_params=KV1%3D0.90%26max_ad_duration%3D900&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&vpa=auto&vpmute=0&sdkv=h.3.607.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=98635085&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.607.0&sid=7A908C7F-5513-4431-A8B6-4AC8864A2E63&nel=0&eid=44772139%2C44777649%2C44781409%2C44803783%2C44804291%2C44804613&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dlt=1701948481666&idt=2675&dt=1701948488066&cookie_enabled=1&correlator=4502241322414754&scor=377222012719369&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.607.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 11:28:08 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3bt0v886690812&_p=1701948481686&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1249414168.1701948482&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1701948483&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Flei-se-lin-tie-xin-huan-qin-mi-zhao-da-gong-kai-shen-mi-mei-nan-shen-fen-pu-guang-chao-liang-ren.html&dt=%E9%9B%B7%E7%91%9F%E7%90%B3%E8%B2%BC%E6%96%B0%E6%AD%A1%E8%A6%AA%E5%AF%86%E7%85%A7%E5%A4%A7%E5%85%AC%E9%96%8B%E3%80%80%E7%A5%9E%E7%A7%98%E7%BE%8E%E7%94%B7%E8%BA%AB%E5%88%86%E6%9B%9D%E5%85%89%E8%B6%85%E9%A9%9A%E4%BA%BA%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4&tfd=9229
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 07 Dec 2023 11:28:08 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c899498398e2060b5e86c6117b34175f.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c7b9c4dfbb28aa640c427603e6918eb3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/2ca5425e0e5a1516abaf670b598bbc94.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202201/60747b96e5d219b04c67757cc85e2165.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2cd7d2599ab52e72fb88ae114d575a38.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/cb93003ab7eab79f6a7d2d14427211b1.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f7fd9b4d69820145a4988dfe74a0b108.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/51ef860881784f56d2675dcde176c599.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/3abfa2ab5f6e1546cd93c27452a586ab.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/320735647021d92cf748e9cdc7af7962.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f39b66fc163a1717f0581d57bc53da0d.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/fb173b0c8c4522fe26c6712dd1c8fb06.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/d2fdb66a5f5aebc82e163bd77c82920d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202011/0bf3f31da57139e4e15e8ca9b04a41db.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/889a73b11d832acb24007d797af89734.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202204/81f172231d23061c303ca84471900487.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e4b643bcc6d2b407ca965ccdcc5602c0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/37b5726bfc8063ce62809829e276cb23.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/54988f685da5627d582bf504053dda97.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/baa812f06020ec5cfc42c48f8540a72f.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/e792ff870b086ef58c31b0576128e52c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/b64d632222dd27177083017f1e7063e0.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/4cd46bc0924034fe192d422b9c3a0483.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/9f4f24a2ef7077fd3bb00e088598837a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202110/3f9a2fdf9c25023f59d1b3973f9ba8e4.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

206 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| unibots function| _statcounter object| adRecover function| _typeof object| TRC object| _tblConsole undefined| msg object| regeneratorRuntime object| totm object| mvPlayer boolean| UBP_DEBUG function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| runCMD function| unibotsLog function| geoAPI function| insertRequriredJsToDom function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| fetchJsonData_new function| scritpTestLevel function| switchScript function| unibotsPlayer function| initMVPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs function| setImmediate function| clearImmediate function| $ undefined| jQuery function| jqAlias object| AMP string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| googlefc function| __d3lUW8vwsKlB__ function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| ggeac object| google_tag_data object| google_js_reporting_queue object| google_tag_manager function| onYouTubeIframeAPIReady object| gaGlobal object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| quantserve function| __qc object| ezt object| _qoptions function| __an6na521li18__ object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| ucf object| request string| paramsString undefined| google_measure_js_timing string| nam object| placementData string| geoData function| checkFrameandInitStartFun function| processData object| cmTag object| _cm_wfCounters string| lastWfUrl function| Zepto object| Backbone function| startCMTagMain string| category boolean| noPreviewPage function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer string| key object| defaultKv object| ubp_pbjsChunk object| ubp_pbjs object| _ubp_pbjsGlobals object| google_reactive_ads_global_state function| io function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| clientJsFunction object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| _google_rum_ns_ object| google_persistent_state_async function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| vttjs function| WebVTT function| videojs function| videojsContribAds function| videojsPlaylist object| $jscomp object| canAutoplay function| videojsIma function| isValidVideo string| myPlayerGabywa object| oldScript object| attr object| closure_lm_790120 object| closure_lm_41297 function| prepareAdRequest object| kvData number| kvNum

26 Cookies

Domain/Path Name / Value
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1701948482.3635212E01C44FD947184F54F03F4F1D.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1701948481.0
.statcounter.com/ Name: is_visitor_unique
Value: 170194848129727697
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1701948482.1.0.1701948482.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1249414168.1701948482
.quantserve.com/ Name: mc
Value: 6571ac42-6a8f2-966df-fe531
.bg3.co/ Name: __qca
Value: P0-1067724972-1701948482183
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D14edff6e-c36d-4ba4-b265-f1f1abdd2fa7-tuctc6b31c2
.aralego.com/ Name: sspid
Value: b74c1b25-d095-3043-b7cd-5836cbf208f7
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1701948483.1.0.1701948483.0.0.0
.doubleclick.net/ Name: IDE
Value: AHWqTUkop50lqyS4tKbfBLdjuMMENjl-5V5eOR9KZ9r7AkZ_yeTyR9jCAhQ2d_4sVkQ
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1701948484.1.0.1701948484.0.0.0
.doubleclick.net/ Name: APC
Value: AfxxVi6vNC1EyL3rzQLRSYMR8R9NdjCXsF3tlcJ_vQD4-ZRVPBEuag
.adnxs.com/ Name: uuid2
Value: 604155278922328148
.casalemedia.com/ Name: CMID
Value: ZXGsRHUaAKAmABPwGGFHSwAA
.casalemedia.com/ Name: CMPS
Value: 2146
.casalemedia.com/ Name: CMPRO
Value: 2146
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2Hb7_4l?C!1yIE`fS1ueD1W-044)d+]Ue.)La:]pIdEPnK6.zTCjp:q7XTY2=)`n_16^)%nugO%v4VB%nm4A*#60d
.simpli.fi/ Name: suid
Value: 981931392E3549CE87AD85509792CEA3
pixel.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.turn.com/ Name: uid
Value: 2965963367496874143
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 3181161991941618677
.tribalfusion.com/ Name: ANON_ID
Value: aYnt6ZayKalHobWm8ZaCyPqbpDLmaZdeC6KIIC6Ih52Uk3VbGZbrVOVtBWUOe415kHsxLSeXos2yFOrqQgMrMGdai2BBA79k

28 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202310/320735647021d92cf748e9cdc7af7962.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/51ef860881784f56d2675dcde176c599.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c899498398e2060b5e86c6117b34175f.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202201/60747b96e5d219b04c67757cc85e2165.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/cb93003ab7eab79f6a7d2d14427211b1.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/3abfa2ab5f6e1546cd93c27452a586ab.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2cd7d2599ab52e72fb88ae114d575a38.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c7b9c4dfbb28aa640c427603e6918eb3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/2ca5425e0e5a1516abaf670b598bbc94.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f7fd9b4d69820145a4988dfe74a0b108.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f39b66fc163a1717f0581d57bc53da0d.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/fb173b0c8c4522fe26c6712dd1c8fb06.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/889a73b11d832acb24007d797af89734.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/37b5726bfc8063ce62809829e276cb23.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/d2fdb66a5f5aebc82e163bd77c82920d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202204/81f172231d23061c303ca84471900487.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/baa812f06020ec5cfc42c48f8540a72f.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202011/0bf3f31da57139e4e15e8ca9b04a41db.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/54988f685da5627d582bf504053dda97.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/b64d632222dd27177083017f1e7063e0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e4b643bcc6d2b407ca965ccdcc5602c0.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/e792ff870b086ef58c31b0576128e52c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/4cd46bc0924034fe192d422b9c3a0483.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202110/3f9a2fdf9c25023f59d1b3973f9ba8e4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/9f4f24a2ef7077fd3bb00e088598837a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2EvbGVpLXNlLWxpbi10aWUteGluLWh1YW4tcWluLW1pLXpoYW8tZGEtZ29uZy1rYWktc2hlbi1taS1tZWktbmFuLXNoZW4tZmVuLXB1LWd1YW5nLWNoYW8tbGlhbmctcmVuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 502)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

28e8770d45dcec521e5fc752e7909cdc.safeframe.googlesyndication.com
a.tribalfusion.com
ad.turn.com
ads.aralego.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
c.statcounter.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.socket.io
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
delivery.adrecover.com
dis.criteo.com
dsum-sec.casalemedia.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
ib.adnxs.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
match.adsrvr.org
pagead2.googlesyndication.com
pips.taboola.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pro.ip-api.com
pubads.g.doubleclick.net
r.turn.com
region1.google-analytics.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
socket.unibots.in
static.bg3.co
stream.unibotscdn.com
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
um.simpli.fi
unibots.b-cdn.net
vidstat.taboola.com
vidstatb.taboola.com
vjs.zencdn.net
wf.taboola.com
www.bg3.co
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.statcounter.com
x.bidswitch.net
static.bg3.co
103.231.174.251
104.20.218.77
138.199.37.230
141.226.224.32
141.226.228.48
142.250.186.162
142.250.186.34
151.101.1.44
151.101.193.44
152.199.21.70
172.104.206.52
172.64.151.101
178.250.1.9
192.96.203.13
198.47.127.19
2.19.217.60
2001:4860:4802:32::3
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
23.56.202.187
23.97.225.52
2400:52e0:1e00::1076:1
2400:52e0:1e00::1078:1
2600:1f18:24e6:b901:1c22:376c:9c1e:cbbf
2600:9000:20c3:5600:6:44e3:f8c0:93a1
2606:4700:20::681a:567
2606:4700::6812:18ad
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2a00:1450:4001:802::2001
2a00:1450:4001:803::2006
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:831::200a
2a02:2638:3::c
2a04:4e42:400::649
2a04:4e42:400::729
2a05:d018:d29:3602:8b08:3c9:f238:ee96
3.69.104.214
35.204.158.49
35.71.131.137
37.157.5.132
37.252.171.53
51.77.64.70
65.9.66.13
69.173.144.139
69.173.144.165
01d4c3ccea2211c04bca818254ce5a28b9c6636f601e23bf864cc61b384f6fbf
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
042194c884380bb27b6e8ec85ba0a5aa16d765ee0d7e5ff8944d807b75335864
048f6186f9062224ea85ba9e7e317bc37ae88c6986d70cd756c9eae5011f7c01
09bd67f19e799d937ea065af8e2e7277a8795edfd6f0b46ee6b0b0e06d6dffbb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
121fc05f3f094c5af2e989217ebbb1db4b4dfdb7a372affb474ac428e5f1ce53
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
140d483675703e479c78ee0110eb1966a9e33b14ab5a14013cb4c6181c49b91c
14ccc74038da321fa39f6b52cf20926a47da82650f7cb70f5e780a0e8f685860
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18a36a927dac54650b18b903f8f8778219e02e13946e581d9b3e1e4995f7435b
19c46df00818390e391ce09604881b892727e68b77bae009bb71fc24f4802024
1a5518ffcb64618cb89fa266df36e6a86240dd1abd52c38e3d8e5537c2182279
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c5f7d626e95ded296e75bc21b211086d756ca0dcc7ecf10884a5d4efbde29d4
1deac4068c4fe8f2d9bc02c029820f15ab20ca95bd817972e319bbe9db6fae9a
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
2139fcb6d5586442247ed31ab4133bfa6395b51ff5765df3f7cebf86ac809048
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2916e02cc3e622dfe51c43aa0745d0729613cbf643d408e02b37ffb8a276467e
29c9755af42608e78009e55806e14992b5db70479ff447ff5eef196ef05e17ca
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2ef23db53e1e6caf7c5c6267c699dd9fd24be604dc31aeab20deb265f7c3ea4c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
38eb0379c855f10a0e69073af6b54582216fa37b7e2b1563a1246bbf1ef49642
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
40573cccd1d970200105c52a3a1b06e3600e6117c3251d1bd43724023c2a27e1
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4566667750e0f69a6e00802b4c1e70eeb7f673be8f98ffff189a652c4dbad2fc
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46cd716f62f8a5537ddfb2c981c6ebf743d6a2ced5ebc27b63c27cf19eabcc33
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e720c484e9d70120a25dcf437b14c5d3a718f1af17c5279fc7ca15823ffed6d
4ed3c3e771a6031600a553e6fdf1856b0e8fb6a1c5d8f792b71284a209dd4aef
504862f7e737d0070168f9e7167f8c028beace904cabfd95e0d4c5105977bacc
505c9ad2483b459fcd8a0f4301cf50d5afc2022a2b940b33d56a225edb0d2e1f
50c3f6649b2781350af86249ea37a46996fd268915ef7aabbd91287abe0b7631
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
607405779fb9f1336fb0a4d3561d65bcf2b10137ffd2c75269b01889bf285a08
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6124ddbc7df84e85aa43612cba88bec643f514127f1c2274f0e7f9a3d6c8dad9
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62f8f89c7c10c6596923356a3930aef6d37520840d11fc7adcb8e41fcb739232
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
645c58677e2bfe285d26f92ad76260b7e17c1099970fb4833dd338230ddb2a64
6487ab919b7911e7b005fb51335490be3133479d0aed1ea9c5284c374e57098d
659df049e5bcdc230c8e13869429e2dd8a3c97788c45684ea024aff5a383c1fe
667846557084f59038ebc398e05ef3b6c83913b3c8490150a7a9474e97f1631b
67a8d6f899274e3ea88ec905d14f1fc148ce3ad49e0b598a345d646688463617
68a6977422a9081659de2e11bcd5e291a51e81fa3ba4c617def83a54e1106bde
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6f2372883748dc5dbdee04ea6b4014dd300e0b70e6154978b00bd74c47a06d46
712bf11a3755c81fa1ce57249e7a61f6845b843b84aea09889a11478515234ca
75726dfa52798862c8c0420b0642670dc1be293d293bbb8355154164cd6af7e5
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7740b9b85025fba77d743a80962ddd88d4100656d23e71ab43638c62a2d8b136
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
7aa95df1ffc63e213d6db88e7dcc4b7eff7cad0a0687ddedebbbfa4ef7be8952
7c1c70a2fff8d54c82ea6d756adb2ad3d870939ee42ccd0c7dafe43a55a867c2
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
81febe044b6c003d2c2b6ee8c098eed79383edf065492ca00126e58077236a8f
82e391d39f1c437bc413f36e77095e55da52222f33564f8c87da8bc9343f3e16
838d9a1a5d61f0848947207dd5d35761f92c39f57f192ca7091cee62c84e7b54
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
861ae6f08f62136db7ddef4c60f7cdf118c2b2b174d3eb6ad537420a2a39a51f
8a3e4d093a76331483f851bf9a38a8dfe94f76574210f38171001f46e0b007a7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8da15869533413a8810952099d847cabad8a0e58e5d62199bb429789560fb4ef
8feade9aeef34fe3003262b880b4421eb32d8733b3e29dac9bbc758452062fe6
90e32b86171ab7a7b9d2f1568ed7f87c42172c6d934f457234533f53c015dd8d
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c2ebabdf68779970e282735240edc1418cda1c73fe35313e516fd565e81875e
9c5bda3072bb2d244e165935c6511820c734392e95d75cc0b04469d2a4250ab6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a160560ab8733442dbd899a704a6cb4c3d7c06ff944e145c65894974ef173cdb
a2821073fd21440666ef21d5a132265293c02cedc9f160cab788d8ff141048ee
a2b60c0eb81488176b3d870011e44e8464248c90afe2ef3d321cb4f5e8a953df
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
aa7c1276f417b6409b5a96ad98272c276421b816c86954a30511f6c4fd9c7156
ab2bdee249dc6f9a8858d65ec384ef177257e47f2b5d784e9c1caf4d82fa11f2
aef6753e6cccb6e8095dddf52de214913e8cf435fb8e9e328e141500d420604d
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2d079f33766b9e482e2affec4a226324a73bb0299fe0d7f81fcc9f27cf5adfc
b592f5eed8ec86ee327080e89bbc6c151e4027664e5b65a669b8be202a0be895
b7ecc88d37cd9e494d4f56d3b4e6170434f77bd7bf23190acb14e7c63448488e
bb3425609fb2c78af58dbfde65510a0a00db4cfb748e86cc3dee4d5da06e498c
bb60fd301cb681ec6625d150b740b728811c608f8d910ec61c87a7ab24eeec72
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c1986f81b3342c60bfd10d9b0c77af2a7b855679cfaba546f4f2891798470b53
c29f71b69ffa3f8a4b56a70acc44d298f84a7ce3a366a5c1d288cb532344a766
c37321d2ce3b43bd0e279ad4754f93075302f143ee476208ff103f23bfc7b5ed
ca02d1a91f43d6b8c5d8d127d04e95afb736ae1779577bde0a6f0641cc4f4893
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
cde5a918a885932bb72c4b4e07bd23ffd0322033893c35ec2060ac6dfbd97aa3
cf49b68cf6858f56625b6fac92e099832ff15ec3e7b76f39443f34900a26a2c9
d08a451eb43b74cc8d7cf7b4f58354d998bf8581cb998ecc185115b8f5fc851f
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d301793f9d9b3f3d1cdf530c5a1b98e1340eae0319e105465762221048167496
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d3ba2dd793163976ed8cbf58f14969a54c0199786ffd4106e7305265dfbbf786
d644b5151c2d9a2694245d884db8712add684c01b8537e53347b3fc07fdf6da4
d9560c5e850f35c072e4cdbe92cc1beae698fa2208783847f60dd15578631264
dd0112737f71e1e0a2d5a65863c2e12abb0495d8f8a0ca522823bebb0ca27e5d
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de223650abbba43f777d92c8c430f1dc0705e3ab697ca14534c708206ebc7d5f
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0cfee6f1e9277dba42dff6aaa6c7199042f843c3525ac4dcdeaceb2d4a8abe5
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e871401740a67d7da6d57de355de7b4dae0f855d45db154fc3de1187fda64559
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f0e9612b18833318e084d02afbaa380a2a29b5b8146b2b2e63de2674dc980013
f0ecc84095f56371b8d679beee2267f8408f02b079a9c8ab422aeedc7e9dcd8c
f125a9ac9517587d75353f5901ceb12de8196c4b8a34b323ceaa0d55556f44e3
f1f8dcc0badc9e3df2b74303b42840cb3454670919db445946cb6456c36af916
f240de3e57aeb438168ae4892702512852e40cc5a9c9d159c66caa16ebf5b03f
f3e15c8c652037a48cdfd166c79433f19ccedbf4d660770128a4ed2f3f4ce64f
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6cbe31747c16c069d861a8ed01b15186eaee8c381f74ca1712087811c39f4d4
f89c51ecaf4559bd388bbe8cf3953876f3ca730fc7680266ca6b8d6ebae481b9
f9673d07ef6b4d82f77a4d8dde6f05ac7c7fc0dcf76888185a238294a5fe0009
fa40858bc00aa25239b434a313f9b30b4b604715b21395c0f278a3055cd31deb
fa69594ed2a907e37c5416c543cbcbef831522b35db21fb15b90af09ff0eeb9c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fdacc3071a4aa385d0442dfb5ec8132af9e4376dbab4ee4ce4219bee84ab1663
fefe013eaa20a899ce226c91270817a52c9a1aea9493b37f45d0fdc35da6f67a
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffce6c7f92604f0a6ae54480ff874f5faff5d263e5f0ad777da869961b048627