urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Submission: On August 18 via manual from US — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 54 IPs in 10 countries across 33 domains to perform 326 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 172.217.16.193 15169 (GOOGLE)
3 10 192.96.203.13 30633 (LEASEWEB-...)
8 104.26.5.103 13335 (CLOUDFLAR...)
14 89.187.169.39 60068 (CDN77 ^_^)
1 152.199.21.70 15133 (EDGECAST)
5 23.216.77.68 20940 (AKAMAI-ASN1)
39 151.101.193.44 54113 (FASTLY)
1 69.16.175.10 20446 (STACKPATH...)
5 178.250.1.11 44788 (ASN-CRITE...)
15 142.250.186.34 15169 (GOOGLE)
2 23.97.225.52 8075 (MICROSOFT...)
1 142.250.186.174 15169 (GOOGLE)
2 91.228.74.244 16509 (AMAZON-02)
1 108.138.36.51 16509 (AMAZON-02)
2 142.250.181.234 15169 (GOOGLE)
16 185.106.33.48 200478 (TABOOLA-AS)
1 172.217.18.10 15169 (GOOGLE)
40 142.250.186.130 15169 (GOOGLE)
2 2 104.64.126.246 16625 (AKAMAI-AS)
6 95.101.149.233 16625 (AKAMAI-AS)
1 172.105.43.230 63949 (AKAMAI-LI...)
5 141.226.228.48 200478 (TABOOLA-AS)
3 52.223.40.198 16509 (AMAZON-02)
3 54.194.117.149 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
2 151.101.129.44 54113 (FASTLY)
1 8 142.250.185.130 15169 (GOOGLE)
3 69.173.144.139 26667 (RUBICONPR...)
2 3.233.144.253 14618 (AMAZON-AES)
1 142.250.185.163 15169 (GOOGLE)
3 142.250.185.225 15169 (GOOGLE)
31 172.217.18.1 15169 (GOOGLE)
3 142.250.186.40 15169 (GOOGLE)
1 18.66.122.127 16509 (AMAZON-02)
1 69.173.144.138 26667 (RUBICONPR...)
1 172.64.165.28 13335 (CLOUDFLAR...)
2 142.250.181.230 15169 (GOOGLE)
12 89.187.169.3 60068 (CDN77 ^_^)
1 8 142.250.185.132 15169 (GOOGLE)
5 216.239.32.36 15169 (GOOGLE)
1 69.173.151.100 26667 (RUBICONPR...)
2 35.186.215.140 15169 (GOOGLE)
1 64.233.166.155 15169 (GOOGLE)
2 142.250.181.238 15169 (GOOGLE)
2 172.217.16.194 15169 (GOOGLE)
1 141.226.224.32 200478 (TABOOLA-AS)
6 178.250.7.2 44788 (ASN-CRITE...)
4 178.250.7.10 44788 (ASN-CRITE...)
1 87.248.119.252 203220 (YAHOO-DEB)
1 87.248.100.137 34010 (YAHOO-IRD)
1 188.125.72.139 34010 (YAHOO-IRD)
3 142.250.184.226 15169 (GOOGLE)
2 142.250.191.131 15169 (GOOGLE)
326 54
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
11    172.217.16.193 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f1.1e100.net
cdn.ampproject.org
10    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
sync.aralego.com
agent.aralego.com
8    104.26.5.103 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
14    89.187.169.39 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 89-187-169-39.bunnyinfra.net
cdn.unibotscdn.com
1    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
5    23.216.77.68 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-216-77-68.deploy.static.akamaitechnologies.com
cdn.adpushup.com
39    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
vidstatb.taboola.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
5    178.250.1.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
15    142.250.186.34 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
2    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    142.250.186.174 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f14.1e100.net
fundingchoicesmessages.google.com
2    91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    108.138.36.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-51.muc50.r.cloudfront.net
rules.quantcount.com
2    142.250.181.234 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f10.1e100.net
imasdk.googleapis.com
16    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
1    172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net
fonts.googleapis.com
40    142.250.186.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
2    104.64.126.246 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-126-246.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    172.105.43.230 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-43-230.ip.linodeusercontent.com
newsbot.unibots.in
5    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
3    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
3    54.194.117.149 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-117-149.eu-west-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
2    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
2    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
vidstat.taboola.com
pips.taboola.com
8    142.250.185.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net
googleads.g.doubleclick.net
3    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
2    3.233.144.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-233-144-253.compute-1.amazonaws.com
http-intake.logs.datadoghq.com
1    142.250.185.163 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f3.1e100.net
d-10158191482120460991.ampproject.net
3    142.250.185.225 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f1.1e100.net
80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com
a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com
6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com
31    172.217.18.1 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f1.1e100.net
tpc.googlesyndication.com
3    142.250.186.40 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f8.1e100.net
www.googletagmanager.com
1    18.66.122.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-127.fra60.r.cloudfront.net
adx.holmesmind.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    172.64.165.28 (United States)

ASN13335 (CLOUDFLARENET, US)
amp.analytics-debugger.com
2    142.250.181.230 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
s0.2mdn.net
12    89.187.169.3 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: 89-187-169-3.bunnyinfra.net
stream.unibotscdn.com
8    142.250.185.132 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
www.google.com
5    216.239.32.36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
2    35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com
ad.sitemaji.com
1    64.233.166.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wm-in-f155.1e100.net
stats.g.doubleclick.net
2    142.250.181.238 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f14.1e100.net
www.google-analytics.com
2    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f194.1e100.net
www.googletagservices.com
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
6    178.250.7.2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    178.250.7.10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
1    87.248.119.252 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
PTR: e2-bmr.ycpi.vip.deb.yahoo.com
s.yimg.com
1    87.248.100.137 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: o2.ycpi.vip.ir2.yahoo.com
ads.yap.yahoo.com
1    188.125.72.139 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: media-router-brb71.prod.media.vip.ir2.yahoo.com
geo.yahoo.com
3    142.250.184.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net
pubads.g.doubleclick.net
2    142.250.191.131 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: ord38s29-in-f3.1e100.net
csi.gstatic.com
Apex Domain
Subdomains		 Transfer
71 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 125
80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 163
a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com
6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com
914 KB
63 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1097
trc.taboola.com — Cisco Umbrella Rank: 722
vidstat.taboola.com — Cisco Umbrella Rank: 3007
il-trc-events.taboola.com — Cisco Umbrella Rank: 18900
images.taboola.com — Cisco Umbrella Rank: 1924
imprammp.taboola.com — Cisco Umbrella Rank: 12991
am-match.taboola.com — Cisco Umbrella Rank: 13374
wf.taboola.com — Cisco Umbrella Rank: 3066
am-vid-events.taboola.com — Cisco Umbrella Rank: 12328
vidstatb.taboola.com — Cisco Umbrella Rank: 5604
pips.taboola.com — Cisco Umbrella Rank: 1803
cds.taboola.com — Cisco Umbrella Rank: 2110
am-wf.taboola.com
952 KB
26 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 34692
stream.unibotscdn.com — Cisco Umbrella Rank: 50576
4 MB
25 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228
googleads.g.doubleclick.net — Cisco Umbrella Rank: 55
stats.g.doubleclick.net — Cisco Umbrella Rank: 122
pubads.g.doubleclick.net — Cisco Umbrella Rank: 402
680 KB
13 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248
eus.rubiconproject.com — Cisco Umbrella Rank: 737
token.rubiconproject.com — Cisco Umbrella Rank: 748
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1308
35 KB
12 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1693
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 126
14 KB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 387
219 KB
10 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 39271
sync.aralego.com — Cisco Umbrella Rank: 3451
agent.aralego.com — Cisco Umbrella Rank: 266410
8 KB
9 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 442
bidder.criteo.com — Cisco Umbrella Rank: 885
14 KB
8 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 14896
123 KB
7 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2102
www.google-analytics.com — Cisco Umbrella Rank: 62
816 B
7 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 545
ups.analytics.yahoo.com — Cisco Umbrella Rank: 356
ads.yap.yahoo.com — Cisco Umbrella Rank: 15193
geo.yahoo.com — Cisco Umbrella Rank: 1505
2 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16260
e3.adpushup.com — Cisco Umbrella Rank: 19213
278 KB
6 criteo.net
static.criteo.net — Cisco Umbrella Rank: 710
84 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 76
176 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 396
793 B
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 600
fonts.googleapis.com — Cisco Umbrella Rank: 73
355 KB
2 gstatic.com
csi.gstatic.com
288 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
113 KB
2 sitemaji.com
ad.sitemaji.com — Cisco Umbrella Rank: 91231
20 KB
2 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 352
41 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1244
682 B
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9551
505 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1412
pixel.quantserve.com — Cisco Umbrella Rank: 1151
10 KB
1 yimg.com
s.yimg.com — Cisco Umbrella Rank: 666
30 KB
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 19302
3 KB
1 holmesmind.com
adx.holmesmind.com
871 B
1 ampproject.net
d-10158191482120460991.ampproject.net
1 unibots.in
newsbot.unibots.in — Cisco Umbrella Rank: 63813
610 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1302
634 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 985
30 KB
1 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 36559
10 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
15 KB
326 33
Domain Requested by
37 pagead2.googlesyndication.com ads.aralego.com
cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
imasdk.googleapis.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
www.googletagservices.com
31 tpc.googlesyndication.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
16 il-trc-events.taboola.com www.bg3.co
14 images.taboola.com www.bg3.co
14 cdn.taboola.com www.bg3.co
cdn.taboola.com
14 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
13 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
www.bg3.co
www.googletagservices.com
12 stream.unibotscdn.com cdn.unibotscdn.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
8 www.google.com 1 redirects tpc.googlesyndication.com
googleads.g.doubleclick.net
8 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
cdn.ampproject.org
8 cdn.aralego.net www.bg3.co
ads.aralego.com
adx.holmesmind.com
agent.aralego.com
6 static.criteo.net agent.aralego.com
6 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
5 region1.google-analytics.com www.googletagmanager.com
cdn.ampproject.org
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 gum.criteo.com cdn.taboola.com
static.criteo.net
gum.criteo.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
5 ads.aralego.com 1 redirects ads.aralego.com
agent.aralego.com
4 bidder.criteo.com static.criteo.net
3 pubads.g.doubleclick.net imasdk.googleapis.com
3 adservice.google.com imasdk.googleapis.com
3 www.googletagmanager.com cdn.adpushup.com
cdn.unibotscdn.com
cdn.ampproject.org
3 token.rubiconproject.com eus.rubiconproject.com
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
3 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 trc.taboola.com cdn.taboola.com
2 csi.gstatic.com imasdk.googleapis.com
2 agent.aralego.com 2 redirects
2 www.googletagservices.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
2 www.google-analytics.com www.bg3.co
2 ad.sitemaji.com adx.holmesmind.com
securepubads.g.doubleclick.net
2 s0.2mdn.net imasdk.googleapis.com
tpc.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 ups.analytics.yahoo.com imprammp.taboola.com
am-match.taboola.com
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 secure-assets.rubiconproject.com 2 redirects
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 e3.adpushup.com www.bg3.co
1 am-wf.taboola.com vidstat.taboola.com
1 geo.yahoo.com adx.holmesmind.com
1 ads.yap.yahoo.com s.yimg.com
1 s.yimg.com ad.sitemaji.com
1 6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 stats.g.doubleclick.net cdn.ampproject.org
1 pixel-us-east.rubiconproject.com eus.rubiconproject.com
1 amp.analytics-debugger.com cdn.ampproject.org
1 a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.rubiconproject.com eus.rubiconproject.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 vidstatb.taboola.com www.bg3.co
1 80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 d-10158191482120460991.ampproject.net cdn.ampproject.org
1 imprammp.taboola.com vidstat.taboola.com
1 newsbot.unibots.in cdn.unibotscdn.com
1 fonts.googleapis.com cdn.taboola.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com cdn.adpushup.com
1 fundingchoicesmessages.google.com cdn.adpushup.com
1 code.jquery.com cdn.adpushup.com
1 delivery.adrecover.com www.bg3.co
1 www.bg3.co
0 static.bg3.co Failed www.bg3.co
326 70
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
cdn.unibotscdn.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
cdn.adpushup.com
R3		 2023-06-14 -
2023-09-12		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
quantserve.com
R3		 2023-08-12 -
2023-11-10		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-18 -
2024-04-17		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-03-07 -
2024-04-03		 a year crt.sh
cricket.unibots.in
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2023-05-19 -
2024-06-19		 a year crt.sh
analytics-debugger.com
GTS CA 1P5		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-08-06 -
2023-11-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-31 -
2023-10-23		 3 months crt.sh
feebee.com.tw
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.api.fantasysports.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
*.pubgw.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-14 -
2023-10-04		 2 months crt.sh
yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-02 -
2023-10-25		 6 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-17 -
2023-10-09		 3 months crt.sh

This page contains 42 frames:

Primary Page: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Frame ID: 72A5E1AC5E1EEAA73766EDB9C901E7BD
Requests: 173 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: FE14F7F919DFE96071B0D58CE3F40E69
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: F6658708DC868FBDA24B14110FC5C651
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: C5830172A4B040D8D2BBB802C32F1120
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: F1FC4DC692727D7B219000C69E5EA84E
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A5563CAD12937129BBFEFA4743027967
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 1EA9EA5ADB8EECA02BC4028322358908
Requests: 3 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=undefined&cb=1692343950082&uv=3321&tms=1692343950082&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c942f760-7cc3-4a1c-b2dc-00aec0b31ab5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 486672F64D1DE1E18A7B820BA9E604E4
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: AA5A14FA7F33B307194A04239E14C534
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: 99FB0789A15D0E5D5141DD73CF44BF57
Requests: 1 HTTP requests in this frame

Frame: https://80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: F2263E13BB2BC86FBDA8810A0EB5B5D6
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B4F8A1D594D6AF725656DB013A1F0AE4
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 1F5ED02D035957CF0FA262BDB6EAAAE4
Requests: 4 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Frame ID: E6F52C3F90F46CBC4841CFD6B6FA2E00
Requests: 5 HTTP requests in this frame

Frame: https://a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 54434C3B7397F4793D2A185B4BCC803C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Frame ID: 950630280CA3CCC3195C1CC030AF00D4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Frame ID: E1B4EDD3D82ADA89C156882856937EE8
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6F8A90BC2D1EFF2B3E72A9081FA73185
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 36A10B5B73E54C615ECD747AFB5C2BF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 649D75F180E58B05BA9F464B1BA07869
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: ED13A0192C39093DA79336F05F30439B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AF94F4359D33AB1D9D56036EDC4A8CF8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 02471F71B80D3F028C8DBDCF2C324D7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 09D9FA4747F359F65DFB3ED975E92F1F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC16C199A31E8BDD59EF714F536041B9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 69FAAC362D45185EB77449B93D79A5C7
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Frame ID: 49AB8130770A7B9C7149F713AD8CBE08
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js
Frame ID: 4DF3DAB9D55A0B0CADFC54F5AF50723C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9990DCFD29E9A4F42EFF7C72E48325B9
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34051415783401112755&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2975&oid=2&is_amp=5&amp_v=2307272333000&d_imp=1&c=418005593&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&ga_hid=5593&dt=1692343951571&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&bdt=2856&dtd=66&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: C2063A6429C1392AA45E163E38F1617B
Requests: 1 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 2306C2497A68801EFC621452F0A90410
Requests: 11 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: 9F8F24B8961FD3FF8D80B23B6FE709B9
Requests: 2 HTTP requests in this frame

Frame: https://6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Frame ID: 83E824D020C21D5C73596D8A5F509FCE
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrWH3ZocUt0Y54eszPmtoJ0fxLcqVKh0kTR9aaVvUWtBjTqLrtk-z99P9CoqndmmA9ez3FbmN0MILtbkvzdeJbcqBevRmo1W3Xy5-NtIhMIynnd942KhzRJmFQegCu9ik5p9dbizPmJSCtTak7hYo3IyoxmfxXcuvD2cdI34ZRJwPu2fQFRRLAJxiE0L91kK-nqsuz9Dznz4KeWDwNJCvGz5rOBuRGISZnQ4faRdwKohvZSCT6HRg_5BDGHPoCoxuyPCfpOiAd0zwAvKld9n-ISRrXTy0drHl7c5k_g1Qr-5BgfHS4HOET6LxNsbS2ktJxzNO5xzBaBg72vVg&sai=AMfl-YTBJ8VgQmsOVKf75P495jVVdlnGYbwL3i5KdVgPcgyImfn87F4wV0VdaIMQ0A6pmHwocuwlhk3zKE8sP51y9r9WPz2D66OT4JkIAA&sig=Cg0ArKJSzJwC_KODxjP6EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 477A527C1396B56EBEC8A7F1326B772D
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9BFB6E8D18A3280F7C13FDC185AE4DCE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 07D787A2055D10A0382C76F9A35B1171
Requests: 2 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: C167A6F74DDCE687FA458BEF3427A60A
Requests: 10 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Frame ID: C63CDB6D11F7F0FA7CA27C51C7B282DC
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=377178177&lmt=1692336755&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343955338&bpp=4&bdt=784&idt=293&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&nras=1&correlator=3426478608378&frm=8&ife=4&pv=2&ga_vid=532979806.1692343956&ga_sid=1692343956&ga_hid=466453362&ga_fc=0&nhd=5&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2414936062&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31077090%2C31077148%2C31077160%2C44799579%2C44769661&oid=2&pvsid=826260146931997&tmod=962195196&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tmdeeeeh8blk&fsb=1&dtd=325
Frame ID: 2C73495F194E410C434D5D28AC364E50
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712772242&pi=t.ma~as.9099904862&w=300&lmt=1692336755&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343955338&bpp=3&bdt=785&idt=306&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3426478608378&frm=8&ife=4&pv=1&ga_vid=532979806.1692343956&ga_sid=1692343956&ga_hid=466453362&ga_fc=0&nhd=5&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2414936062&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31077090%2C31077148%2C31077160%2C44799579%2C44769661&oid=2&pvsid=826260146931997&tmod=962195196&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ekej5ggrx96k&fsb=1&dtd=334
Frame ID: 5FAB5C7F19376F06A7ADFF23AEA26D3B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C4E028A5D2BE196686AA4AF83FF1A46A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B40C348A55351FF37D18A51EAA5F4E5A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

全村百人姓罵! 耆老曝姓氏由來:得罪雍正皇 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

326
Requests

91 %
HTTPS

0 %
IPv6

33
Domains

70
Subdomains

54
IPs

10
Countries

7806 kB
Transfer

17358 kB
Size

14
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 106
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 110
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 162
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950061&bpp=177&bdt=633&idt=626&shv=r20230816&mjsv=m202308100101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=2&ga_vid=876019811.1692343951&ga_sid=1692343951&ga_hid=284378761&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2389&biw=1600&bih=1200&isw=336&ish=280&ifk=3614580213&scr_x=0&scr_y=0&eid=44759842%2C44759927%2C44759876%2C31077085%2C31077090%2C31077148%2C42531644%2C44795922%2C44796700%2C44799578&oid=2&pvsid=1961783433790084&tmod=1380174573&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.fvlqkm78dwma&btvi=1&fsb=1&dtd=722 HTTP 302
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Request Chain 241
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 244
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 295
  • https://agent.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk

326 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
www.bg3.co/a/ 		52 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
118c23eb98b0d3f69b42c106552dc9259f76d4046279cb2d5b2f41e0a51f832b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 18 Aug 2023 07:32:28 GMT
etag
"cefa-SJLHWe6iCX0o5uaadkui2a1OquA"
expires
Fri, 18 Aug 2023 07:47:28 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		277 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
a7eb1447ae8fbeff087958d608790a15346e47e823a392f37f1686402bcd72e0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 07:32:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72905
x-xss-protection
0
server
sffe
etag
"2f38c6cc6ea98470"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 07:32:28 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
59ec623617cb9b008282077c49a57c3387e84b181deb844efa5ffcf1db4909a4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 07:32:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9710
x-xss-protection
0
server
sffe
etag
"8c65eb8d897931a1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 07:32:28 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
59e415ebd0d3e2ab61a9b209889956069b95db9039392ac2249e565acaf4f1c2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 18 Aug 2023 07:32:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7620
x-xss-protection
0
server
sffe
etag
"4ee5ccd9f9b5be3f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 18 Aug 2023 07:32:29 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5948
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3knNpxM574U1dSGWyUvPb%2BiMARnp7phWUs%2FSOBFFIeKWBD0TvPrsZBhzc5iGLVhUTabqiAOCZtV1DOra89M2KbvsW14sqxui9Zm9x69FlLvP0fDWKgyNPe2x5XZvP7S3eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f8876935bd86939-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/ubplayer/ 		238 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
e07064914221a3992d6f0014dd422e4fa8fdbe36456c57a3476ba6945b9dc59e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:28 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-679
cdn-cachedat
08/17/2023 09:53:00
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 09:43:00 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ddeba4-3b688"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
6ce3f412a31e8c86bc3310d4b31ad0b9
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
adRecover.js
delivery.adrecover.com/43519/ 		37 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
3a276faf7ecb07e9cfc5f53e0b306d515b0b4fd08ddc3e0c231965755269a7b2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 18 Aug 2023 08:32:29 GMT
date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Fri, 18 Aug 2023 07:00:31 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
AT
x-client-device
desktop
x-client-geo
AT
adpushup.js
cdn.adpushup.com/42753/ 		655 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-68.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
141892bb04ea947463d0c0c80cc6030dba663f0b20bb9b65513b242372a84a89

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AT
date
Fri, 18 Aug 2023 07:32:28 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Wed, 16 Aug 2023 23:36:45 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
AT
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1692343948795_34631492_181005057_678_1755_11_33_146";dur=1
content-length
140661
expires
Fri, 18 Aug 2023 08:32:28 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		448 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0b51056b86e9dc8257e13cbd77a20f48604261871c988ac6bd99a20ef4b19446

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
eImZjsG.ZfF8OA1BbYw4iDAjWUW8TQvf
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:28 GMT
x-amz-request-id
WNVWP77ANY643AWN
age
56
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
51974
x-amz-id-2
FaaGXkNIU2KH9fhR4SfErO6zC2SBoo8PLEJgdnYEkqr3Ocm3mD0EBGpMF4WEoUFFhOcx3nmTUDk=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:22:04 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343949.823244,VS0,VE1
etag
"8931ec604c45f5c76748a269133e4202"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
80
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
impl.20230815-8-RELEASE.js
cdn.taboola.com/libtrc/ 		798 KB
166 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
7a5111ccdcdcf2cb2513d3f6ac04fa85940e05018315570c8490138e76201486

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
VJhkHqbnpHJ5qDxlBjnMnsOnqsbnian.
content-encoding
br
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:28 GMT
x-amz-request-id
06JZ6HBHY7Z9N42Q
age
23651
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
169202
x-amz-id-2
gkC81kWjOWLH3nyjD88XOx2YIM03OokdBBp671jxgs9ZPi1uu1oaHwnipPAzlt3WPpAVwwSSgF8=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Tue, 15 Aug 2023 08:56:15 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343949.938234,VS0,VE0
etag
"5cdb130da9957e14476eb1bfb9d78638"
vary
Accept-Encoding
content-type
application/javascript
abp
60
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
4044
e631ba08c01d6b45bae8283a72084dfc.jpg
static.bg3.co/imgs/202105/ 		0
0
8cf996844f83038190165be99ec91c7a.jpg
static.bg3.co/imgs/202105/ 		0
0
6c62345bde600b8d22de41187fd82dc3.jpg
static.bg3.co/imgs/202105/ 		0
0
f4fd62a406b84b7d73bc8325b08d00a6.jpg
static.bg3.co/imgs/202112/ 		0
0
5decd108fccf8f9cc141650dfc737add.jpg
static.bg3.co/imgs/202105/ 		0
0
06089d9b9ea1722cf6397110da0167f8.jpg
static.bg3.co/imgs/202105/ 		0
0
b68b1b8ba7755debc3e6f1c7e302a108.jpg
static.bg3.co/imgs/202109/ 		0
0
98ff11d1b02a58165612ecf0f8e9c5ff.jpg
static.bg3.co/imgs/202106/ 		0
0
108e3cd0252a0f6b831c6089fe2ae686.jpg
static.bg3.co/imgs/202106/ 		0
0
3d73b0526e9365c63f9c37ce0f7620a3.jpg
static.bg3.co/imgs/202106/ 		0
0
672f600f63f169eaeb0506916cd269a2.jpg
static.bg3.co/imgs/202105/ 		0
0
2d0ffcb1cc561b0ee86f77f31f087d41.jpg
static.bg3.co/imgs/202105/ 		0
0
4fcc6248a0ccecc84ad52cd5fad3e39e.jpg
static.bg3.co/imgs/202105/ 		0
0
058dd527b06f7226f0720f2f8ff0554b.jpg
static.bg3.co/imgs/202106/ 		0
0
288419267eb3be6dffd62338ffdb1e93.jpg
static.bg3.co/imgs/202106/ 		0
0
d7bdc921aab8a15592ee4b9104bbb947.jpg
static.bg3.co/imgs/202105/ 		0
0
f45a12f2685f72880ecd59384814bc1d.jpg
static.bg3.co/imgs/202105/ 		0
0
35df9d0f0ff36a525397d44478112ff3.jpg
static.bg3.co/imgs/202105/ 		0
0
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1692343949.dop033.ml1.t,1692343949.cds219.ml1.hn,1692343949.cds219.ml1.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012307272333000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
b8d20ccf593b049aa3489da4c021d3b4b485e82e06a4cc0ed1337d08aa765987
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 16 Aug 2023 00:58:09 GMT
age
196460
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3021
x-xss-protection
0
server
sffe
etag
"5992a434989da413"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 15 Aug 2024 00:58:09 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012307272333000/v0/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
068619b9084242ce2ca2d3bab3e7a2d02911acce318eb05ac257e0f545c241a2
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 02:12:15 GMT
age
278414
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3996
x-xss-protection
0
server
sffe
etag
"36b638fb3883cf3b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 02:12:15 GMT
sync
gum.criteo.com/ 		46 B
288 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:28 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
237893
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/ 		68 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=09%3A32%3A29.092&lti=deflated&data=%7B%22id%22%3A222%2C%22ii%22%3A%22%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1692177712774%2C%22vi%22%3A1692343949088%2C%22cv%22%3A%2220230815-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html%22%2C%22vpi%22%3A%22%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3075%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1709.078125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a25c5e8e8673dae1af1a8ecb9fc9460b36cc14882e044055083f6e5fd612ef52

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
479
date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
59150
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230026-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1692343949.111773,VS0,VE479
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/ 		409 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-68.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AT
date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1692343949191_34631492_181005489_580_1444_11_30_146";dur=1
content-length
122286
expires
Sat, 17 Aug 2024 07:32:29 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
583 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-68.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AT
date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=3, origin; dur=0, ak_p; desc="1692343949221_34631492_181005491_390_1381_11_0_146";dur=1
content-length
211
expires
Sat, 17 Aug 2024 07:32:29 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-68.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AT
date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5, origin; dur=0, ak_p; desc="1692343949221_34631492_181005490_566_1405_11_0_146";dur=1
content-length
18371
expires
Fri, 18 Aug 2023 08:32:29 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		98 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
6e73904e19373d7fafb3355e66e30b6d549b2111d8568069e65a1d5e4ee99c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28882
x-xss-protection
0
server
cafe
etag
980 / 19587 / m202308100101 / config-hash: 7328467961731406261
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:29 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
309 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTIzNDM5NDkyMTQsInBhY2tldElkIjoiMDAwMEE3MDEtN2ZjNWVlY2ItZjcwYy00ZjVjLWJmNTQtZGM5ODdhZjljNDc4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3F1YW4tY3VuLWJhaS1yZW4teGluZy1tYS1xaS1sYW8tcHUteGluZy1zaGkteW91LWxhaS1kZS16dWkteW9uZy16aGVuZy1odWFuZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJBVCJ9&c_b=1873.8999977111816
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
308 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/ 		19 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.174 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f14.1e100.net
Software
ESF /
Resource Hash
bee838dec619ff999d7a4f45b7dfd81cdf9353fcb25d0798eb722ec21bb19405
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-H_dqXoV46MRdnCOoc_TC-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-security-policy
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-H_dqXoV46MRdnCOoc_TC-Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 25 Aug 2023 07:32:29 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
634 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-51.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:17:17 GMT
via
1.1 f212784a4dc77817b66a91a042658fa6.cloudfront.net (CloudFront)
x-amz-cf-pop
MUC50-P2
age
913
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
q_MvP7v2lAP8WAwPEkuo0vB2961Pa-M4QeinN-AFi5yBkkDQmcEZIQ==
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8447
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tBlQ91gCHVOGHDZq0F%2Bh7eBriXezZDMjIAsOIpHXvct64ygPejL3UEdxFIFRj501uuwIP1xn2PvteV5GZeN05Z4ll7gpN96V%2BNrLQGb%2Fv8XJo%2Bo%2FblJbNZLEq4NmMf3LfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7f887693cc5e6939-FRA
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
0101f2565712fbcab28981306da0fcbd976a776ae79615dcf653080945761262

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
0101f2565712fbcab28981306da0fcbd976a776ae79615dcf653080945761262

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:29 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8343019717768476&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:29 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.09885653641118908&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:29 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:14:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
1075
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 17 Aug 2024 07:14:34 GMT
pixel;r=637579677;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=637579677;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-436525317-1692343949364;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1692343949475;tzo=-120;ogl=;ses=1f50b85f-95b3-4d44-aa9e-19f534da52ed;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
bg3.json
cdn.unibotscdn.com/clientdata/ 		19 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
gzip
cdn-edgestorageid
1078
cdn-storageserver
DE-677
cdn-cachedat
08/01/2023 11:49:47
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:47:20 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
652
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
21f1fb476b51fe2094737e2192aaa78a
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.js
cdn.unibotscdn.com/clientdata/js/ 		763 B
850 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
2aa048b0b7650d1da40d360378c414bfa2a057fed7a52dbec1844094eb52751d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-680
cdn-cachedat
08/09/2023 22:14:51
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:40:10 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c8ef1a-2fb"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
450aed923ee930622d52664e98457076
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-588
cdn-cachedat
08/09/2023 17:49:28
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
44626a5ed4a5699ee6097cf89582b5c1
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-165
cdn-cachedat
08/09/2023 22:54:06
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
9aa1cb2b020bbc41a546993fe31c03f2
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-588
cdn-cachedat
08/10/2023 13:50:45
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
54b29e8491cdef74676f4efaade381a5
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.css
cdn.unibotscdn.com/clientdata/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-167
cdn-cachedat
08/09/2023 22:25:50
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:45:19 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c8f04f-534"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
4c58027bb4872de95e7414ddb1c74dc1
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
3ea8c3c53fadcd0a8153b7815f4267488af50dbac80590467f50ea428571c04b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
1054
cdn-storageserver
DE-167
cdn-cachedat
08/17/2023 10:58:59
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 10:58:45 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
647
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64ddfd65-151e"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
75799607b4150fd721cdb5692873c6a7
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		354 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
sffe /
Resource Hash
695d7f02b1c1193c310b3606dce44ceec5b942debf5dae643857ac8b82956b42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
124775
x-xss-protection
0
expires
Fri, 18 Aug 2023 07:32:29 GMT
floating-unit.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66d69c245726b19a26f6d4eca4f0de1f2a6533e45d780b841cb3eba8046c9329

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
zDDT8g1CDGP1cfaqzSRzr_mwgVvW8kMz
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
S8HY8DRBRECSTG9G
age
166424
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2473
x-amz-id-2
VCE8AiCWeKr8/+2YtUvtEiEKU2MELQsQPGWbobkskOF9L+yJWBoZbHTodBTVJ3gM//Xi1kVH/fE=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:46 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.660986,VS0,VE0
etag
"2e918f3f9da15ff41679c1cad6bfdd0d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
22
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3547
taboola-vignette-new-scanning.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f8e2a9b5cbe282affee73ab290187f766713ccd6be957d892147cbe1a2695d3

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
H2jJerrDBuuYx9J4Blrm9Q6slBvmdbg.
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
G5V4FJH56KY0PXJY
age
166407
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
kkh47VmZb5+Bo9Z3bC4LqYccucL0l8833Golc3V5HBhTCU/ilzUy4EOWHJIU4BBTw8TJlHe9HL0HoKI2NFQNhA==
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:19:04 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.661211,VS0,VE0
etag
"db14f7d2bdf7a8598740605e608a6d74"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
62
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
44
distance-from-article.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1f5ee8ccc7b2288b76f0f55c515f266a6162a166a25e04bf802cc2c90f768fb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
etaDYER12amueXujFTtt9cgLhk8qkpUQ
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
EJ7J6VSN50V3NNGA
age
166434
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
cXch+0cP5sPpfgorKYXTs4AbGasYUHc1MH9MWuP3EBv4EnuDXpKtIM6PCgic3uuH5dUNde1WWWE=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:36 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.676155,VS0,VE0
etag
"9ea5bcc798779d5b0510a1a09901dd43"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
59629
article-detection.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9f24cf5b59bbf2a16b7cf20be7507cfc7cb2625b70f5206511176da2cce4047d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U8CMiKLFpCk5faTXKi00iGeAb8.UGyDQ
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
FB6CZMPWW2X9MMM4
age
166440
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1292
x-amz-id-2
An3TpcZ+fPDfD4G8h17846tL0M7KicKjNVGwdEpyHtjruMjPGCNuO0RqRpNSO95wI4P+FaDwLKY=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:30 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.676228,VS0,VE0
etag
"de95ca83afa4bf4731b9ab0730a4bb0b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
59603
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.1/ 		124 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c8e2c958c574d530f40d74d3f28827e08e9130b8d6062c9133505f5492abdfb2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 c80fd33b8f8c4dff5488cc52ba797aa6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
171737
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35592
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 07:50:00 GMT
server
AmazonS3
x-timer
S1692343950.678893,VS0,VE0
etag
"f15eacc8b374e3aab006b161b804b852"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
IAvVdY-eyCCi8TkLQrM8wXJ09A8ml8br2305SAtRLUi13DS7EuOUkA==
x-cache-hits
28018
feed-card-placeholder.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
05a8bf215a7fd9f8b4800f1bfacd799658adedb95525c57e8f58393689a36f3d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0lUqqTDPbsnY1edwmpda4mwKgusq4uhb
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
R89212R5PMTX63GE
age
166429
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
6AlsMpU8/skM2l2E73QJd28atiY5el1GRbzcEPEqLFT3KtrBOxdUPwVfY4eCb1NQqhL28DYDlfQ=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:41 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.680168,VS0,VE0
etag
"bf58787bf5828437be2537bc1921d146"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
99
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
46239
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
C6CF731DDEGSVRH7
age
85
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
T0ch7+qIOg5VMmZfvyutnCbXphVwzKJOGRHZ90gzVPquc7icyYerWrgorS7hrj5FRaeJ+3DLZvI=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.683286,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
66
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
154
userx.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b8437baeeecc1820ac9fee40444813ec2a71c56532ee05bf44f706eed2a567c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
0pPyewFgazl3WB2YZ27fM2t09N7fD.2t
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
G5YP935J0E8TQ65B
age
166402
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
be/a2LagTYOkEOCjaPhfwXSQL08esT7BMC9iYMVVnbPRbsIzWvQPjZ5kUt+bSOJ/THmGLGfGD7U=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:19:07 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.685586,VS0,VE0
etag
"b4f12d64df5e222d1bc1eb81a1094c0e"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
14658
explore-more.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8214f9841b61320a8f727d311166e54a00f31e7e1a62cf5f54356f4515d35a1c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hx2tcpjOnWfqanlicZskZNf_pXoXwLc5
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
0V2MKG6615C7CXNY
age
166430
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
9wPHeRoZNOOq5VLcAlMBOIm7wjuvtIDrZ+T68OPVhJ2j6N0NA60mpJD0rGItfZlCouenp6i6EcTQSIp8z3FFIw==
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:39 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.701166,VS0,VE0
etag
"1f8dff81e0ebee11258cace909e30228"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
46
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
24522
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=09%3A32%3A29.649&id=8001&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1692343949650%7D&tim=09%3A32%3A29.650&id=8932&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1692343949658%7D&tim=09%3A32%3A29.658&id=1693&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A32%3A29.690&id=7658&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A32%3A29.693&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=6346&cv=20230815-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60771
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A32%3A29.716&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=2361&cv=20230815-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60771
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A32%3A29.725&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=4396&cv=20230815-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60771
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A32%3A29.726&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4580&cv=20230815-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60771
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A32%3A29.730&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7856&cv=20230815-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60771
mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudinary /
Resource Hash
2f8c447294b74e9855b528b654c3270aad5669b75eae61e29962d36a5092affb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_780%2Cw_1040%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
age
782484
edge-cache-tag
346274645595769068554020377783783997479,435445644164985960573154068970643961627,29ecf9b93bbf306179626feeda1fab70
cache-tag
346274645595769068554020377783783997479,435445644164985960573154068970643961627,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT
expiration
expiry-date="Sun, 20 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
63864
x-backend-name
CLOUDINARY-FALLBACK:3FP7YNX3LMizprTZsG7BSW--F_addr_taboola_res_cloudinary_com
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kjyo7100083-IAD, cache-fra-eddf8230026-FRA
last-modified
Thu, 20 Jul 2023 03:47:33 GMT
server
cloudinary
x-timer
S1692343950.764805,VS0,VE5
etag
"cb457f141344164efbe54cf2e03d7ce9"
vary
ImageFormat
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1
mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
88c7d328f57888c476654a04cc071da80518de63628ddea6acbd7796dd2df285

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
age
2810537
edge-cache-tag
346274645595769068554020377783783997479,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
346274645595769068554020377783783997479,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
472
expiration
expiry-date="Fri, 04 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.msnbc.com/
content-length
23794
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000116-IAD, cache-iad-kjyo7100070-IAD, cache-sna10751-LGB, cache-iad-kjyo7100092-IAD, cache-fra-eddf8230026-FRA
last-modified
Tue, 04 Jul 2023 19:20:43 GMT
server
nginx
x-timer
S1692343950.764934,VS0,VE1
etag
"6b92c35cad2adab5366b3526b9a49f39"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 7, 1
3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d25d5932875b3e5b1ebce2543af681cb137fbcfa4fc11729bba9cb09d5638a5

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
age
1462034
edge-cache-tag
522928341999507559559524046100286788551,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
522928341999507559559524046100286788551,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
67
expiration
expiry-date="Tue, 22 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
11594
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100069-IAD, cache-iad-kcgs7200167-IAD, cache-lga21953-LGA, cache-iad-kiad7000096-IAD, cache-fra-eddf8230026-FRA
last-modified
Sat, 22 Jul 2023 08:50:39 GMT
server
nginx
x-timer
S1692343950.796062,VS0,VE1
etag
"2a13b0ed395a79828fab5f2953bfe5d1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 232, 1
67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
32c56ae5d57d7ab80cb2c9479a33351328078d6d6cac177569a94bf9da184e4c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
age
4294290
edge-cache-tag
625968986509112741965911706845291125125,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
625968986509112741965911706845291125125,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
125
req-referer
https://www.kleinezeitung.at/
content-length
6860
x-request-id
ccd28bd13bb890431ab0bfa4a6fb92d8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000044-IAD, cache-iad-kiad7000050-IAD, cache-chi-klot8100071-CHI, cache-iad-kcgs7200147-IAD, cache-fra-eddf8230026-FRA
last-modified
Thu, 29 Jun 2023 09:58:38 GMT
server
nginx
x-timer
S1692343950.802959,VS0,VE0
etag
"4b68d4de1e11b0bd02ec93c5afaafdd7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 24, 9
c463621448b754f72cde3a24bce6a684.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0f49245f1eff3d25ebf0d10b184c8800f554dd144f9143e3b179993e8f1c927c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
age
3889362
edge-cache-tag
572986981612921457322863674271668491606,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
572986981612921457322863674271668491606,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
234
expiration
expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://sports.walla.co.il/item/3533031
content-length
30260
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kjyo7100162-IAD, cache-chi-klot8100026-CHI, cache-iad-kiad7000066-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 12 Jun 2023 18:32:19 GMT
server
nginx
x-timer
S1692343950.806732,VS0,VE1
etag
"c654361c1954a602903bbbaa95811eaa"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
e188438efadf8e45d281ec90b76d02d3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e188438efadf8e45d281ec90b76d02d3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5559bcb099417694b90ef0b946e97c801bdc4843c1c1d63426d6d18dcff316bc

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/e188438efadf8e45d281ec90b76d02d3.jpg
age
133356
edge-cache-tag
335557241094488241573991982747568584570,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
335557241094488241573991982747568584570,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
599
req-referer
https://www.island-tipps.de/
content-length
14256
x-request-id
e01fa49f5a00d56481f565ce56c86e5c
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100111-IAD, cache-iad-kcgs7200093-IAD, cache-chi-kigq8000052-CHI, cache-iad-kiad7000123-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:14:19 GMT
server
nginx
x-timer
S1692343950.825637,VS0,VE2
etag
"b9deff4be2ba81c4eef04e568f4f27c1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
bmw-garage-teaser%2Cid%3Dfc48ae9b%2Cb%3Dmaennersache%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.maennersache.de/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.maennersache.de/bmw-garage-teaser%2Cid%3Dfc48ae9b%2Cb%3Dmaennersache%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1f96763167a55db0043e68b03b64410fa521b5497352f34b9535d1edcc763f9a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.maennersache.de/bmw-garage-teaser%2Cid%3Dfc48ae9b%2Cb%3Dmaennersache%2Cw%3D1600%2Cca%3D0.00%2C0.00%2C100.00%2C100.00%2Crm%3Dsk.jpeg
age
1096561
edge-cache-tag
367506793493146320229224149370721909091,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
367506793493146320229224149370721909091,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
308
expiration
expiry-date="Sat, 26 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
24874
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200028-IAD, cache-iad-kjyo7100103-IAD, cache-sna10734-LGB, cache-iad-kiad7000121-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 26 Jul 2023 22:20:50 GMT
server
nginx
x-timer
S1692343950.831741,VS0,VE3
etag
"60dca2efbf0128b9d66a73e5b2c65784"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 40, 1
mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e302680f10ae39d0485db1384068ef1fc3fa318fc99eaab1f50686c3a4be45fd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
age
2500517
edge-cache-tag
346274645595769068554020377783783997479,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
346274645595769068554020377783783997479,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
516
expiration
expiry-date="Thu, 27 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://merkurist.de/
content-length
25588
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200040-IAD, cache-iad-kcgs7200058-IAD, cache-sna10750-LGB, cache-iad-kcgs7200151-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 26 Jun 2023 05:11:51 GMT
server
nginx
x-timer
S1692343950.838270,VS0,VE1
etag
"2ccaa566783dd5b0d4ffd96fcea1f699"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 30, 1
3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa4eb402558b589d35ced53d98441fb5a24f5dd167c09a9a0f24f53ab4bad84a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
age
5622843
edge-cache-tag
522928341999507559559524046100286788551,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
522928341999507559559524046100286788551,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
325
expiration
expiry-date="Thu, 13 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.tag24.de/
content-length
27554
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200151-IAD, cache-iad-kcgs7200148-IAD, cache-chi-kigq8000086-CHI, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 12 Jun 2023 03:58:04 GMT
server
nginx
x-timer
S1692343950.857239,VS0,VE1
etag
"a448ec08efc1b963827950f76d3c16dc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 198, 1
c463621448b754f72cde3a24bce6a684.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7c641f225081625ca03cc761bbe62c39b74cd96174643a80649625507ca1f3aa

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c463621448b754f72cde3a24bce6a684.jpeg
age
932636
edge-cache-tag
572986981612921457322863674271668491606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
572986981612921457322863674271668491606,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
227
expiration
expiry-date="Thu, 17 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.wsfa.com/
content-length
37348
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kjyo7100080-IAD, cache-iad-kcgs7200061-IAD, cache-chi-kigq8000136-CHI, cache-iad-kiad7000078-IAD, cache-fra-eddf8230026-FRA
last-modified
Mon, 17 Jul 2023 23:41:48 GMT
server
nginx
x-timer
S1692343950.864830,VS0,VE0
etag
"8d4bf42e02fbfe15a95c837722a4ed41"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 154, 2
67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3d6729d359189b5f9f0d24f0c7b62c6a56542009f8b45f64ea0b2aa5bb88f33a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
age
4294289
edge-cache-tag
625968986509112741965911706845291125125,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
625968986509112741965911706845291125125,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
244
req-referer
https://www.sueddeutsche.de/
content-length
17212
x-request-id
ccd28bd13bb890431ab0bfa4a6fb92d8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000044-IAD, cache-iad-kiad7000050-IAD, cache-chi-klot8100135-CHI, cache-iad-kiad7000090-IAD, cache-fra-eddf8230026-FRA
last-modified
Thu, 29 Jun 2023 09:58:38 GMT
server
nginx
x-timer
S1692343950.869150,VS0,VE1
etag
"4b68d4de1e11b0bd02ec93c5afaafdd7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 1, 1
next-up-widget.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71f4448929a9d5c84a0956173ed7aaad760ee433379772d2103db439935e0cea

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
yd6MSZttMBGIvqP8P_w.yRBctX9yu0Oc
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
GAJAD3PYW67NFCT6
age
166421
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
zV6Kv5QwlpS/3TADSsMI0gzEGtgZH3KC6da7uB/5rHva2eLU2kn46r1JZ9QWxtmtDefeuF/1TgI=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.783893,VS0,VE0
etag
"acf234e9438bdd57f82192d52de7d2b7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
41
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3476
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22344.0625%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A32%3A29.782&id=3528&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A1071%7D%22%2C%22eventTime%22%3A1692343949784%7D&tim=09%3A32%3A29.784&id=5556&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=09%3A32%3A29.794&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2873&cv=20230815-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
60771
css2
fonts.googleapis.com/ 		20 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.10 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f10.1e100.net
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 18 Aug 2023 06:13:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 18 Aug 2023 07:32:29 GMT
spa-detector.20230815-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230815-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4da1619f336c83ddb043f05ca717232ee31ff64c494645f575f9d358d902f67

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z2BbQN3QNcghPCkjPo5PN3MGonYSoLPk
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:29 GMT
x-amz-request-id
4B5NK16E1069KCV2
age
166414
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
xf6jdFwWmREnzbwfBVakufDvJ7WVFVi17ywt7nky1sWhoUMuetn6X1MAuGE7vMcGC1NtYIL28+8=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:18:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1692343950.817643,VS0,VE0
etag
"0152a41d09e8abd37f4cac515c85227a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
25
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
25360
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A32%3A29.796&id=9776&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1692343949802%7D&tim=09%3A32%3A29.802&id=2595&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:29 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=09%3A32%3A29.805&id=1348&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&lti=deflated&ri=2496b0d7b58a392f0788abc064f4f155&sd=v2_b80ecb4e46d9e36a613cb9735bca970b_40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d_1692343949_1692343949_CNawjgYQ2YJdGKCuvbygMSABKAEwDzjpmQdA_4UQSOWG2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&pi=/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&wi=2436362320566291903&pt=text&vi=1692343949088&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1692343949806%7D&tim=09%3A32%3A29.806&id=1147&llvl=2&cv=20230815-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:30 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
video.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		524 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/06/2023 22:30:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
340
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf623-830a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
925b51ff13e032ec70e3fbcac7c46146
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame FE14 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bb8a0673eb11c8fe6178369061487cdfe7b7d15e9f04dc41a4763e3a21afb76c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7885
x-xss-protection
0
server
cafe
etag
10679442640165526027
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame F665 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
002cc11833a9ca0d8be4bd7e2e5465f670b172cb5859477cffe40af7edc9539a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7885
x-xss-protection
0
server
cafe
etag
4198178738711784096
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de53a304bb4f48baf1efd7ebf48ab13140c5a039dd3f78309ca7466e0e7cfc0d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//images.intouch.wunderweib.de/mary-kate-ashley-olsen-twins%2Cid%3D8e79cefc%2Cb%3Dintouch%2Cw%3D1600%2Crm%3Dsk.jpeg
age
1507350
edge-cache-tag
346274645595769068554020377783783997479,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
346274645595769068554020377783783997479,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
561
req-referer
https://news.livedoor.com/
content-length
5230
x-request-id
9dacd82511e7f7103b6912026bf594aa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kjyo7100179-IAD, cache-sna10738-LGB, cache-iad-kcgs7200165-IAD, cache-fra-eddf8230026-FRA
last-modified
Wed, 26 Jul 2023 20:27:31 GMT
server
nginx
x-timer
S1692343950.888687,VS0,VE1
etag
"0add0d3cd51237a1a2eca526e46edb81"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0d945056fc30831a1ca2f6ee2568f00cf702de355ccbd458d6f53ebf0abdd08c

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/3d3f3e4cff6e1843b92ca22dea3b7d0e.jpeg
age
2866071
edge-cache-tag
522928341999507559559524046100286788551,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
522928341999507559559524046100286788551,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
142
expiration
expiry-date="Sun, 06 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gulambande.com/
content-length
3624
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kjyo7100060-IAD, cache-iad-kcgs7200082-IAD, cache-lga21951-LGA, cache-iad-kjyo7100055-IAD, cache-fra-eddf8230026-FRA
last-modified
Thu, 06 Jul 2023 06:55:20 GMT
server
nginx
x-timer
S1692343950.894663,VS0,VE1
etag
"8336508a573a05207d03531006051a29"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9, 1
67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ee2e0abb272016af6b7b2e8e4d3747668f7e47fd09ad3e1a5e88eddcf6e10f58

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 18 Aug 2023 07:32:29 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67f7ed3b3b94e3453f1ce59ba6554cf7.jpg
age
1442543
edge-cache-tag
625968986509112741965911706845291125125,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
625968986509112741965911706845291125125,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
74
expiration
expiry-date="Wed, 02 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
content-length
2686
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kcgs7200022-IAD, cache-iad-kiad7000109-IAD, cache-sna10744-LGB, cache-iad-kcgs7200143-IAD, cache-fra-eddf8230026-FRA
last-modified
Sun, 02 Jul 2023 11:39:20 GMT
server
nginx
x-timer
S1692343950.898824,VS0,VE1
etag
"3ec2f0335c08e19b6210b6104251a0e7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 38, 1
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/09/2023 21:21:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
5f49a03bba6389dcc5978591b7340623
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-165
cdn-cachedat
07/07/2023 01:07:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
19ea32768a8923158f2bb355f6a71747
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-572
cdn-cachedat
04/04/2023 10:10:14
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
dd5e227410aabd42e300f15efe9671c1
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:29 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-167
cdn-cachedat
08/09/2023 22:56:18
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
0940426614c44397f8945613192e529b
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame C583 		714 B
772 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
age
11621
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7f887696ffbf35e5-FRA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 07:32:29 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pr4cIFUStD%2FKae7GXzYibfyXnGuigouJseaMVuT3PkmivccEoZ%2FrPs957YmxbjlkOf6%2BRaAVp7xUova4l8dyZpXO5N6d0FiTIrD7MBCD2mUB2%2F9eCESPIxg%2F9dro9ofc4g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame F1FC
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 07:32:30 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 07:32:30 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:30 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
1fa0d6f8-8a90-4b88-817c-d7d08cab38e1
https://www.bg3.co/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/1fa0d6f8-8a90-4b88-817c-d7d08cab38e1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A556 		714 B
736 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

access-control-allow-credentials
true
age
11621
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7f887697482a35e5-FRA
content-encoding
br
content-type
text/html
date
Fri, 18 Aug 2023 07:32:29 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CzHeTGpm8n9TJLcbigldSpunKGJoVl0iA1XnW%2F9BXNxRbfyAqKeR9GLukDJMQOr0ICzi88xnC7ZvM0nc9w%2FvhwWWu2DieUrbl7BOpuVFG2jvT%2F67dX%2FznPPIezLUYiRETw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 1EA9
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 07:32:30 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 18 Aug 2023 07:32:29 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C583 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
fd608bf540b5307045b8eb8bada7554c4ff41c51bae1b4c43d070402133ba999
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28536
x-xss-protection
0
server
cafe
etag
181 / 19587 / 31077070 / config-hash: 7328467961731406261
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
ubpvideos
newsbot.unibots.in/get_videos/ 		438 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newsbot.unibots.in/get_videos/ubpvideos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-105-43-230.ip.linodeusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0cf8fc27b2aad322fe040dbdd518952b047a00b50449782f8646c3276b8b77aa

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 18 Aug 2023 07:32:30 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Length
438
Content-Type
application/json
amp-ad-0.1.js
cdn.ampproject.org/rtv/012307272333000/v0/ 		82 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
d462be35c61b5311a42bc6402e6e64e6e54a7c542963e1f448f10e480ea87cf9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 01:28:18 GMT
age
281052
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23182
x-xss-protection
0
server
sffe
etag
"fb56063241417f13"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 01:28:18 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
904 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
294fc580d7f67237a50d7db8132a1061c744b6d33f0e6ec90c970b79ef6ff5f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
556
x-xss-protection
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A556 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
18980cf669989d1d3ae2c7367e5053e3ca3603056afa9aa29d74af7b3a70d415
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28532
x-xss-protection
0
server
cafe
etag
907 / 19587 / m202308100101 / config-hash: 7328467961731406261
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame FE14 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
5c54f6a1ee74521e0fb2484cff844c1f286009ba68bd9c081c964c87123cf79c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50762
x-xss-protection
0
server
cafe
etag
8520359296112476302
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
st
imprammp.taboola.com/ Frame 4866 		439 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=undefined&cb=1692343950082&uv=3321&tms=1692343950082&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c942f760-7cc3-4a1c-b2dc-00aec0b31ab5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
458ed4fc6e52a6d0ffc929685d10b92e5ff8c14f1ea2f7d1775be14f940748d1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 07:32:30 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230026-FRA
x-timer
S1692343950.113993,VS0,VE9
sync
am-match.taboola.com/ Frame AA5A 		439 B
525 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
458ed4fc6e52a6d0ffc929685d10b92e5ff8c14f1ea2f7d1775be14f940748d1

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 07:32:30 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692343950091&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1541&pt=542944004&tz=120&viewable=true&ddast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf3fd4e9d345d1bd18f3d2aeb3fb1b2f153dfd9904feb6b20e3edf0dc6125274

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1432
x-cache
MISS
x-served-by
cache-fra-eddf8230026-FRA
pragma
no-cache
server
nginx
x-timer
S1692343950.113984,VS0,VE38
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=31589837&cb=1692343950082&uv=3321&tms=1692343950082&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1692343947341.1!ts:1692343950082&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-length
0
server
nginx
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F665 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
1d5dfc98d8e7e8d7e1265aea16ade04221bd27b9c48ce054fa78032266f6b3a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50771
x-xss-protection
0
server
cafe
etag
3983916915733347153
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ Frame C583 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 22:20:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
33138
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 22:20:12 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012307272333000/v0/ 		40 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
9ffe5f229d338604f67ac27145be983cdb0e74170145052ca982a1054a8a82dc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 19:02:39 GMT
age
217791
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10406
x-xss-protection
0
server
sffe
etag
"d4bca0499463875a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 19:02:39 GMT
usync.js
eus.rubiconproject.com/ Frame 1EA9 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5b44cd05de1784117ec564b4778616207c8c8749e8709b51259920d4de527f0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 20:28:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46523
Connection
keep-alive
Content-Length
10116
Expires
Fri, 18 Aug 2023 20:27:53 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012307272333000/v0/ 		213 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
114792c3e764192ab8250ef71b0783010b1b03fa3f87649082f1c2ba73afa779
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 10:46:57 GMT
age
247533
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57733
x-xss-protection
0
server
sffe
etag
"713211f22a286027"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 10:46:57 GMT
usync.js
eus.rubiconproject.com/ Frame F1FC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5b44cd05de1784117ec564b4778616207c8c8749e8709b51259920d4de527f0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 20:28:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46523
Connection
keep-alive
Content-Length
10116
Expires
Fri, 18 Aug 2023 20:27:53 GMT
generic
match.adsrvr.org/track/cmf/ Frame 4866 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=undefined&cb=1692343950082&uv=3321&tms=1692343950082&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c942f760-7cc3-4a1c-b2dc-00aec0b31ab5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 4866 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=undefined&cb=1692343950082&uv=3321&tms=1692343950082&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c942f760-7cc3-4a1c-b2dc-00aec0b31ab5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.117.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-117-149.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 4866 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=undefined&cb=1692343950082&uv=3321&tms=1692343950082&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=c942f760-7cc3-4a1c-b2dc-00aec0b31ab5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_2_1/infra/ 		901 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4ce7739249a41529581c3d8d38ab20041690decd52cf0d78fdea96faecd72644

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1692189134
date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
3GSZHNA9GCW046TP
age
154689
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692189134
x-amz-meta-mode
33188
content-length
151987
x-amz-id-2
lCIMmhjCn0rE6ZF7mxqgKVA2EeG2Ydnz1KHEMocJ9X9z1kq+cACcozwMDTKNtWKceVzZKPzIvJA=
x-served-by
cache-fra-eddf8230061-FRA
last-modified
Wed, 16 Aug 2023 12:32:15 GMT
server
AmazonS3-br
x-timer
S1692343950.260998,VS0,VE0
etag
"d7e847d1c3c7d8349942a40f22a534d0"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
77918
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_2_1/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_2_1/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1692189153
date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
59599YXTB0DADYP2
age
154690
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692189153
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
ZtbazoCfDuEZgQgLAeBPJRC85bkHnoEZkIxiIHmn8HE+h7lx3uRNayR77PXt4kKFCfZ5UWPTyPY=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 12:32:34 GMT
server
AmazonS3-br
x-timer
S1692343950.216149,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
117789
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/ Frame FE14 		369 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6f50dff31a5195f4f61be2272afaeed5c91655fc8d6e6fbcb043de7abd9112ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128212
x-xss-protection
0
server
cafe
etag
16352991583928826849
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame 99FB 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
10003
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4542
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 04:45:47 GMT
etag
13776922816869014096
expires
Fri, 01 Sep 2023 04:45:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
khaos.jpg
token.rubiconproject.com/ Frame 1EA9 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame F1FC 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame AA5A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame AA5A 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.117.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-117-149.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame AA5A 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.75 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.75
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-144-253.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvcXVhbi1jdW4tYmFpLXJlbi14aW5nLW1hLXFpLWxhby1wdS14aW5nLXNoaS15b3UtbGFpLWRlLXp1aS15b25nLXpoZW5nLWh1YW5nLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
875 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcXVhbi1jdW4tYmFpLXJlbi14aW5nLW1hLXFpLWxhby1wdS14aW5nLXNoaS15b3UtbGFpLWRlLXp1aS15b25nLXpoZW5nLWh1YW5nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.216.77.68 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-216-77-68.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AT
date
Fri, 18 Aug 2023 07:32:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=363, ak_p; desc="1692343950312_34631492_181006495_36814_1351_11_0_219";dur=1
content-length
555
expires
Fri, 18 Aug 2023 08:32:30 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/ Frame A556 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:19:36 GMT
content-encoding
br
x-content-type-options
nosniff
age
29574
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129087
x-xss-protection
0
server
cafe
etag
2193028555055074692
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 16 Aug 2024 23:19:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012307272333000/v0/ 		110 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 17 Aug 2023 22:56:24 GMT
age
30966
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32235
x-xss-protection
0
server
sffe
etag
"e3f6ff5fb1ac62c8"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 16 Aug 2024 22:56:24 GMT
nameframe.html
d-10158191482120460991.ampproject.net/2307272333000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-10158191482120460991.ampproject.net/2307272333000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.163 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f3.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/ Frame F665 		392 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077110
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
bae7e8b2fab6ed6f5522176705cb34135bd0f7c92181b0316c7f67a01d932be7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134691
x-xss-protection
0
server
cafe
etag
12095398920557409347
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:30 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame C583 		498 B
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2937308496491644&correlator=2803348588610192&eid=31076474%2C31076869%2C31077070%2C44798601&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692343950409&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=gktxvb5i1jo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1023566506.1692343950&ga_sid=1692343950&ga_hid=329083725&ga_fc=false&dlt=1692343949962&idt=359&adks=64515409
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
e47a982487cbd64e563370e72a87c5f7fcf760db4219a6b3b749a44e2c55b78a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C583 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
0a15bc0ad7e79c33a67b1eb4f251a5e442079d23a6fda61c8c6aa394d7ce1724
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11863
x-xss-protection
0
container.html
80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F226 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:30 GMT
expires
Sat, 17 Aug 2024 07:32:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
118818
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1692343951.541962,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
17323
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/ 		447 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.1/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
aa56a655b6cb77a3c0035819033d02970bba3770850f506e8d61163098ab63a0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1692176463
date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
0AXDR8RF4S0TWZMZ
age
167443
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1692176476
x-amz-meta-mode
33188
content-length
85942
x-amz-id-2
KqPdgkEsyml6UUO2KOaPcVcs44GjEuwQ05hULLWUIEY3OV9OnSwIn9phUoUm5UanTpFisdoKKcg=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 16 Aug 2023 09:01:17 GMT
server
AmazonS3-br
x-timer
S1692343951.602718,VS0,VE0
etag
"4992e49389d98d37c3b5ca7742d2f7dd"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
116134
sync
am-match.taboola.com/ Frame B4F8 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_2_1/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
d614198555b98a4bb099307a58401e7305267bcea97bc39ed315e4b9d02ccc5a

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 18 Aug 2023 07:32:30 GMT
machineid
3408
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&cmcv=&pix=31579697&cb=1692343950596&uv=3321&tms=1692343950596&su=3&abt=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FCO50-P1
age
942239
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1692343951.690548,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits
66753
generic
match.adsrvr.org/track/cmf/ Frame B4F8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 18 Aug 2023 07:32:30 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d
pr-bh.ybp.yahoo.com/sync/taboola/ Frame B4F8 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.117.149 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-117-149.eu-west-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C583 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31077070
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:32:30 GMT
js
www.googletagmanager.com/gtag/ 		261 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
ae4d88e3e0e95f7fb7561cc8e29e4e90042e8760198d561a824173d84d61f521
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88741
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 07:32:30 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.233.144.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-233-144-253.compute-1.amazonaws.com
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
usync.html
eus.rubiconproject.com/ Frame 1F5E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 18 Aug 2023 07:32:30 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
js
www.googletagmanager.com/gtag/ 		264 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
e7a55bec6b426344da6d67ab0fbe90b171d5d22cd1bbb17a8da887c3342e0522
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89909
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 18 Aug 2023 07:32:30 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie.js
partner.googleadservices.com/gampad/ Frame FE14 		379 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
ee05824d547a6695e3b43ca836b4b840b408dad79bc5dae83f85906dc9186374
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
247
x-xss-protection
0
GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
adx.holmesmind.com/adx-file/20230617/ Frame E6F5
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301108&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=16923...
  • https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
459 B
871 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-122-127.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
1367
content-length
459
content-type
text/html
date
Fri, 18 Aug 2023 07:09:45 GMT
etag
"b488597db51c4a25cc169c0690d8eea0"
last-modified
Sat, 17 Jun 2023 07:13:44 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 109c7a7f1cf897851e09b16d3030a948.cloudfront.net (CloudFront)
x-amz-cf-id
aCJD2Kov2ZX1eB8oTPJF_IUkeLl31w39hnSfwZGVmLTeMtDaX5QgcA==
x-amz-cf-pop
FRA60-P2
x-amz-server-side-encryption
AES256
x-amz-version-id
YJSjBgr7qtGU8YTUZxdm49TPP59hJ0a5
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
location
https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame FE14 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
056b6b462599cc3c14e01056d255f48cd076df9698d9a3a88a185327718bf148
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11785
x-xss-protection
0
sync.php
pixel.rubiconproject.com/exchange/ Frame F1FC 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ads
securepubads.g.doubleclick.net/gampad/ Frame A556 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=197798139702852&correlator=1093856435539321&eid=31076164&output=ldjh&gdfp_req=1&vrg=202308100101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1692343950800&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=hzodtrlc3nqo&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1522828299.1692343951&ga_sid=1692343951&ga_hid=1936918235&ga_fc=false&dlt=1692343949996&idt=705&adks=64515409
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
2abadee6b03135a4d6283aa9c543e0e2149a9dd76cd098757630dcdd2db76cbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A556 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308100101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e70fb9203c1b03268bd0494d70f4a47f6e35d74a4ae0e8b10187025596c9df89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11712
x-xss-protection
0
container.html
a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5443 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:30 GMT
expires
Sat, 17 Aug 2024 07:32:30 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ac111fb6-3446-4aa2-a19f-264b5b20e1df
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/ac111fb6-3446-4aa2-a19f-264b5b20e1df
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
44b21161-8a04-415f-99ac-997c8cc4f3b7
https://www.bg3.co/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/44b21161-8a04-415f-99ac-997c8cc4f3b7
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
304 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
72
date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59234
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230026-FRA
pragma
no-cache
server
nginx
x-timer
S1692343951.846730,VS0,VE72
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
usync.js
eus.rubiconproject.com/ Frame 1F5E 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
f5b44cd05de1784117ec564b4778616207c8c8749e8709b51259920d4de527f0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:30 GMT
Content-Encoding
gzip
Last-Modified
Thu, 17 Aug 2023 20:28:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46523
Connection
keep-alive
Content-Length
10116
Expires
Fri, 18 Aug 2023 20:27:53 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 18 Aug 2023 07:32:30 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
3920
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1692343951.847486,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
95
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
2674
googleanalytics.json
cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/ 		2 KB
886 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 14:16:45 GMT
age
234945
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"8f5886023517dc75"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 14:16:45 GMT
ga4.json
amp.analytics-debugger.com/ 		7 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.165.28 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48832
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 17 Aug 2023 17:58:38 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=py89NBzejFuU0QryYqiBo0DcY97em9c8WEpV9u7yXnLWus%2Fgi%2FNkRwuagQi62Wqb4TMXcjfYmbBeG%2B50YTDbj6sfQIosDxLSSo7D5%2F7MybPvsTjuoL%2FMzdAF%2BXJX7Q%2FQOghSU897zWrDiYM8eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
7f88769d8e5c4d5a-FRA
gtag.json
cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/ 		3 KB
956 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012307272333000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.193 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s65-in-f1.1e100.net
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 15 Aug 2023 13:31:47 GMT
age
237643
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"e8f9a09ed3d75e05"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 14 Aug 2024 13:31:47 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F665 		379 B
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8e1a038bba8e7a9b7f30b33356a852544af65d3bf547402a328f38c656b7dda9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
245
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9506 		130 KB
43 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
dddb51e44bd81b42b6cdfb96a472992977a6af370678bb89024b857c092d0be4
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDXp8DY5YADFTU2TwgdfZMIFA&gqi=jh7fZLT6N5aJ9u8PyqW28AU&layout=/sadbundle/%24csp%253Der3%24/17701606112007245383/300x250_google_Yoga/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
44402
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDXp8DY5YADFTU2TwgdfZMIFA&gqi=jh7fZLT6N5aJ9u8PyqW28AU&layout=/sadbundle/%24csp%253Der3%24/17701606112007245383/300x250_google_Yoga/index.html
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame F665 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef4f6bee34be1a02c0d9f2e50190dc5cd9c7fda945932ff8132f768dbf4fde51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11639
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame FE14 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308100101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:32:30 GMT
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.39 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-39.bunnyinfra.net
Software
BunnyCDN-DE1-755 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
cdn-edgestorageid
860
cdn-storageserver
DE-677
cdn-cachedat
08/17/2023 06:30:53
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-755
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
cc5e44ff9e92720fe99233b8f810372f
cdn-requestcountrycode
US
cdn-status
200
cdn-requestpullsuccess
True
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A556 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308100101/pubads_impl.js?cb=31076164
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:32:30 GMT
khaos.jpg
token.rubiconproject.com/ Frame 1F5E 		284 B
536 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bridge3.585.0_en.html
imasdk.googleapis.com/js/core/ Frame E1B4 		720 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.234 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f10.1e100.net
Software
sffe /
Resource Hash
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
1135
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236309
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:13:36 GMT
expires
Sat, 17 Aug 2024 07:13:36 GMT
last-modified
Tue, 15 Aug 2023 19:52:02 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 07:32:31 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6F8A 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 06:56:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2161
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:56:30 GMT
playlist.m3u8
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/ 		171 B
835 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/playlist.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
gzip
cdn-edgestorageid
752
cdn-storageserver
DE-165
cdn-cachedat
06/15/2023 15:40:50
cdn-pullzone
829957
last-modified
Mon, 09 Jan 2023 09:56:48 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
531
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
73ae3fc32666d4420e6b6d72a7d7ce45
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 36A1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 06:44:11 GMT
expires
Sat, 17 Aug 2024 06:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 649D 		829 B
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
3b174792734c5e0415dcb6a93b59cc8d353c3892e0971ca6f3b0b2a2d3457c05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-KHtz3w6VOqVzEO76166lzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-KHtz3w6VOqVzEO76166lzA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
expires
Fri, 18 Aug 2023 07:32:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F665 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308140101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31077110
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:32:31 GMT
4f545b71-0ae1-42d7-b913-42e1a5cffef4
https://www.bg3.co/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/4f545b71-0ae1-42d7-b913-42e1a5cffef4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
16ec7ba6-75e3-487a-88bd-52ccd5e0d538
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/16ec7ba6-75e3-487a-88bd-52ccd5e0d538
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
fbe3de2d-4d58-49fb-bc9a-1735a1b3778f
https://www.bg3.co/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/fbe3de2d-4d58-49fb-bc9a-1735a1b3778f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
amp
www.googletagmanager.com/gtag/ 		684 B
599 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.40 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f8.1e100.net
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38g0&_p=5593&cid=557319737.1692343951&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692343951&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38g0&_p=5593&cid=557319737.1692343951&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1692343951&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 1F5E 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
e1bddfc34a927e97bda010c0d8a62b62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame ED13 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 06:44:11 GMT
expires
Sat, 17 Aug 2024 06:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AF94 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
b6ca63c9c1d4ffacd06730cb4ab320fee96cb17bddfb37a3f30c6383e4320a65
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-nCTY4jml_teP1wvc5JQXFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
536
content-security-policy
script-src 'report-sample' 'nonce-nCTY4jml_teP1wvc5JQXFQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
expires
Fri, 18 Aug 2023 07:32:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video.m3u8
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
6532fd2e1b8fa0e2427b3be9158469cef846655d968f69c8956f3cd9b7068aff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
gzip
cdn-edgestorageid
1075
cdn-storageserver
DE-165
cdn-cachedat
08/09/2023 21:25:31
cdn-pullzone
829957
last-modified
Tue, 11 Jul 2023 21:54:31 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
638
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
1a6bfab8b1a3bbb595ca24ceb9f8187a
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0247 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 06:44:11 GMT
expires
Sat, 17 Aug 2024 06:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 09D9 		829 B
766 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
e75f6228d56b6d56634984e016bb74f357f9915c0a947d1f46eb4fbc2477eaca
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-EN5uuhVK5zQ4SX9pR22_7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-EN5uuhVK5zQ4SX9pR22_7g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
expires
Fri, 18 Aug 2023 07:32:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ysm_bg3.js
ad.sitemaji.com/ Frame E6F5 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:32:10 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
50421
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Fri, 18 Aug 2023 17:32:10 GMT
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC16 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2900
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 06:44:11 GMT
expires
Sat, 17 Aug 2024 06:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 69FA 		829 B
763 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
54f96b1724f59d0e664a39671d475378c62334d95a159ee216649ad107548a54
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1QqeZbCGedIRxDkL9S7zrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
538
content-security-policy
script-src 'report-sample' 'nonce-1QqeZbCGedIRxDkL9S7zrg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
expires
Fri, 18 Aug 2023 07:32:31 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
video0.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		153 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video0.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
63b845e7046f874ba4d1faf8fd80cbea6e86f31b70dbe63bccb58e5e00a60635

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-167
cdn-cachedat
07/06/2023 22:32:17
cdn-pullzone
829957
content-length
156604
last-modified
Mon, 09 Jan 2023 09:55:04 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
525
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
b216fbd56e3d81781b7f5ce54fe4b97c
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5593&cid=557319737.1692343951&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dr=&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1692343951&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
242 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=557319737.1692343951&aip=1&sid=1692343951&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.166.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wm-in-f155.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/ 		35 B
303 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=557319737.1692343951&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.4873505741303925&gjid=0.6637212884075037&_r=1&a=5593&z=0.20525620953665524&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/ Frame 49AB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
fa0a2444da9cdbcc29ea16133d14589a18d24144d76ce3d135709c131e73904c
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
280931
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1709
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Tue, 15 Aug 2023 01:30:20 GMT
expires
Wed, 14 Aug 2024 01:30:20 GMT
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 4DF3 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
cafe /
Resource Hash
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:29:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
61370
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9092
x-xss-protection
0
server
cafe
etag
9312205082594545078
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:29:41 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 9990 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

age
528
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:23:43 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4DF3 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:31:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
61282
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:31:09 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 4DF3 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 14:32:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
61226
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 31 Aug 2023 14:32:05 GMT
l
www.google.com/ads/measurement/ Frame 4DF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSG-7zz0Wbuyzq8jWCQBYSnrRww9VNFwVnWAv67AlizczhZh4vE_PLaxVBn7DZh6krGwbsjjY6pT9aJ2b8eQ1Ja9cbTjg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4DF3 		180 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:31 GMT
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 36A1 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 4DF3 		0
20 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CJDXp8DY5YADFTU2TwgdfZMIFA&gqi=jh7fZLT6N5aJ9u8PyqW28AU&layout=/sadbundle/%24csp%253Der3%24/17701606112007245383/300x250_google_Yoga/index.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame AF94 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=1961783433790084&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 09D9 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=197798139702852&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 649D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308100101&jk=2937308496491644&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame ED13 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 49AB 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
cafe /
Resource Hash
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 08:40:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
82293
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2551
x-xss-protection
0
server
cafe
etag
4618035238173732404
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Aug 2023 08:40:58 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 49AB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 23:34:59 GMT
content-encoding
br
x-content-type-options
nosniff
age
28652
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 18 Aug 2023 23:34:59 GMT
gsap_3.5.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 49AB 		60 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
sffe /
Resource Hash
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24155
x-xss-protection
0
last-modified
Mon, 31 Aug 2020 21:23:17 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 07:32:31 GMT
kv-0x-328.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/kv-0x-328.jpg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
ab660cac11dbac61fee35c5e266e37c807ea76d3c95041ddf8ce8eefe0c0d106
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Fri, 11 Aug 2023 22:10:50 GMT
x-content-type-options
nosniff
age
552101
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15418
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 10 Aug 2024 22:10:50 GMT
cta-383x329.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/cta-383x329.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
90f353754fc54834580b2d93c3de551bea76c101f13a7e66fede4f9a9ccd8fb7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 15 Aug 2023 22:54:08 GMT
x-content-type-options
nosniff
age
203903
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1535
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Aug 2024 22:54:08 GMT
hlA-152x31.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/hlA-152x31.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
a91e3f282039f38f4dc40ea14f4548c25a6914c99ade74d3e99bbec9d65af7b4
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 12 Aug 2023 07:45:16 GMT
x-content-type-options
nosniff
age
517635
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1077
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Aug 2024 07:45:16 GMT
hlB-220x93.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/hlB-220x93.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
4ba3d123c86e1830d179d449f124ec93b4f3d6a4ebee1050c13f087ed992cca8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sat, 12 Aug 2023 22:02:35 GMT
x-content-type-options
nosniff
age
466196
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4725
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 11 Aug 2024 22:02:35 GMT
logo-293x416.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/logo-293x416.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
d9f5df5809aa246af5af569ab3b949b7bc386b7f6dbac624a7b8a50fa3ad90d1
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 14 Aug 2023 17:54:35 GMT
x-content-type-options
nosniff
age
308276
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1174
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 13 Aug 2024 17:54:35 GMT
info-25x23.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/info-25x23.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
73d80e34385802492ffcbd9dc8a221262b74d8efc46cdda5a007a739fdeb4d42
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Wed, 16 Aug 2023 22:53:05 GMT
x-content-type-options
nosniff
age
117566
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35497
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 15 Aug 2024 22:53:05 GMT
str-208x-17.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/ Frame 49AB 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/img/str-208x-17.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/17701606112007245383/300x250_google_Yoga/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
5cb7cbd4d00c00232e7c18e5c1ba0995c0506ff0ad9fa4d4cf1e9b58bc804e34
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 15 Aug 2023 01:30:20 GMT
x-content-type-options
nosniff
age
280931
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7210
x-xss-protection
0
last-modified
Wed, 12 Jul 2023 15:55:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 14 Aug 2024 01:30:20 GMT
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Fri, 18 Aug 2023 07:32:31 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
2840
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230026-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1692343952.682142,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
19
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
13541
sodar
pagead2.googlesyndication.com/pagead/ Frame 69FA 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=2298832267810767&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 0247 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
video1.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		328 KB
329 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video1.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
773b6b520d53f2c575e87d9bc2be2d3ec999ec9839191f12dc0b6b64d37cef4f

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:31 GMT
cdn-edgestorageid
1049
cdn-storageserver
DE-576
cdn-cachedat
07/11/2023 22:32:41
cdn-pullzone
829957
content-length
335580
last-modified
Tue, 11 Jul 2023 21:54:31 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
638
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
da949656a8af93acdc9580347eecf870
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame FC16 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 9990
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
expires
Fri, 18 Aug 2023 07:32:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame C206 		603 B
65 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-34051415783401112755&dff=sans-serif&prev_fmts=1600x96%2C1600x250&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=3&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=2975&oid=2&is_amp=5&amp_v=2307272333000&d_imp=1&c=418005593&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&ga_hid=5593&dt=1692343951571&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=120&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&bdt=2856&dtd=66&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-ad-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4DF3 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a45f9e848e7dd8d91d8d1d34c3812fed8af610b5dc9d8763a3cc00a33035835f

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame E6F5
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
337
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Po4y9q%2BC3riRYSsK4aOKTGJE0Io8ziQ3K7LkBEj22pw5uBvPrWPUpJwa70nBOclXbPlseG9t3V74iJyQ%2BbHOkFaZ4wqUJbbglJLy88Bt9naim7auxPApKFfiZx0tu4iGcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f8876a5ea1735e5-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
/
pips.taboola.com/ 		4 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230061-FRA
date
Fri, 18 Aug 2023 07:32:31 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 18 Aug 2023 07:32:32 GMT
cache-control
no-store
server
nginx
video2.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		310 KB
311 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video2.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
830e57437d284f9eac9503ba5e9251c5292f688975ef451cdedad3bd9bbb3dbb

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-198
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
317344
last-modified
Mon, 09 Jan 2023 09:55:09 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
519
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
df4b8302404e3bca87a78c3d4fdfef1b
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
generate_204
tpc.googlesyndication.com/ Frame 36A1 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?qzwraA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 49AB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
generate_204
tpc.googlesyndication.com/ Frame ED13 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?coic0A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame FC16 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?SBWn3g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 0247 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?fquSTw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
video3.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		303 KB
304 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video3.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
73c6789620af1c9f950074e861541aed0d43bdd4e6116fe95d0d406310333695

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-165
cdn-cachedat
08/02/2023 09:44:36
cdn-pullzone
829957
content-length
310764
last-modified
Mon, 09 Jan 2023 09:55:05 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
85
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d508ecf792fe72f271c74d34bfef65a7
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video4.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		239 KB
240 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video4.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
fef271305260f71472cf681f3b9ecfed76cc378f7ad06fa95a6db81dca1ea599

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-383
cdn-cachedat
08/08/2023 14:31:58
cdn-pullzone
829957
content-length
245152
last-modified
Tue, 11 Jul 2023 21:54:31 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
643
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d59cb08d53f480cece839fa665049051
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video5.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		326 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video5.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
07a489999c001495c859dc7db0a16c63e02a3c3a7cd2827d942d53372491fec7

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cdn-edgestorageid
1049
cdn-storageserver
DE-165
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
333512
last-modified
Mon, 09 Jan 2023 09:55:11 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
525
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
43d86b86d1cbe3ff79d5495c9fbcf80e
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame E6F5 		975 B
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8650
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKRZa4LfQZy0UiRcEKItFetu5GMgKTjv4RW7x%2B7%2Bi1yec5uM%2BX6LW91SxDy7uhXa8suz5p3JRLVERtVuL1zAFzSRRDBfuzi8iE%2F%2FaDcC16v1ra9y%2F%2Bg3iTsSxL85rlI9mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7f8876a67b0435e5-FRA
ad_request
ads.aralego.com/ Frame E6F5 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-D23E94E4EBE8E97E1A2434368A94EA6&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.9214178848113435&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
cd76771ce583c8b818e5311f819552de95b9a86925d5b4e6ffd0c5b275bde30b

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:32 GMT
Content-Encoding
gzip
X-Height
250
X-AdStyle
banner
Transfer-Encoding
chunked
X-SspId
434d9146-578a-3286-b543-c871a3c7e7e4
Connection
close
X-Width
300
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.holmesmind.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=5593&cid=557319737.1692343951&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dr=&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&__nfv=1&__nss=1&__dbg=1&__nuid=&en=performance_timing&sid=1692343951&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=5083&epn.domain_lookup_time=9&epn.tcp_connect_time=487&epn.redirect_time=0&epn.server_response_time=874&epn.page_download_time=1&epn.content_download_time=1410&epn.dom_interactive_time=1410
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307272333000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=557319737.1692343951&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=5083&dns=9&tcp=487&rrt=0&srt=874&pdt=1&clt=1410&dit=1410&a=5593&z=0.012724419703486367&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.238 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Aug 2023 17:47:34 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
49498
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
video6.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		243 KB
244 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video6.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
77ad0416dd9126399904bfc49b3fe6d296d2bd4e13927ca9ddb0958365bc931e

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cdn-edgestorageid
1079
cdn-storageserver
DE-168
cdn-cachedat
08/09/2023 18:08:39
cdn-pullzone
829957
content-length
248536
last-modified
Mon, 09 Jan 2023 09:55:08 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
529
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ed055a06ee367c334ffb9c7a305b43be
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		371 KB
372 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video7.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
5694d61d5fc291fc115956d1e9bc49cf4039905e68244738297c6c80905206cc

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-167
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
379948
last-modified
Mon, 09 Jan 2023 09:55:07 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
85
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d1553d6df81a067b4d8ed7b921108d5a
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
sodar
pagead2.googlesyndication.com/pagead/ Frame C583 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=2937308496491644&bg=!VFelVwPNAAZGPLJIZjw7ADkAdvg8WlP03rCMK60d2yts_9bb7zoDVKFQzpZZLuUOJo887QbMErxR7fPFi9gQHOatLsYe3yaiqh8CAAAB1VIAAAAMaAEHCgArzv34zM7jVClS-if4Mfg6fRZZuRzxJUStFaFVdvUiVEi5EBGVp45XY4f69ZkC5p9foMUOFWd56njSIa0DsZ6kAGKDcAPs1qqVnEey0b3-pUMDr557Q4pLqg77-BSoMYQ8oBp1heDWeqSSskqwEHdu_lOr8rJwaNXz2lCAEGFeFSB8rvnrAsTfbSxA3Si9l2icO0zMCtPlG-KVTpiJ8kLJJgjB3u617VVYjVJnL9R3k34Q5WhRLdpyZmJihb9F4lmdW-rbP0KIcHIRlgJiA8JUFMk4_xRHdyV1o6JrEAsxj4AcQf6Pi76IfwBbVRf6UdjE9jgwvW-2lwZ70AexJywvpPSTvHJs0_AO5BrbmSkH9PSbU6Z7C6Pf8tGUpI8GEslZ82IetBZDdlEhRjfAH_QUPL-KQEl7S8eqIE_o47Jcjj2TtXpvPtF5-InC3jgCdpDggsHWe20lJN_OZmCWHT-hnlOxiAWINc3OTnW62UzBlxw1H-hdEBKEC5K_sOIwxCHJaatmxobEmEaACniQgTXUxU8MTP-a2Nklxy8-y_q2X2-2Ot3QH0cduOs6iHbVAmXavzyQKkv45qzoab5u2LkMQwwHELtTjZmJXP1BRfOH4pKltyKEWeCs1FVeBh-uxzhE8mAv-yqgtdN1HRVslHoy8q1sDURyJSMi8TWbPrZT7uDW0akL7hW8U91u8PV7dPkrm-Fkwob2XynAgmDu3k-rmjKE1AvIqxxGCS1o26BSeyfvdFseLZbHJ2w1l0TMPPrte-qVenJwHMhixWBjFDz2EWuYYdPKbIj9AZk_CeQsSSdPiulIxeyHo8ZKDN01YIdSL31TO83I-oXsTON8iUced4-wL9a4okKnJ-43MZ2OrcGtUVjymVuRdU4AFxNs735g46MiN06MmXovsMleIAXMTUCTKXyw1jkb-7XtBmP9MDQR1ekz-IKS_JP_bYWy-TCv3rVbN43HHftgAe-e7-YvpQ14aTbRq80FU6dR3NzekdFNrDsfP5B1SVpsA1i7mtZYS2zoS7ZLy9mK75qDAmLoGR063vc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
publishertag.js
static.criteo.net/js/ld/ Frame 2306 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:32 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-1fe04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 07:32:32 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F665 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=2298832267810767&bg=!BwSlBFDNAAZGPLJIZjw7ADkAdvg8WqQaNjD2TI1_SZOJy7PTv84-FoZvu5PpM7zVfmiLQsRU0KF962rC9I_ZwBkEdHdgYWDWndECAAABqFIAAAAGaAEHCgAinoze5io7MdgUae0RdZs7k3D6RwvPwcqZgfOs7z9zg-jBfJkC0LSOdzVU9ESD-ioEmZlXnfYhbS-WvyS5ctAdQqg3vHiNiFWr9wAxI6RZ_djCKkwiKogjU9YV8ohy-HTs8MdB19ivLYD2P77k5hGzWNPeTcQYcvMFjRdhwIFVv_j09VIzRQ8-mxuDdvmAkFRCtA4LXTVElm-zfp43Qp0WtK1ch8f1kKxFQEZ-EnRTypBzTiZdtWesWyXSLHew1IqCI8YSqw-OcbrhokPoysZluU1zMjTpV6VsTvI0a4Y2CSUmcJLFiWtYhGpK1Y5bvYo1JGHBaMhP-_pSUxf8pCbahyRd7vhIooFnDRwuCqinxVIZHvNI_1njC3LZErlMByAZGU72za0NiUVMrjxsrHLIFQPUA-AEfaknUoyUftwTTbN6TWzsSKW79CVIEJ33ooAi4mzqYa3cKntmDMif3lJhip01CdOEsg9GAYvCWf-z2gNSu7FoCplnBIjeGYlrbbbIdPo9Gej7Zv_WbIxeqJwL4ZW76UO91_dXGLP-ZFRLrP1huYqptg56WXqfD4Oh6ZhwSs9bIuLxh2d-MW7ylL4SGbzautPAQzUINeOj3SDpz1s5W2zEND3xMNsEtLdk-oeFNyB7gWBI8gLVuWFjOx_wlERn5fVaET9vFDSvw85rKjdh5MA6IhtEomUknDepo60e_mHeryq_P4uHiKfJT89bHb83CXoQP9LB8mreE4r5tb16ec41m5fS7uIUmQSvUajDdS7Fb8s9GYHDrVaO--85lnclXiSASd2EYiYm0GzFvvHJfI_9ihWl7OfsBl469WUv4VNNiGZ4NHX7IohakNSpZXbIgNgYL5wUqynwIRi8WqApHuVAQZe47Urbz9R41pK9shdFnUQfgS0LhTG0mXfuZ-OS_8Ds3BCxweL4KpVpvg5EaPTiNibXk13QOYqOQRhho0TQlX-vJkWbyeWXlbj8mR_DMDE3zSfw2JkQABlViTikD7PKDQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A556 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308100101&jk=197798139702852&bg=!0dKl0obNAAZGPLJIZjw7ADkAdvg8Wm_2IVkkjECW-kFKa0eA2J_Z7-1gbMxUTJu37jat18e_7wEOna-mnV2I3ZcJI1ZvPAQzoXMCAAAB41IAAAAHaAEHCgAJtAU6xaepmVJQmQLccTepjfWeg67cqaGS2u-Km1oMA1Pk9HDrb769Jnrd-6q0uez8fh-i20wIlhBHkkyI5cC-jO4PML0cHIIDfw5ML40eJj8AZg9ih1NyYZIuWN7CfbWJchVYyiF3bnPoMKXpuIwJxHRk_oWGkkbhZo2-M21nBBFC2zZL8JAlgPLnrAxMraYAoo-uSrUAE0N9pCwxTzTjGaBv3H5oe9vQWCqmB2d_8FzCxExtGwlQAPCz1BvInfzkABps_VSE6CGodEYOvpZYxw-Zz3cexxK-5AX_2P07lTDbGOcREkLUrvsptW35t4FY9EiPzcPv1iwDJJFl8y9h5Rq07Gk5k_7ZWEO1GyT27QY32u_Tbv-YAQ4sxYpiwlu9bXSvGE9he3FH_AtaHO8SW3W8N7a2G8lz9YmqyCDrPIlEWTTxBIqj5fOtV3bvuSqEWnID1sY9SzyZOMl7J1kI4tk01BWlPLq_gOeV-DwlEgXSi7tTOE4UGUzTuxUrravqBn1-a_ovcf_XmrEbIjgVqO1BRaezkHejCyfooe9XCr0VPMXKOn_72MPgFjfs9merXSRujWsRUmIXbR_B2gGVd9XTJ9mp3A1jLG6yjVUt8CXYXrIsoM6TeRAhuw3i-xu1qzzFLL3BItarC4Cvp5xKiclV0-NwtiG1C6CRa8aX20VGlzALvAVycu6QuaieDAW8qFMhJpqbnKbB2oSqmMhsMMpEf5srkIp__nYlvfraaOttZ9cCnUktey1oCPExxr1xjQ49NQEqrROxMQy3TiFtRCwE7rhjlbE0sVltsfoYNvBL9mCFvPlNiuIv83R-Qw2JamGqSH_T6E1qaH__kqgMQstPezcKCfF_ZPR5DrygqZ3ulMDrH0DM6n5xqjo1l1DStOk_9z5jE3DrDbrE2u49EjP1SJxmuL0BGiRinjoFReyKzuvYoXwx4ngXlWR_AZNihHzyAWf1fiksRk4chamFWB_SRHwQ4Knw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame FE14 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=1961783433790084&bg=!ycqlyp7NAAZGPLJIZjw7ADkAdvg8Wog1XKj3iSs921glWlzGolykrjHKgBMoT1cZsMPwjdl993m9_0fvFVYizlj0vPUoYwmo-bQCAAAB4VIAAAAoaAEHCgAjgmuuqMDnULJ628M65z424tVkRusmnuoNoauEZy-kGtL2o1OZAtJOYi88A1l2kdJwHlQ0b3syA0d-nZtvj9UCZsfmLiVZXPPhFhtgHCc4mIMxXbTJhtpwK6LewGovw9WZJ9y5XQbYuv43noXJojZ_gNxe2qtwFbaH8WPeW1u_t1dC26STgd6fUoSH0nGvu-8tTVvQDWNerL9Hl16Av3CdVypw6imoJ953e04_hZR0KAWIkKKZQcqZvBISlmamssPgB1-x919VmYL3A_r8xYJt0yQ1tXVZE3vdugd7QdkHhKG05MBGjQqELxaRIaKZVDfWCq0iOIw64zEhk4eeiXVkzyNNxZWJwQAJFg3K3EnyosfJle0V9eBpfgqLa3cqKiLokz4WDj6uaTdiDZmnpr93LiH_ARs_uDRhGsoDXq7c0tyB3zm_HMiHEDV5Qdlqfv1Rgt6Dd46W94y5hkHFYNjG6Qn4wLQH-DCR2xm5_8TGg6Jxypi0I7Iu7vnXKjwVJEGn1bSgE7koXD55J8u529EsIUMZvuSHScn_Q2J1Xc6nEPV4hVdpkdgHgChD5i8YhyrKw2uswCfEqHRkNlqjKRQUw8oJxU4yaUsOhRLl-0PzO944Sk1BmfPo-vQNCx4WVg7D7Y0XlKwJ8CAp-wPzi7zjF4A6PO86sV_3L0Ueik24vl-5RgV03GcZxV5ZmqLy8sm9Hn7RXxqj_F1-oEW42Es8j9J1v5cr7EjZDm9rSQfovo5CtRoTd8EheSGaItRMy6Y3BTI-7b9Cn7MfhN-0hYkKNzOzNPDURFkHDnJ0D_N8IAIyFi9788JRCk_a00cUa9rwhYYbKsg_II506F3WIAydeLkgUYkt0gT-OM1SaPVCp57E-spQJuPj4HBhSNc0foM5FDfm2wzU2G8I-xE_iB4StCYqhGr7SFaSnDRgs3u2v39wZ8KPz0QxtEGFJQaK_guTRdJbiE88DdX6QnzZAgkcSXNieJF6mYIt59BsVpy_dWh2PvSmveBtRw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
syncframe
gum.criteo.com/ Frame 9F8F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:32 GMT
server
Kestrel
server-processing-duration-in-ticks
292900
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame 2306 		0
197 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=64474847072
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://adx.holmesmind.com
date
Fri, 18 Aug 2023 07:32:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
json
gum.criteo.com/sid/ Frame 9F8F 		428 B
552 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=adx.holmesmind.com&sn=ChromeSyncframe&so=0&topUrl=www.bg3.co&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ccb020db9baacf5342e1d0763ad4ee50cd06ff2e9ded1848a3ecc96adc4327dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:32 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1115683
expires
0
video8.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		467 KB
468 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video8.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
fba149d48c297fb10215569731ae09a2d630aadaf2963f78f870930c001cf48a

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
cdn-edgestorageid
1054
cdn-storageserver
DE-169
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
477896
last-modified
Mon, 09 Jan 2023 09:55:07 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
520
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
48b16d2975d874c8935d4dbfd622e6af
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
activeview
pagead2.googlesyndication.com/pcs/ Frame 4DF3 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuRg6uIRix4wQiu1en8d57_CvSxOexTJXh17w7t3bczEW2Xr8CROikTg07k8qCYHcTjvO-TYv9NB-FzhBz9yyLLxJCppySwERsRA05XbnlOHYBXGczUFxHbZZIAU_DCwZHc7Xr13ay2iC3Ym80fVZsLzsWEjt-5qXcvY0DLuCW6&sai=AMfl-YT_vCwBVal5RwJESi392-D8dxMx-Gyr7fhVlanD3rJym4vY3QJebg3bgAEkhr0tACCcu4lN9XchqD15NsZJud7G4F9m0yFy1dQ&sig=Cg0ArKJSzJQ1NSfCYVHIEAE&cid=CAQSKQBpAlJWG0JtRGeEwaadJraJQ-lnJGq2q0iTD1Eiem9ob9n2oqW9Wv6fGAE&id=lidar2&mcvt=1001&p=0,0,250,300&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692343951521&rpt=591&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:33 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
bidder.criteo.com/csm/ Frame 2306 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.holmesmind.com
date
Fri, 18 Aug 2023 07:32:32 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 2306 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Aug 2024 07:32:33 GMT
pixel.gif
static.criteo.net/images/ Frame 2306 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Aug 2024 07:32:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 2306 		97 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
a0d2aae81e88bda7108cc798b110badc1852c67844598977721e9df66893f517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28528
x-xss-protection
0
server
cafe
etag
273 / 19587 / 31077071 / config-hash: 7328467961731406261
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:33 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/ Frame 2306 		402 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
8286cea7a06f98ec1b61ff6e9f43e5e9774c46499835c16a8cced0365f6d7c62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 03:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
13425
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129630
x-xss-protection
0
server
cafe
etag
16033777775629479960
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 17 Aug 2024 03:48:48 GMT
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692343953379&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1541&pt=-1185547586&tz=120&viewable=true&ddast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
cf3fd4e9d345d1bd18f3d2aeb3fb1b2f153dfd9904feb6b20e3edf0dc6125274

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 18 Aug 2023 07:32:33 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1402
x-cache
MISS
x-served-by
cache-fra-eddf8230026-FRA
pragma
no-cache
server
nginx
x-timer
S1692343953.392168,VS0,VE550
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 2306 		27 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=235029326628909&correlator=856073161822416&eid=31076398%2C31077071&output=ldjh&gdfp_req=1&vrg=202308140101&ptt=17&impl=fif&iu_parts=22670248360%2Cbg3_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&sfv=1-0-40&sc=1&abxe=1&dt=1692343953460&lmt=1692336753&adxs=0&adys=125&biw=-12245933&bih=-12245933&isw=300&ish=250&scr_x=-12245933&scr_y=-12245933&ucis=5ncptgyvdmuw&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=3&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ref=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&top=https%3A%2F%2Fwww.bg3.co%2F&frm=8&vis=1&psz=300x250&msz=300x0&fws=260&ohw=300&ea=0&ga_vid=1549114327.1692343953&ga_sid=1692343953&ga_hid=1105030102&ga_fc=false&dlt=1692343952387&idt=1033&adks=1911528252
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
467682331c57788088528dabe03c1a6e8ae3a7f930a985868639bc5ca3590a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12057
x-xss-protection
0
google-lineitem-id
6336189971
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138437415221
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://adx.holmesmind.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2306 		15 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308140101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
c69735b59e8babcd6e08f56bb1f7809c1318c150784d38cd8bc1d1f8c00736f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11787
x-xss-protection
0
container.html
6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 83E8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.225 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f1.1e100.net
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:33 GMT
expires
Sat, 17 Aug 2024 07:32:33 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2306 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:32:33 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 477A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvrWH3ZocUt0Y54eszPmtoJ0fxLcqVKh0kTR9aaVvUWtBjTqLrtk-z99P9CoqndmmA9ez3FbmN0MILtbkvzdeJbcqBevRmo1W3Xy5-NtIhMIynnd942KhzRJmFQegCu9ik5p9dbizPmJSCtTak7hYo3IyoxmfxXcuvD2cdI34ZRJwPu2fQFRRLAJxiE0L91kK-nqsuz9Dznz4KeWDwNJCvGz5rOBuRGISZnQ4faRdwKohvZSCT6HRg_5BDGHPoCoxuyPCfpOiAd0zwAvKld9n-ISRrXTy0drHl7c5k_g1Qr-5BgfHS4HOET6LxNsbS2ktJxzNO5xzBaBg72vVg&sai=AMfl-YTBJ8VgQmsOVKf75P495jVVdlnGYbwL3i5KdVgPcgyImfn87F4wV0VdaIMQ0A6pmHwocuwlhk3zKE8sP51y9r9WPz2D66OT4JkIAA&sig=Cg0ArKJSzJwC_KODxjP6EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
ysm_bg3.js
ad.sitemaji.com/ Frame 477A 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.sitemaji.com/ysm_bg3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.215.186.35.bc.googleusercontent.com
Software
nginx/1.12.1 (Ubuntu) /
Resource Hash
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 17:32:10 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 26 Jun 2023 06:28:33 GMT
server
nginx/1.12.1 (Ubuntu)
age
50423
etag
W/"64993011-7b8f"
vary
Accept-Encoding,Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400,public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9956
expires
Fri, 18 Aug 2023 17:32:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 477A 		180 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308140101/pubads_impl.js?cb=31077071
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
sffe /
Resource Hash
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57620
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1692185840427238"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:33 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9BFB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2902
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 06:44:11 GMT
expires
Sat, 17 Aug 2024 06:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 07D7 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
086d537995c8169afac426919ecc981769a33c61938e3a36d2b440949ae098ed
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z6cQE1KfhBqemV-psYc8TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-Z6cQE1KfhBqemV-psYc8TA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:33 GMT
expires
Fri, 18 Aug 2023 07:32:33 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
native.js
s.yimg.com/dy/ads/ Frame 477A 		80 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.yimg.com/dy/ads/native.js
Requested by
Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_bg3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.119.252 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
e2-bmr.ycpi.vip.deb.yahoo.com
Software
ATS /
Resource Hash
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:29:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-request-id
TCNXV9E7QJVFN080
age
183
x-amz-server-side-encryption
AES256
x-amz-id-2
qMd19ZwBVPUphtXdiQ5JbdyjluotPuaPo27RfQLuQz7aGrRmukVnOLtYzzklIBPoKwUyGgbo/QfdWM7fcHTTEw==
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 17:58:02 GMT
server
ATS
etag
"1ec4e10d0dddd5bd001bd7317afd4f4c-df"
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
max-age=600
accept-ranges
bytes
truncated
/ Frame 477A 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2977ea470b1a83e8bf0d87194d9246f916f395bdc16e392b971397c9b395afb2

Request headers

accept-language
de-AT,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame 9BFB 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64158
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 07D7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308140101&jk=235029326628909&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
getAds.do
ads.yap.yahoo.com/nosdk/wj/v1/ Frame 477A 		290 B
614 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.yap.yahoo.com/nosdk/wj/v1/getAds.do?agentVersion=205&adTrackingEnabled=true&locale=en&adUnitCode=bcca64ee-253d-4aef-a886-21cefca8d05d&apiKey=SXG6B5X3FQVQPXFZFMVG&gpp=&gppSid=&usp=&gdpr=&euconsent=&publisherUrl=https%3A%2F%2Frisu.io%2F&caps=16&cb=jsonpCallback0
Requested by
Host: s.yimg.com
URL: https://s.yimg.com/dy/ads/native.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
87.248.100.137 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
o2.ycpi.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
referrer-policy
no-referrer-when-downgrade
date
Fri, 18 Aug 2023 07:32:33 GMT
server
ATS
age
1
x-content-type-options
nosniff
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary
Accept-Encoding, User-Agent
content-type
application/javascript; charset=UTF-8
x-envoy-upstream-service-time
15
x-xss-protection
1; mode=block
x-request-id
84ba976a-f412-4db7-b508-c5851aa9c8d1
b
geo.yahoo.com/ Frame 477A 		43 B
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://geo.yahoo.com/b?t=xhkd7&9sdk8454
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.125.72.139 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
media-router-brb71.prod.media.vip.ir2.yahoo.com
Software
ATS /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:33 GMT
strict-transport-security
max-age=31536000
server
ATS
age
0
content-type
image/gif
p3p
policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
cache-control
no-cache, no-store, private
x-envoy-upstream-service-time
1
content-length
43
generate_204
tpc.googlesyndication.com/ Frame 9BFB 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?iQgsow
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:33 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/ Frame 477A
Redirect Chain
  • https://agent.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20230617/GeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html
Protocol
H3
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:34 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
339
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BcIFFpFlpxbm2ZhBqipn%2BcQUxogmgD%2BxFLCx%2FWPES1HEnEUjc%2Bf7rTbMhvqjfz%2BBMJNSPCsdqKJGxpXJR2y8VoJJxi1ymLxxKnBeVYt9wmxZKF7lTurQW2vNTb2UDGAQCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7f8876b39aec35e5-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
ads
pubads.g.doubleclick.net/gampad/ Frame E1B4 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=330177121258178&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=DF39BCE7-0D6E-40B6-8E0F-FA3536617415&nel=0&eid=420706098%2C44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dlt=1692343948715&idt=2654&dt=1692343954289&cookie=ID%3D85cbfed285db83ff-22db851c54de000f%3AT%3D1692343950%3ART%3D1692343950%3AS%3DALNI_MbprpMH_KS7s1C1yi2fafbsDlhc4Q&gpic=UID%3D00000c622a070e3f%3AT%3D1692343950%3ART%3D1692343950%3AS%3DALNI_MZXLvFnVCcPjd6bzrUJdMWANrp2fg&scor=235506159287962&ged=ve4_td5_tt3_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:34 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 2306 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308140101&jk=235029326628909&bg=!i4iliNzNAAZGPLJIZjw7ADkAdvg8WhluKVB9EJJrIVSNOni975oNMAzreV3AKfqKjbETp84A57iW3FsiLQgPIpnbJbT43SD5xjECAAAA0lIAAAATaAEHmQMSqMZeBMu4uYCTHQ8H7904sS_2VjXG0POQG4yKsiiT7GQrjEIIyiKcgYrfJzoI9kyqfilKG11dMa1vJ8ZT6TuGXq1VDIUl9GSQg0Xpkzqlkj-X9lWG3aKviUSkg1YCpYgQa-62O0aTUB5GPJ1lvoYeGHsPhTNH2zNxWGTjk8TvdUODUyWU5D7_ogorYEbZPx6_F8WAuBz8XRJ_TMKdDtLNm1Ug7gcqHFM9B38cj92s9Vw6TBak-Mtfww3KYL3OFxTiA28k9BJd2spYgg2QvOclYfR1eck2odZactMje5QIKJ0co2Mn1ZiNk9FP7pHv_YMRIo9WOS08UJUdpEtGZVZYh9Ljm_TgYR58ZPK8isFMZJuHABf8XbFQibBAxKJRx4QkkZB9XSOUt0oK15faP7UiY7e-j-47sAxeidYec20CHthL_uuhyfbQZbAdgva40NSXVruP90yXlgl0b9Ocb_bV0Ou8EGfoqTtunfCEiaV-fRYLJ1_rZUcl-l76KFt8CB_gL8dYoovRgOU0wDa1xNAjfkdPEm91lUd51YJRbSRE1TegQZH0cY_bf_2skYfZ5RPQIHy4rp5dfjKdTGwaAwe5xE2YZMMFztOaT2mMYn91S5gsZlBYw0up_hFSVFfXphVs9GiBdqbT0UyXCvxZHDNbR1NB6FqBRYdXPF_ONvDLA6uabE1AGHCq0tiTJ48w7hDv24HTSlnxXfN6N3jnpfe9I4rjLp8HpnGwaD_6db0OYI4VMzsxSpT-ArFHkOAl9qSFhwWy3YK8_om_Mp2K8cvsxzebzFz-039K0_UIpNHsENOZyDMlsdxsKggWtrwbJyq0NeyfzBL50DquiSdWRaExtMCzQGs0h-_Nvtrnlqg6M9tEgT0CziLuXnmjmT-_dwEZlZywWeuY3QFBw-0QfjkLERd17ggPZbYStWFaUk_HSp-5fJErbJ5KfWT2RWV7tQou_mPDVINc-2jPtPaU-Mow9-MMyfoN2joaWb-fKx1c260c6PkwBMPRentCGnRWdydi1yq6w385HDTQuRSEnOTRaFzP
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ucfad-formats.css
cdn.aralego.net/css/dev/ Frame 477A 		975 B
751 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8652
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MGa0OqO%2Fy2kjYuweULmTcNEGw%2FzFI%2BnfQfN4uxwC%2FLHLAhEbEHY0tE0Y9rTx8rdSf5Q1qC0DGlgRFzu61JK0kpuZ0qcU9mUIjQGus5bzHGB2nBoNBDNNb2Pz%2BNWJ9Ol2uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7f8876b40b5035e5-FRA
ad_request
ads.aralego.com/ Frame 477A 		3 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=1&bl=en-US&je=1&dnt=0&host=adx.holmesmind.com&u=https%3A%2F%2Fwww.bg3.co%2F&adid=ad-47BD2AED499228741372878ADE27B2E&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=undefined&cb=0.04187598088713074&ao=https%3A%2F%2Fwww.bg3.co&uaMobile=%3F0
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
050b335e606c761914d0fe9bae92e298ed22340d99dc82d143234caaef651599

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 18 Aug 2023 07:32:34 GMT
Content-Encoding
gzip
X-Height
250
X-AdStyle
banner
Transfer-Encoding
chunked
X-SspId
434d9146-578a-3286-b543-c871a3c7e7e4
Connection
close
X-Width
300
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://adx.holmesmind.com
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Access-Control-Allow-Credentials
true
X-AdSource
CDB
X-Adtype
html
csi
csi.gstatic.com/ Frame E1B4 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~llg9w635&c=253225213830&slotId=126612606915&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.131 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s29-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:34 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 477A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuTy2uPgkjLfTjrUjP-irrkySls5ofkFiuIQW-KIYZ0EJfsOpdU1eyfHM7R0xb93x0OzHR9KOWocbIqA4Vr7InnF5DElwFYG8HgYPOo009CQHA4-9Ugg2qU791oQ4djvjXqwem3mtA3G5LiFctnCYJ_SlwsUTPZ-udWWdjnw306dpOKtiBD5uX347hDrvLpnXNlPbIqeapSifHSLRt7I5_QaeQkH5JNw6mGyQ4OJwVvTD6DXxJb23gK8w0n5ciHKmMfMfmsis845ELNKc8aMWKjVtkoxlTREYfE1SXLRvyX55c_tA_TPDFmUvXcjeMhPhc-ACfR_NTEz0eGDjadgg&sai=AMfl-YRfnsZSQKli1u7qF-bxChPZ6uI9JYwvFcepPebTKT-GBl-hw4vIbTcTdubw9yQWUAqPUscSJMWZci-K3By2MLIMiCNF9DzrjCZKsw&sig=Cg0ArKJSzMrse6T9wKZUEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.34 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:34 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 18 Aug 2023 07:32:34 GMT
publishertag.js
static.criteo.net/js/ld/ Frame C167 		128 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: agent.aralego.com
URL: https://agent.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 03 Aug 2023 11:12:29 GMT
server
nginx
etag
W/"64cb8b9d-1fe04"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 19 Aug 2023 07:32:35 GMT
syncframe
gum.criteo.com/ Frame C63C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:34 GMT
server
Kestrel
server-processing-duration-in-ticks
1194143
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cdb
bidder.criteo.com/ Frame C167 		0
196 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=140&profileId=184&bundle=1vySzF9mM3l5SUtxdDMzZlYxc3lFcmRUZGhMaDNIdCUyQmRmeDk5dDNROGE0VDgzTHZzdFdvdWxYZSUyRnJNUE91MHhMWnpxSGVZeFJvTkNPSWtWUDVsSW1YRm0xb3dNMVFzdlAzWXFGRkptTk1OZUpuU3EwbVpZaU0xZDFrTXF5YUFiRHZzRnZsWSUyRlo2Y3hQQWE4MndnbExXWmlRdFElM0QlM0Q&cb=14173383791
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://adx.holmesmind.com
date
Fri, 18 Aug 2023 07:32:35 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
json
gum.criteo.com/sid/ Frame C63C 		439 B
554 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=publishertag&domain=adx.holmesmind.com&sn=ChromeSyncframe&so=2&topUrl=www.bg3.co&bundle=1vySzF9mM3l5SUtxdDMzZlYxc3lFcmRUZGhMaDNIdCUyQmRmeDk5dDNROGE0VDgzTHZzdFdvdWxYZSUyRnJNUE91MHhMWnpxSGVZeFJvTkNPSWtWUDVsSW1YRm0xb3dNMVFzdlAzWXFGRkptTk1OZUpuU3EwbVpZaU0xZDFrTXF5YUFiRHZzRnZsWSUyRlo2Y3hQQWE4MndnbExXWmlRdFElM0QlM0Q&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
7351616629b65af2dc7881cba3de13fb3a1e09e6157566016ef8a292cca758e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:34 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
652946
expires
0
events
bidder.criteo.com/csm/ Frame C167 		0
196 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://adx.holmesmind.com/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://adx.holmesmind.com
date
Fri, 18 Aug 2023 07:32:34 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
pixel.gif
static.criteo.net/images/ Frame C167 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Aug 2024 07:32:35 GMT
pixel.gif
static.criteo.net/images/ Frame C167 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"493ea254-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Mon, 12 Aug 2024 07:32:35 GMT
video9.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		604 KB
605 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video9.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
89.187.169.3 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
89-187-169-3.bunnyinfra.net
Software
BunnyCDN-DE1-752 /
Resource Hash
65b1c6fb04331563d3abddf74bfde40058fc4734797969a92d0db58e2c60939d

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-197
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
618144
last-modified
Mon, 09 Jan 2023 09:55:12 GMT
server
BunnyCDN-DE1-752
cdn-fileserver
532
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ef4d75cd26721b4580bd5fb65e81d0c7
accept-ranges
bytes
cdn-requestcountrycode
US
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame C167 		145 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/quan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6aa3f9f1df2f1df2bea30eb9a3f32a8d738ad56ce7c66373cdd032bcf6a5c5b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50854
x-xss-protection
0
server
cafe
etag
15237408027918386110
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:35 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E1B4 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=625709841889501&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=DF39BCE7-0D6E-40B6-8E0F-FA3536617415&nel=0&eid=420706098%2C44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dlt=1692343948715&idt=2654&dt=1692343955296&cookie=ID%3D85cbfed285db83ff-22db851c54de000f%3AT%3D1692343950%3ART%3D1692343950%3AS%3DALNI_MbprpMH_KS7s1C1yi2fafbsDlhc4Q&gpic=UID%3D00000c622a070e3f%3AT%3D1692343950%3ART%3D1692343950%3AS%3DALNI_MZXLvFnVCcPjd6bzrUJdMWANrp2fg&scor=3429630855102742&ged=ve4_td6_tt4_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/ Frame C167 		393 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31077160
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-5961800537962381
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e87388f86d3bad8ace13e6bac28e13743b88bd57763ce00311b0648ec7e823fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
134779
x-xss-protection
0
server
cafe
etag
4320860278509646837
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 18 Aug 2023 07:32:35 GMT
csi
csi.gstatic.com/ Frame E1B4 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~llg9w8lx&c=253225213830&slotId=126612606915&ghmsh_eids=420706098%2C44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.191.131 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ord38s29-in-f3.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:35 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 2C73 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=377178177&lmt=1692336755&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343955338&bpp=4&bdt=784&idt=293&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&nras=1&correlator=3426478608378&frm=8&ife=4&pv=2&ga_vid=532979806.1692343956&ga_sid=1692343956&ga_hid=466453362&ga_fc=0&nhd=5&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2414936062&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31077090%2C31077148%2C31077160%2C44799579%2C44769661&oid=2&pvsid=826260146931997&tmod=962195196&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tmdeeeeh8blk&fsb=1&dtd=325
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31077160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame C167 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230816&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31077160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
6d34c67e9a59821814b0f939defc9884d01d6ba15eefd521e1f2bce9288e52f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11654
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5FAB 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712772242&pi=t.ma~as.9099904862&w=300&lmt=1692336755&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343955338&bpp=3&bdt=785&idt=306&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3426478608378&frm=8&ife=4&pv=1&ga_vid=532979806.1692343956&ga_sid=1692343956&ga_hid=466453362&ga_fc=0&nhd=5&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2414936062&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31077090%2C31077148%2C31077160%2C44799579%2C44769661&oid=2&pvsid=826260146931997&tmod=962195196&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ekej5ggrx96k&fsb=1&dtd=334
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31077160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:35 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C167 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5961800537962381&plah=adx.holmesmind.com&bust=31077160
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 18 Aug 2023 07:32:35 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C4E0 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

accept-ranges
bytes
age
2904
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 06:44:11 GMT
expires
Sat, 17 Aug 2024 06:44:11 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B40C 		829 B
556 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.132 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f4.1e100.net
Software
GSE /
Resource Hash
d43e560c310bf246260fc761704b34bc710793ab22a2168c7fc9486149ce9783
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-onvTgrapdtcvAj3terkPzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-AT,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-onvTgrapdtcvAj3terkPzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 18 Aug 2023 07:32:35 GMT
expires
Fri, 18 Aug 2023 07:32:35 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
pagead2.googlesyndication.com/bg/ Frame C4E0 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/VOYjWJ9SYKUWeq_SiXQPiq5A6-bg1q_inShFnttaRxg.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 17 Aug 2023 13:43:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
64160
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14636
x-xss-protection
0
last-modified
Mon, 14 Aug 2023 12:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Aug 2024 13:43:15 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B40C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230816&jk=826260146931997&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame C4E0 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BMToSw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.1 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f1.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:35 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38g0&_p=5593&cid=557319737.1692343951&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1692343951&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dt=%E5%85%A8%E6%9D%91%E7%99%BE%E4%BA%BA%E5%A7%93%E7%BD%B5%EF%BC%81%20%E8%80%86%E8%80%81%E6%9B%9D%E5%A7%93%E6%B0%8F%E7%94%B1%E4%BE%86%EF%BC%9A%E5%BE%97%E7%BD%AA%E9%9B%8D%E6%AD%A3%E7%9A%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
pubads.g.doubleclick.net/gampad/ Frame E1B4 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3532578873009703&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.585.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.585.0&sid=DF39BCE7-0D6E-40B6-8E0F-FA3536617415&nel=0&eid=420706098%2C44731965%2C44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&dlt=1692343948715&idt=2654&dt=1692343956296&cookie=ID%3D85cbfed285db83ff-22db851c54de000f%3AT%3D1692343950%3ART%3D1692343950%3AS%3DALNI_MbprpMH_KS7s1C1yi2fafbsDlhc4Q&gpic=UID%3D00000c622a070e3f%3AT%3D1692343950%3ART%3D1692343950%3AS%3DALNI_MZXLvFnVCcPjd6bzrUJdMWANrp2fg&scor=1115863847490006&ged=ve4_td7_tt5_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.585.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 18 Aug 2023 07:32:36 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
794 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1692343956394&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1541&pt=-1185547586&tz=120&viewable=true&ddast=V8DY4CLAZco02ksdsQ2BG4RptIY7chsCsAAABgYID-AMk4R5OZbzZY6zYez1q0cGzcEsvI4xYMFi6PYeJZLCyuISAZ52gy880Ga93G41mLFo6NW2IZedyCwcLlMUw8i4XFNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZlaDodPte9Xvf73SU-z1zj9yv8itfD7ta47m6Jw-mWvOxu4dPuc6sdbsXTLXb43YLXW_i0-9yao9Ot_LveYofTLXK5pa-nW_m3-9zSo8vucwtdD7vPLjS9zXYAAAAA8OD___8fAgAAAEAEAAAAAAkAAAAAFAIq_FsQuAAAAACA4f___18DQAMHA3u67HaHPwAAAACAAAAAACABgIB-WAIgxnjvxP________9_jAH6zBsZ_____zcMegA8-AB4EAIAAPAxhDEaYzuHR3KKSAFoEUYAAAAAqM947o9M0gkqFlX-___7rQBcAQAIUDx4vKrNojso8RYGAABAYMwCPSx-v9lh1_jdLvP_________b-b_zD8aIaBrhTRBgvXDan4BAQDW_AICALBRNwAAbwLgBB2CVgwGqxMQswMAAABw5____18PiBgHK4_FtDLNRs6VZ7awLTYbi3O3WU08DuduMPEeC_cpmNdJyLU-G8Iy-30HBeX09JhdBhnLZTKIDxqG5WQQzM-ELUaryWSzHM6Wi8lgOBqORvsjgMsBmojBcjmZLCa71Wg12gx3o9lggQRiMEEULRpMVqPRZDEZrkaT1Wy52O02iKJVq9loMxiuZpPZbrcaDobL0QhN2GK0mkw2y-FsuZgMhqPhaDREMDRYGVa71cotMy6Ma9HCY1kLB8OJW2Yb7jYT33K4XFncotfHdDEZF6bByIsEA9b2InlapBOFb7SyjDwb48aysVhMC4_N4nI5lgvfZLDbOFeWiViiOVmkE9llXzEOVh6LaWWajZwrz2xhW2w2Fudus5p4HM7dYOIvDVaG1W61csuMC-NatPBY1sLBcOKW2Ya7zcS3HC5XFrfo9TFdTMaFaTDyN2bLyWa0WY6W-8ZsOdmMNsvRct-hM3xXn7NRWVZJPi6Hdbs4f25Og8JlsHgn6tXwdpQc_NKq0enzepQFndHv9_v9fr_f7_f7DVrPwWxQ-J6Hv3D6WJ7L4Wz0IDYYFLFEcJFOBA-z22F6uSU-z8ZvEUuUpot0olf4Fa-H3a1x3d0Sh9Mtedndwqfd51Y73IqnW-zwuwWvt_Bp97k1R6db-Xe9xQ6nW-RyS19Pt_Jv97mlR5fd5xa6HnafXWh6my1iieB0kU5EL-Ppov4jB1lM5orBZi4bzCWj3SoBAAAAAAAAAFiCaaabAAAAADgZ1HAzXKzW6WAms8lgt1ougIugLF3AIAAAAAAAAMUae6wBHma3w_RyS3yejd_KACSY85ht9hlBrNVqWQMAABDABgAAEMBNN94CcuL-____xwEAAJCRQw8AAIB-H1AWAAAAAAAAv4JYLAeD_QNQIdZqtbrdWKvVCkgQu8FmAv____8B!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=aniview_inc_vA!eidc_vB!nonrv_vA!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.1/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 18 Aug 2023 07:32:36 GMT
content-encoding
gzip
server
nginx
machineid
1487
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C167 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230816&jk=826260146931997&bg=!KSqlKn7NAAZGPLJIZjw7ADkAdvg8WtpHlXIFMKjdSQurn4d3PSyPntRL67KdNidbOS1fOOj_ZZwrgqH3ZBXF5xMQyeisZMzHJHECAAAAaFIAAAAHaAEHCgARq02snao_eiJ2Bq8SSLcbVq-ZA0mGV3B_QVYMyBpoqA6Tfkqnm2O7uMOXmkV9t6XUXlpKZ5Y65LxbNJCeIRij9PRNqfc9X2kWsy_zR8SltfnAkmTJbrYhsTN5YHy2Ow6XuQThCYYXUceZFAt30GOvy-u6-KvnA3rAYKxvnoxfcCN7MWlHotgNjSAghUDueU7sZl_zy_6WwPz8vNH7M1Iu9mvZJoTDSAPI66mH-TXv6LhHrX3FFTrlbJZWiGM5Nw8PAPKdufups_FE7NRpnhqFRAeh9v4r3zOsssxmCsy6qptfCGUoZbzeiE9oLTLAA-mpGGhzJUNVjpUInXxLOZQAm6of02pbJ8FR3Gn5rKJiThWh-GdlolBTIRxcGNUsDTHntgamBHAbwthEmT_O2VimRIvy-4KVUcoNJxRgVvOiR0xtJXOV8E690b2Yc1kuQGWhsAAL4-9xvjV9IbiOqiL_Jq4WxgcMujcmarfxWSj78V92Y_zSrXHFIZQOHFNiHslN100Ua3JZtWrEOTdedLRrT5dkb2Jw4FKXe5KcIduAA_TzUG9uLbLQUM-_StrrUswImbJqKzZYdT6MgANT8q5Y4FA0vdnoDpEAPf4O4mQ4UcTNhPeDvxlEJghhXQoI_Tu000AzNHXQnRhQoPZkl7QxsJzE92QzKYXYEsnEYbWoI_6bxzaq8_6ZlptNHEhVyrKBn7pA-PaChcphHfV19rWlWMbbXzhsNmBMZnlGsqU3euz2jehUtvVVQncWnMGnCPon8RzM-KATddzasWM_v5hIHl1oo4GRFO7Ga5C_uQVavulqupM6K_XC6RD-5C0gAAbLHyQkdQaIajNN6YhXDLvVGkPSIQ0HTH0xNpybG6ejJXkcfcsWmccPOnzdKuoyVU1ugwebG7JHxHz-Ozkh5xD6_RzewhLm0KmUKlPxQeJofgXC-F8LNr92lpVN-72-KwUgKt3LYpzARCDJA96ZJXoaalyx2NbOglqhJ6lXENIfGMtbRn---If828wwMOdCgVyRBUkbWynMuFcKa_6W15yWyV9twJAZuF6xEqDwQg-oN3BGnTnGj_5-0_lb10Q9qsCo0_1eegDudwzJDpA2E2P6DIqvi7Vqg8RaOR-Lf-0x9HaTQ4xcm0KBrvk7WUnG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-AT,de;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
327 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230815-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-AT,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
62
date
Fri, 18 Aug 2023 07:32:36 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
59474
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230026-FRA
pragma
no-cache
server
nginx
x-timer
S1692343957.560314,VS0,VE62
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e631ba08c01d6b45bae8283a72084dfc.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/8cf996844f83038190165be99ec91c7a.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/6c62345bde600b8d22de41187fd82dc3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202112/f4fd62a406b84b7d73bc8325b08d00a6.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5decd108fccf8f9cc141650dfc737add.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/06089d9b9ea1722cf6397110da0167f8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/b68b1b8ba7755debc3e6f1c7e302a108.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/98ff11d1b02a58165612ecf0f8e9c5ff.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/108e3cd0252a0f6b831c6089fe2ae686.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/3d73b0526e9365c63f9c37ce0f7620a3.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/672f600f63f169eaeb0506916cd269a2.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/2d0ffcb1cc561b0ee86f77f31f087d41.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4fcc6248a0ccecc84ad52cd5fad3e39e.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/058dd527b06f7226f0720f2f8ff0554b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/288419267eb3be6dffd62338ffdb1e93.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d7bdc921aab8a15592ee4b9104bbb947.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f45a12f2685f72880ecd59384814bc1d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/35df9d0f0ff36a525397d44478112ff3.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| documentPictureInPicture object| _taboola object| adpushup object| ucfad_async object| unibots object| AMP function| _typeof object| TRC object| _tblConsole undefined| msg object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| regeneratorRuntime function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| checkPlayerShouldRun function| runCMD function| unibotsLog function| unibotsCustomGA function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| $ undefined| jQuery string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| googlefc function| __d3lUW8vwsKlB__ object| adRecover undefined| jqAlias object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid function| quantserve function| __qc object| ezt object| _qoptions object| ucf object| request string| paramsString function| __an6na521li18__ object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| ggeac object| google_tag_data object| google_js_reporting_queue function| checkFrameandInitStartFun undefined| google_measure_js_timing function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun string| nam object| placementData function| clientJsFunction object| cmTag object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog object| vttjs function| WebVTT function| videojs function| videojsContribAds function| videojsIma object| $jscomp object| canAutoplay function| videojsPlaylist object| _cm_wfCounters string| lastWfUrl number| ampAdSlotIdCounter object| google_reactive_ads_global_state boolean| descriptionPage object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter function| webpackHotUpdate function| startCMTagMain string| category object| gaGlobal number| ampAdPageCorrelator object| google_ad_modifications object| dataLayer function| gtag function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| shuffle object| entertainment object| arrToUse object| playlist object| google_prev_clients function| OvaMediaPlayer object| divWrapper function| focusFunc object| closure_lm_438485 object| google_tag_manager function| onYouTubeIframeAPIReady object| closure_lm_696501 object| listeningFors number| 3pla function| prepareAdRequest function| processGoogleToken object| googleToken object| googleIMState

14 Cookies

Domain/Path Name / Value
.quantserve.com/ Name: mc
Value: 64df1e8d-78f85-cf464-cf64a
.bg3.co/ Name: __qca
Value: P0-436525317-1692343949364
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D40e0575e-f8a8-4ac2-808b-f6873b7989eb-tuctbd8a40d
.aralego.com/ Name: sspid
Value: 434d9146-578a-3286-b543-c871a3c7e7e4
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.bg3.co/ Name: _ga
Value: GA1.1.557319737.1692343951
.doubleclick.net/ Name: IDE
Value: AHWqTUm1FJuAKWHTfkIdb0r0FT7k11zEssp5fIt1_vzNOAHlvUTQ2o5D1giFUmwnPHk
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1692343951.1.0.1692343951.0.0.0
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1692343951.1.0.1692343951.0.0.0
.bg3.co/ Name: __gads
Value: ID=85cbfed285db83ff-22db851c54de000f:T=1692343950:RT=1692343950:S=ALNI_MbprpMH_KS7s1C1yi2fafbsDlhc4Q
.bg3.co/ Name: __gpi
Value: UID=00000c622a070e3f:T=1692343950:RT=1692343950:S=ALNI_MZXLvFnVCcPjd6bzrUJdMWANrp2fg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.criteo.com/ Name: uid
Value: 1f01dbce-0fe2-48ef-bbef-1df6d16ce7fb

24 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202106/108e3cd0252a0f6b831c6089fe2ae686.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/06089d9b9ea1722cf6397110da0167f8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/3d73b0526e9365c63f9c37ce0f7620a3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/8cf996844f83038190165be99ec91c7a.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e631ba08c01d6b45bae8283a72084dfc.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/b68b1b8ba7755debc3e6f1c7e302a108.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/98ff11d1b02a58165612ecf0f8e9c5ff.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5decd108fccf8f9cc141650dfc737add.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/6c62345bde600b8d22de41187fd82dc3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202112/f4fd62a406b84b7d73bc8325b08d00a6.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/2d0ffcb1cc561b0ee86f77f31f087d41.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/672f600f63f169eaeb0506916cd269a2.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/288419267eb3be6dffd62338ffdb1e93.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/058dd527b06f7226f0720f2f8ff0554b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d7bdc921aab8a15592ee4b9104bbb947.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4fcc6248a0ccecc84ad52cd5fad3e39e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/35df9d0f0ff36a525397d44478112ff3.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f45a12f2685f72880ecd59384814bc1d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2EvcXVhbi1jdW4tYmFpLXJlbi14aW5nLW1hLXFpLWxhby1wdS14aW5nLXNoaS15b3UtbGFpLWRlLXp1aS15b25nLXpoZW5nLWh1YW5nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 481)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17701606112007245383/300x250_google_Yoga/index.html".
security error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1692336750&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fquan-cun-bai-ren-xing-ma-qi-lao-pu-xing-shi-you-lai-de-zui-yong-zheng-huang.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343950106&bpp=285&bdt=704&idt=657&shv=r20230816&mjsv=m202308140101&ptt=5&saldr=sd&correlator=253225213830&frm=23&ife=1&pv=1&ga_vid=527600783.1692343951&ga_sid=1692343951&ga_hid=2088288623&ga_fc=0&ga_cid=amp-4qcMzuO1fLZXKJ8rYQDlVQ&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=449192451&scr_x=0&scr_y=0&eid=44759837%2C44759927%2C44759876%2C31077088%2C31077148%2C31077110%2C44799570&oid=2&pvsid=2298832267810767&tmod=1257208362&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ag1ej4tvt682&fsb=1&dtd=792
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/17701606112007245383/300x250_google_Yoga/index.html".
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&adk=1812271804&adf=377178177&lmt=1692336755&plat=1%3A66056%2C2%3A66056%2C3%3A2163200%2C4%3A2163200%2C8%3A66048%2C9%3A66056%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A66048%2C27%3A66048%2C30%3A1049088%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343955338&bpp=4&bdt=784&idt=293&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&nras=1&correlator=3426478608378&frm=8&ife=4&pv=2&ga_vid=532979806.1692343956&ga_sid=1692343956&ga_hid=466453362&ga_fc=0&nhd=5&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2414936062&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31077090%2C31077148%2C31077160%2C44799579%2C44769661&oid=2&pvsid=826260146931997&tmod=962195196&uas=0&nvt=1&fsapi=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.tmdeeeeh8blk&fsb=1&dtd=325
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5961800537962381&output=html&h=250&slotname=9099904862&adk=3685774430&adf=712772242&pi=t.ma~as.9099904862&w=300&lmt=1692336755&format=300x250&url=https%3A%2F%2Fadx.holmesmind.com%2Fadx-file%2F20230617%2FGeNdqjjf8kvIqOEI7FrJi2aVpmkaNzTX8BdXha0t.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692343955338&bpp=3&bdt=785&idt=306&shv=r20230816&mjsv=m202308160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=3426478608378&frm=8&ife=4&pv=1&ga_vid=532979806.1692343956&ga_sid=1692343956&ga_hid=466453362&ga_fc=0&nhd=5&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=300&ish=250&ifk=2414936062&scr_x=-12245933&scr_y=-12245933&eid=44759837%2C44759875%2C44759926%2C31077090%2C31077148%2C31077160%2C44799579%2C44769661&oid=2&pvsid=826260146931997&tmod=962195196&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.ekej5ggrx96k&fsb=1&dtd=334
Message:
Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6e33b9110b5ede6c3e1d0bc21b950d77.safeframe.googlesyndication.com
80751e862cda122ade19117127c8178f.safeframe.googlesyndication.com
a0d06141e8617f7fc71b12e34f74506c.safeframe.googlesyndication.com
ad.sitemaji.com
ads.aralego.com
ads.yap.yahoo.com
adservice.google.com
adx.holmesmind.com
agent.aralego.com
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
bidder.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cdn.unibotscdn.com
cds.taboola.com
code.jquery.com
csi.gstatic.com
d-10158191482120460991.ampproject.net
delivery.adrecover.com
e3.adpushup.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.yahoo.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
il-trc-events.taboola.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
match.adsrvr.org
newsbot.unibots.in
pagead2.googlesyndication.com
partner.googleadservices.com
pips.taboola.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
region1.google-analytics.com
rules.quantcount.com
s.yimg.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static.bg3.co
static.criteo.net
stats.g.doubleclick.net
stream.unibotscdn.com
sync.aralego.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
static.bg3.co
103.231.174.251
104.26.5.103
104.64.126.246
108.138.36.51
141.226.224.32
141.226.228.48
142.250.181.230
142.250.181.234
142.250.181.238
142.250.184.226
142.250.185.130
142.250.185.132
142.250.185.163
142.250.185.225
142.250.186.130
142.250.186.174
142.250.186.34
142.250.186.40
142.250.191.131
151.101.129.44
151.101.193.44
152.199.21.70
172.105.43.230
172.217.16.193
172.217.16.194
172.217.18.1
172.217.18.10
172.64.165.28
178.250.1.11
178.250.7.10
178.250.7.2
18.66.122.127
185.106.33.48
188.125.72.139
192.96.203.13
216.239.32.36
23.216.77.68
23.97.225.52
3.233.144.253
3.71.149.231
35.186.215.140
52.223.40.198
54.194.117.149
64.233.166.155
69.16.175.10
69.173.144.138
69.173.144.139
69.173.151.100
87.248.100.137
87.248.119.252
89.187.169.3
89.187.169.39
91.228.74.244
95.101.149.233
002cc11833a9ca0d8be4bd7e2e5465f670b172cb5859477cffe40af7edc9539a
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0101f2565712fbcab28981306da0fcbd976a776ae79615dcf653080945761262
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
050b335e606c761914d0fe9bae92e298ed22340d99dc82d143234caaef651599
056b6b462599cc3c14e01056d255f48cd076df9698d9a3a88a185327718bf148
05a8bf215a7fd9f8b4800f1bfacd799658adedb95525c57e8f58393689a36f3d
068619b9084242ce2ca2d3bab3e7a2d02911acce318eb05ac257e0f545c241a2
07a489999c001495c859dc7db0a16c63e02a3c3a7cd2827d942d53372491fec7
086d537995c8169afac426919ecc981769a33c61938e3a36d2b440949ae098ed
0a15bc0ad7e79c33a67b1eb4f251a5e442079d23a6fda61c8c6aa394d7ce1724
0b51056b86e9dc8257e13cbd77a20f48604261871c988ac6bd99a20ef4b19446
0c19ceb9e644432030306134ea0de541336c4e1698356fab363bf803e2583990
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0cf8fc27b2aad322fe040dbdd518952b047a00b50449782f8646c3276b8b77aa
0d25d5932875b3e5b1ebce2543af681cb137fbcfa4fc11729bba9cb09d5638a5
0d945056fc30831a1ca2f6ee2568f00cf702de355ccbd458d6f53ebf0abdd08c
0f49245f1eff3d25ebf0d10b184c8800f554dd144f9143e3b179993e8f1c927c
114792c3e764192ab8250ef71b0783010b1b03fa3f87649082f1c2ba73afa779
118c23eb98b0d3f69b42c106552dc9259f76d4046279cb2d5b2f41e0a51f832b
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
141892bb04ea947463d0c0c80cc6030dba663f0b20bb9b65513b242372a84a89
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18980cf669989d1d3ae2c7367e5053e3ca3603056afa9aa29d74af7b3a70d415
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1d5dfc98d8e7e8d7e1265aea16ade04221bd27b9c48ce054fa78032266f6b3a6
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1f96763167a55db0043e68b03b64410fa521b5497352f34b9535d1edcc763f9a
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
287077b1aeaca25ca5387fa4bccd16aa0f098f48ab4630152689426db2d97470
294fc580d7f67237a50d7db8132a1061c744b6d33f0e6ec90c970b79ef6ff5f7
2977ea470b1a83e8bf0d87194d9246f916f395bdc16e392b971397c9b395afb2
2aa048b0b7650d1da40d360378c414bfa2a057fed7a52dbec1844094eb52751d
2abadee6b03135a4d6283aa9c543e0e2149a9dd76cd098757630dcdd2db76cbf
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f8c447294b74e9855b528b654c3270aad5669b75eae61e29962d36a5092affb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32c56ae5d57d7ab80cb2c9479a33351328078d6d6cac177569a94bf9da184e4c
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3a276faf7ecb07e9cfc5f53e0b306d515b0b4fd08ddc3e0c231965755269a7b2
3b174792734c5e0415dcb6a93b59cc8d353c3892e0971ca6f3b0b2a2d3457c05
3d6729d359189b5f9f0d24f0c7b62c6a56542009f8b45f64ea0b2aa5bb88f33a
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea8c3c53fadcd0a8153b7815f4267488af50dbac80590467f50ea428571c04b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
42b9a15f9b6a86e0bca2678c6a6679ed2e73777ca55d893012e685275249f702
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
458ed4fc6e52a6d0ffc929685d10b92e5ff8c14f1ea2f7d1775be14f940748d1
467682331c57788088528dabe03c1a6e8ae3a7f930a985868639bc5ca3590a89
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4ba3d123c86e1830d179d449f124ec93b4f3d6a4ebee1050c13f087ed992cca8
4ce7739249a41529581c3d8d38ab20041690decd52cf0d78fdea96faecd72644
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
54e623589f5260a5167aafd289740f8aae40ebe6e0d6afe29d28459edb5a4718
54f96b1724f59d0e664a39671d475378c62334d95a159ee216649ad107548a54
5559bcb099417694b90ef0b946e97c801bdc4843c1c1d63426d6d18dcff316bc
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5694d61d5fc291fc115956d1e9bc49cf4039905e68244738297c6c80905206cc
59e415ebd0d3e2ab61a9b209889956069b95db9039392ac2249e565acaf4f1c2
59ec623617cb9b008282077c49a57c3387e84b181deb844efa5ffcf1db4909a4
5c54f6a1ee74521e0fb2484cff844c1f286009ba68bd9c081c964c87123cf79c
5cb616f61628c2af47568cf14cb569dfa53d119a5404ec6fb29d1311afe5e0cd
5cb7cbd4d00c00232e7c18e5c1ba0995c0506ff0ad9fa4d4cf1e9b58bc804e34
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6227e2f11efa93c7eb0ea38ed73a866426f7080d40f3a34a6670bff550656d0a
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
63b845e7046f874ba4d1faf8fd80cbea6e86f31b70dbe63bccb58e5e00a60635
6532fd2e1b8fa0e2427b3be9158469cef846655d968f69c8956f3cd9b7068aff
65b1c6fb04331563d3abddf74bfde40058fc4734797969a92d0db58e2c60939d
66d69c245726b19a26f6d4eca4f0de1f2a6533e45d780b841cb3eba8046c9329
695d7f02b1c1193c310b3606dce44ceec5b942debf5dae643857ac8b82956b42
6aa3f9f1df2f1df2bea30eb9a3f32a8d738ad56ce7c66373cdd032bcf6a5c5b8
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d34c67e9a59821814b0f939defc9884d01d6ba15eefd521e1f2bce9288e52f3
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e73904e19373d7fafb3355e66e30b6d549b2111d8568069e65a1d5e4ee99c0e
6f4813e4fe6dd891838e421479bf603f6d3f0d2a55b90517b875a77050471d4b
6f50dff31a5195f4f61be2272afaeed5c91655fc8d6e6fbcb043de7abd9112ba
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71f4448929a9d5c84a0956173ed7aaad760ee433379772d2103db439935e0cea
723df3c7d7a3d796cd19b2d214c09340b55cf08e08d26cdf29848731527239ce
7351616629b65af2dc7881cba3de13fb3a1e09e6157566016ef8a292cca758e3
73c6789620af1c9f950074e861541aed0d43bdd4e6116fe95d0d406310333695
73d80e34385802492ffcbd9dc8a221262b74d8efc46cdda5a007a739fdeb4d42
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
773b6b520d53f2c575e87d9bc2be2d3ec999ec9839191f12dc0b6b64d37cef4f
77ad0416dd9126399904bfc49b3fe6d296d2bd4e13927ca9ddb0958365bc931e
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc
7a5111ccdcdcf2cb2513d3f6ac04fa85940e05018315570c8490138e76201486
7c641f225081625ca03cc761bbe62c39b74cd96174643a80649625507ca1f3aa
7c9bc2f87d1979394f62c69d6ebeb2ff4156ce5db46d5ee555c549a45a14d75c
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8214f9841b61320a8f727d311166e54a00f31e7e1a62cf5f54356f4515d35a1c
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
8286cea7a06f98ec1b61ff6e9f43e5e9774c46499835c16a8cced0365f6d7c62
830e57437d284f9eac9503ba5e9251c5292f688975ef451cdedad3bd9bbb3dbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
88c7d328f57888c476654a04cc071da80518de63628ddea6acbd7796dd2df285
8b8437baeeecc1820ac9fee40444813ec2a71c56532ee05bf44f706eed2a567c
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e1a038bba8e7a9b7f30b33356a852544af65d3bf547402a328f38c656b7dda9
90f353754fc54834580b2d93c3de551bea76c101f13a7e66fede4f9a9ccd8fb7
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
9f24cf5b59bbf2a16b7cf20be7507cfc7cb2625b70f5206511176da2cce4047d
9f8e2a9b5cbe282affee73ab290187f766713ccd6be957d892147cbe1a2695d3
9ffe5f229d338604f67ac27145be983cdb0e74170145052ca982a1054a8a82dc
a0d2aae81e88bda7108cc798b110badc1852c67844598977721e9df66893f517
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a25c5e8e8673dae1af1a8ecb9fc9460b36cc14882e044055083f6e5fd612ef52
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a45f9e848e7dd8d91d8d1d34c3812fed8af610b5dc9d8763a3cc00a33035835f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a7eb1447ae8fbeff087958d608790a15346e47e823a392f37f1686402bcd72e0
a91e3f282039f38f4dc40ea14f4548c25a6914c99ade74d3e99bbec9d65af7b4
aa4eb402558b589d35ced53d98441fb5a24f5dd167c09a9a0f24f53ab4bad84a
aa56a655b6cb77a3c0035819033d02970bba3770850f506e8d61163098ab63a0
ab660cac11dbac61fee35c5e266e37c807ea76d3c95041ddf8ce8eefe0c0d106
ae4d88e3e0e95f7fb7561cc8e29e4e90042e8760198d561a824173d84d61f521
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f5ee8ccc7b2288b76f0f55c515f266a6162a166a25e04bf802cc2c90f768fb
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b6ca63c9c1d4ffacd06730cb4ab320fee96cb17bddfb37a3f30c6383e4320a65
b8d20ccf593b049aa3489da4c021d3b4b485e82e06a4cc0ed1337d08aa765987
bae7e8b2fab6ed6f5522176705cb34135bd0f7c92181b0316c7f67a01d932be7
bb8a0673eb11c8fe6178369061487cdfe7b7d15e9f04dc41a4763e3a21afb76c
bee838dec619ff999d7a4f45b7dfd81cdf9353fcb25d0798eb722ec21bb19405
c69735b59e8babcd6e08f56bb1f7809c1318c150784d38cd8bc1d1f8c00736f2
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
c8e2c958c574d530f40d74d3f28827e08e9130b8d6062c9133505f5492abdfb2
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ccb020db9baacf5342e1d0763ad4ee50cd06ff2e9ded1848a3ecc96adc4327dd
cd76771ce583c8b818e5311f819552de95b9a86925d5b4e6ffd0c5b275bde30b
cf3fd4e9d345d1bd18f3d2aeb3fb1b2f153dfd9904feb6b20e3edf0dc6125274
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d43e560c310bf246260fc761704b34bc710793ab22a2168c7fc9486149ce9783
d462be35c61b5311a42bc6402e6e64e6e54a7c542963e1f448f10e480ea87cf9
d614198555b98a4bb099307a58401e7305267bcea97bc39ed315e4b9d02ccc5a
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d9f5df5809aa246af5af569ab3b949b7bc386b7f6dbac624a7b8a50fa3ad90d1
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
dddb51e44bd81b42b6cdfb96a472992977a6af370678bb89024b857c092d0be4
de53a304bb4f48baf1efd7ebf48ab13140c5a039dd3f78309ca7466e0e7cfc0d
e07064914221a3992d6f0014dd422e4fa8fdbe36456c57a3476ba6945b9dc59e
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e302680f10ae39d0485db1384068ef1fc3fa318fc99eaab1f50686c3a4be45fd
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a982487cbd64e563370e72a87c5f7fcf760db4219a6b3b749a44e2c55b78a
e70fb9203c1b03268bd0494d70f4a47f6e35d74a4ae0e8b10187025596c9df89
e75f6228d56b6d56634984e016bb74f357f9915c0a947d1f46eb4fbc2477eaca
e7a55bec6b426344da6d67ab0fbe90b171d5d22cd1bbb17a8da887c3342e0522
e87388f86d3bad8ace13e6bac28e13743b88bd57763ce00311b0648ec7e823fd
eae438576c20d429574bb39337c98179423e0ec301675c2ba564e15fd2e0ae0c
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee05824d547a6695e3b43ca836b4b840b408dad79bc5dae83f85906dc9186374
ee2e0abb272016af6b7b2e8e4d3747668f7e47fd09ad3e1a5e88eddcf6e10f58
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
ef4f6bee34be1a02c0d9f2e50190dc5cd9c7fda945932ff8132f768dbf4fde51
f4da1619f336c83ddb043f05ca717232ee31ff64c494645f575f9d358d902f67
f5b44cd05de1784117ec564b4778616207c8c8749e8709b51259920d4de527f0
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa0a2444da9cdbcc29ea16133d14589a18d24144d76ce3d135709c131e73904c
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fba149d48c297fb10215569731ae09a2d630aadaf2963f78f870930c001cf48a
fd608bf540b5307045b8eb8bada7554c4ff41c51bae1b4c43d070402133ba999
fe397926b9153eef1ff4b993c12314dee516648b4b9eb17398b3e4252c0b61fe
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
fef271305260f71472cf681f3b9ecfed76cc378f7ad06fa95a6db81dca1ea599
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e