URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Submission: On July 24 via api from US — Scanned from DE

Summary

This website contacted 71 IPs in 12 countries across 57 domains to perform 310 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 2a00:1450:400... 15169 (GOOGLE)
1 6 192.96.203.13 30633 (LEASEWEB-...)
2 104.26.5.103 13335 (CLOUDFLAR...)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
44 151.101.1.44 54113 (FASTLY)
1 13.114.150.222 16509 (AMAZON-02)
2 142.250.186.34 15169 (GOOGLE)
2 2001:4de0:ac1... 20446 (STACKPATH...)
1 2a02:2638:d::d 44788 (ASN-CRITE...)
2 2600:1f18:24e... 14618 (AMAZON-AES)
8 2a00:1450:400... 15169 (GOOGLE)
2 23.97.225.52 8075 (MICROSOFT...)
5 2a00:1450:400... 15169 (GOOGLE)
29 141.226.228.48 200478 (TABOOLA-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
1 2606:4700:e0:... 13335 (CLOUDFLAR...)
5 52.223.40.198 16509 (AMAZON-02)
3 2a05:d018:d29... 16509 (AMAZON-02)
3 18.158.162.107 16509 (AMAZON-02)
2 3.71.149.231 16509 (AMAZON-02)
1 151.101.193.44 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
3 3 23.197.120.249 16625 (AKAMAI-AS)
6 23.218.210.30 16625 (AKAMAI-AS)
2 35.187.184.108 396982 (GOOGLE-CL...)
18 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 92.123.12.141 20940 (AKAMAI-ASN1)
1 13.32.145.27 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 35.190.0.66 15169 (GOOGLE)
1 35.244.170.237 15169 (GOOGLE)
4 23.32.185.123 16625 (AKAMAI-AS)
22 2a00:1450:400... 15169 (GOOGLE)
1 3.9.88.183 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
2 54.249.104.171 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
4 69.173.144.138 26667 (RUBICONPR...)
4 95.101.197.124 16625 (AKAMAI-AS)
1 2600:1901:0:e... 15169 (GOOGLE)
1 7 69.173.144.165 26667 (RUBICONPR...)
2 3 209.54.182.161 16509 (AMAZON-02)
2 9 172.217.16.194 15169 (GOOGLE)
1 1 208.93.169.131 46244 (WEBMD-IDC...)
1 1 54.148.165.122 16509 (AMAZON-02)
1 1 35.204.158.49 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:224... ()
1 2600:9000:249... 16509 (AMAZON-02)
1 154.58.197.185 174 (COGENT-174)
1 3.120.19.63 16509 (AMAZON-02)
14 2606:4700:20:... 13335 (CLOUDFLAR...)
1 35.186.253.211 15169 (GOOGLE)
1 2600:9000:211... 16509 (AMAZON-02)
1 1 35.186.193.173 15169 (GOOGLE)
1 2 51.89.9.254 16276 (OVH)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 37.157.6.242 198622 (ADFORM)
3 3 46.228.174.117 56396 (AMOBEE)
2 2 13.248.245.213 16509 (AMAZON-02)
1 2600:1901:0:7... 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.192.250.178 16625 (AKAMAI-AS)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 172.217.16.134 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 167.233.13.224 24940 (HETZNER-AS)
2 18.134.113.28 16509 (AMAZON-02)
1 13.32.145.6 16509 (AMAZON-02)
2 3.10.167.44 16509 (AMAZON-02)
310 71
Apex Domain
Subdomains
Transfer
74 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 879
trc.taboola.com — Cisco Umbrella Rank: 611
vidstat.taboola.com — Cisco Umbrella Rank: 2610
am-trc-events.taboola.com — Cisco Umbrella Rank: 13130
images.taboola.com — Cisco Umbrella Rank: 1806
imprammp.taboola.com — Cisco Umbrella Rank: 13229
am-match.taboola.com — Cisco Umbrella Rank: 13250
wf.taboola.com — Cisco Umbrella Rank: 2752
am-vid-events.taboola.com — Cisco Umbrella Rank: 12447
vidstatb.taboola.com — Cisco Umbrella Rank: 4971
am-wf.taboola.com — Cisco Umbrella Rank: 14493
2 MB
44 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 134
tpc.googlesyndication.com — Cisco Umbrella Rank: 153
10625a326852f021794df7af05d29ac7.safeframe.googlesyndication.com
76ebc37c65beaae2fe65fa00797a71e5.safeframe.googlesyndication.com
496 KB
26 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208
stats.g.doubleclick.net — Cisco Umbrella Rank: 120
googleads.g.doubleclick.net — Cisco Umbrella Rank: 56
cm.g.doubleclick.net — Cisco Umbrella Rank: 242
ad.doubleclick.net — Cisco Umbrella Rank: 184
499 KB
20 rubiconproject.com
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1164
eus.rubiconproject.com — Cisco Umbrella Rank: 623
token.rubiconproject.com — Cisco Umbrella Rank: 616
pixel.rubiconproject.com — Cisco Umbrella Rank: 388
36 KB
14 ad4m.at
as.ad4m.at — Cisco Umbrella Rank: 31220
ad4m.at — Cisco Umbrella Rank: 10297
assets.ad4m.at — Cisco Umbrella Rank: 41323
1 MB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 438
219 KB
8 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1746
adservice.google.com — Cisco Umbrella Rank: 117
www.google.com — Cisco Umbrella Rank: 3
12 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 17338
e3.adpushup.com — Cisco Umbrella Rank: 18198
275 KB
6 travelaudience.com
rtb.ads.travelaudience.com — Cisco Umbrella Rank: 96901
ads.travelaudience.com — Cisco Umbrella Rank: 8884
static.travelaudience.com — Cisco Umbrella Rank: 252088
131 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 59
region1.google-analytics.com — Cisco Umbrella Rank: 1815
673 B
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 37470
sync.aralego.com — Cisco Umbrella Rank: 3286
4 KB
5 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
geo.moatads.com — Cisco Umbrella Rank: 765
px.moatads.com — Cisco Umbrella Rank: 570
112 KB
5 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470
ups.analytics.yahoo.com — Cisco Umbrella Rank: 323
1 KB
5 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
1 KB
4 moatpixel.com
travel198849194933.s.moatpixel.com — Cisco Umbrella Rank: 85056
1004 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1256
pixel.quantserve.com — Cisco Umbrella Rank: 960
cms.quantserve.com — Cisco Umbrella Rank: 811
10 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 13646
42 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 26599
api.webgains.io — Cisco Umbrella Rank: 54706
31 KB
3 w55c.net
cti.w55c.net — Cisco Umbrella Rank: 4059
ads.w55c.net — Cisco Umbrella Rank: 13764
i.w55c.net — Cisco Umbrella Rank: 2427
42 KB
3 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 319
2 KB
3 logly.co.jp
l.logly.co.jp — Cisco Umbrella Rank: 63205
sync.logly.co.jp — Cisco Umbrella Rank: 66264
2 KB
3 im-apps.net
dmp.im-apps.net — Cisco Umbrella Rank: 25575
audiencedata.im-apps.net — Cisco Umbrella Rank: 28074
3 KB
3 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 207
169 KB
3 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 355
436 B
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 43281
50 KB
2 ad4mat.net
prod-rtb.ad4mat.net — Cisco Umbrella Rank: 129790
static-de.ad4mat.net — Cisco Umbrella Rank: 158577
4 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
956 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 622
2 KB
2 adform.net
c1.adform.net — Cisco Umbrella Rank: 610
1 KB
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 808
s.tribalfusion.com — Cisco Umbrella Rank: 1937
1 KB
2 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 801
489 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1178
909 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
83 KB
2 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 9904
505 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 724
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28190
12 KB
1 o2online.de
partner.o2online.de — Cisco Umbrella Rank: 76720
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 69723
333 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 68574
186 B
1 conrad.de
www.conrad.de — Cisco Umbrella Rank: 88951
472 B
1 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16651
696 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1396
574 B
1 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3110
104 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 7477
623 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 806
294 B
1 openx.net
rtb.openx.net — Cisco Umbrella Rank: 861
245 B
1 hspvst.com
t.hspvst.com — Cisco Umbrella Rank: 194722
926 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 882
634 B
1 storygize.net
www.storygize.net — Cisco Umbrella Rank: 2554
430 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 581
559 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 20817
3 KB
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1167
635 B
1 ampproject.net
d-1870546441130110630.ampproject.net
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 82
1 KB
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 437
288 B
1 compass-fit.jp
nt.compass-fit.jp — Cisco Umbrella Rank: 92470
17 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
13 KB
310 57
Domain Requested by
24 am-trc-events.taboola.com www.bg3.co
24 pagead2.googlesyndication.com cdn.ampproject.org
securepubads.g.doubleclick.net
ads.aralego.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
www.googletagservices.com
19 images.taboola.com www.bg3.co
18 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 cm.g.doubleclick.net 2 redirects www.bg3.co
googleads.g.doubleclick.net
8 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
7 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
6 assets.ad4m.at as.ad4m.at
6 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
6 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
nt.compass-fit.jp
6 googleads.g.doubleclick.net cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
5 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
eus.rubiconproject.com
googleads.g.doubleclick.net
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 ad4m.at as.ad4m.at
ad4m.at
4 as.ad4m.at googleads.g.doubleclick.net
as.ad4m.at
ad4m.at
4 travel198849194933.s.moatpixel.com rtb.ads.travelaudience.com
4 token.rubiconproject.com eus.rubiconproject.com
4 www.google-analytics.com cdn.ampproject.org
www.bg3.co
4 trc.taboola.com cdn.taboola.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 s.amazon-adsystem.com 2 redirects eus.rubiconproject.com
3 px.moatads.com rtb.ads.travelaudience.com
3 ads.travelaudience.com rtb.ads.travelaudience.com
3 www.googletagservices.com googleads.g.doubleclick.net
3 secure-assets.rubiconproject.com 3 redirects
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 x.bidswitch.net imprammp.taboola.com
am-match.taboola.com
googleads.g.doubleclick.net
3 pr-bh.ybp.yahoo.com imprammp.taboola.com
am-match.taboola.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 ad.doubleclick.net 2 redirects
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 c1.adform.net 2 redirects
2 onetag-sys.com 1 redirects googleads.g.doubleclick.net
2 cms.quantserve.com 1 redirects googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 sync.logly.co.jp nt.compass-fit.jp
sync.logly.co.jp
2 region1.google-analytics.com www.googletagmanager.com
2 dmp.im-apps.net nt.compass-fit.jp
dmp.im-apps.net
2 rtb.ads.travelaudience.com googleads.g.doubleclick.net
rtb.ads.travelaudience.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 ups.analytics.yahoo.com am-match.taboola.com
googleads.g.doubleclick.net
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 e3.adpushup.com www.bg3.co
2 http-intake.logs.datadoghq.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 am-wf.taboola.com vidstat.taboola.com
1 analytics.webgains.io track.webgains.com
1 partner.o2online.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 www.conrad.de as.ad4m.at
1 www.awin1.com 1 redirects
1 static-de.ad4mat.net as.ad4m.at
1 prod-rtb.ad4mat.net googleads.g.doubleclick.net
1 sync.targeting.unrulymedia.com 1 redirects
1 s.tribalfusion.com googleads.g.doubleclick.net
1 a.tribalfusion.com 1 redirects
1 dclk-match.dotomi.com googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 s.ad.smaato.net googleads.g.doubleclick.net
1 rtb.openx.net googleads.g.doubleclick.net
1 i.w55c.net googleads.g.doubleclick.net
1 t.hspvst.com googleads.g.doubleclick.net
1 ads.w55c.net googleads.g.doubleclick.net
1 cti.w55c.net googleads.g.doubleclick.net
1 um.simpli.fi 1 redirects
1 www.storygize.net 1 redirects
1 bh.contextweb.com 1 redirects
1 76ebc37c65beaae2fe65fa00797a71e5.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 audiencedata.im-apps.net dmp.im-apps.net
1 geo.moatads.com z.moatads.com
1 z.moatads.com rtb.ads.travelaudience.com
1 static.travelaudience.com rtb.ads.travelaudience.com
1 10625a326852f021794df7af05d29ac7.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 l.logly.co.jp nt.compass-fit.jp
1 vidstatb.taboola.com www.bg3.co
1 stats.g.doubleclick.net cdn.ampproject.org
1 pixel.quantserve.com www.bg3.co
1 amp.analytics-debugger.com cdn.ampproject.org
1 rules.quantcount.com secure.quantserve.com
1 imprammp.taboola.com vidstat.taboola.com
1 d-1870546441130110630.ampproject.net cdn.ampproject.org
1 adservice.google.com cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 fonts.googleapis.com cdn.taboola.com
1 fundingchoicesmessages.google.com cdn.adpushup.com
1 gum.criteo.com cdn.taboola.com
1 nt.compass-fit.jp www.bg3.co
1 www.bg3.co
0 static.bg3.co Failed www.bg3.co
310 99
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4
2023-05-22 -
2024-06-22
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
cdn.adpushup.com
R3
2023-06-14 -
2023-09-12
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.compass-fit.jp
GlobalSign RSA OV SSL CA 2018
2023-04-11 -
2024-05-12
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-03-22 -
2024-03-22
a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA
2022-08-02 -
2023-09-02
a year crt.sh
*.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1
2022-08-09 -
2023-09-09
a year crt.sh
quantserve.com
R3
2023-06-13 -
2023-09-11
3 months crt.sh
analytics-debugger.com
GTS CA 1P5
2023-07-18 -
2023-10-16
3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-04-04 -
2023-09-27
6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA
2023-03-23 -
2024-03-23
a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-07-18 -
2024-01-10
6 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-18 -
2024-04-17
a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-11-19
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
rtb.ads.travelaudience.com
R3
2023-07-02 -
2023-09-30
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.im-apps.net
DigiCert TLS RSA SHA256 2020 CA1
2023-04-13 -
2024-04-13
a year crt.sh
*.logly.co.jp
Amazon RSA 2048 M02
2023-04-05 -
2024-05-04
a year crt.sh
ads.travelaudience.com
R3
2023-07-09 -
2023-10-07
3 months crt.sh
static.travelaudience.com
R3
2023-05-29 -
2023-08-27
3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2022-11-16 -
2023-11-18
a year crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1
2023-06-20 -
2024-07-20
a year crt.sh
www.google.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
audiencedata.im-apps.net
GTS CA 1D4
2023-06-08 -
2023-09-06
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-07-03 -
2023-09-25
3 months crt.sh
*.w55c.net
Amazon RSA 2048 M02
2023-05-29 -
2024-06-25
a year crt.sh
*.hspvst.com
Gandi Standard SSL CA 2
2022-12-12 -
2023-12-09
a year crt.sh
*.openx.net
GeoTrust RSA CA 2018
2022-07-21 -
2023-08-21
a year crt.sh
s.ad.smaato.net
Amazon RSA 2048 M01
2023-07-23 -
2024-08-20
a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018
2022-08-09 -
2023-09-10
a year crt.sh
prod-rtb.ad4mat.net
GTS CA 1D4
2023-06-04 -
2023-09-02
3 months crt.sh
*.webgains.com
Amazon RSA 2048 M01
2023-05-15 -
2024-06-13
a year crt.sh
*.webgains.io
Amazon RSA 2048 M01
2023-07-24 -
2024-08-22
a year crt.sh

This page contains 34 frames:

Primary Page: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Frame ID: 3BF540E9E41590729DDA9B8D8E19DE74
Requests: 153 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1690225044776&uv=3307&tms=1690225044776&abt=nonrv_vA!orstbycnd3_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a22d327-ff61-4471-ae7e-5b4255463a9a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: A470D675DF096EA5E9F46A05953D6991
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 1B9578188313C8AF33849D87C019E871
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 1A6631B0CA3BE58F798E29FC6D1B145B
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 5D46DB966D940EF62943F669BE225C41
Requests: 4 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E17549DF9A2667A242D342E4225FC096
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: B10C229FDDFB595C6A9814A2FD5D1CDF
Requests: 3 HTTP requests in this frame

Frame: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Frame ID: 0BBD0059A90DE8CD9BC8655175CE77F9
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Frame ID: 5518948AAC08ACE45FA47E618B3E3339
Requests: 5 HTTP requests in this frame

Frame: https://10625a326852f021794df7af05d29ac7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: B529CCAA148AAE83F9D5C25A24A4EF8B
Requests: 1 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 308183C4F50F5E38DF56E0271CF962A8
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 33CB2C4EF46581826A607DFEE822FEF5
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 0137C51A1AF0E6CA280239135C2EE83A
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: ECA478EA99EF6A526B498112259A134B
Requests: 6 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: 5B57BCAC6D65538A49603FB502FD7244
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 758EC45E8ADD00031945BDCE2421A9D9
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 107376C6EB37E8774D04A8804E667857
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AA53D5BD0141AF3B03F92564FF759D4
Requests: 2 HTTP requests in this frame

Frame: https://76ebc37c65beaae2fe65fa00797a71e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 963A575BBCE9CBE541850CDA60E56A66
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Frame ID: 52C21ED1BCEDAEF9C5085A4BB75E0CE0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB2832002E88C3EF88FA4046EE3A49E2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B409A7D3BE02AC6F59C109921597BC1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CF04139DEF3FF323A77F41ED76A9654
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5137CBEAFFC060B04C36F6BA5E3235A4
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Frame ID: D870CF8035A01EBC0AADA07090C4AC96
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 705D3735C3B680807E064EFC2EF17759
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0CB4332CE623A01BC16233935FD1BE36
Requests: 2 HTTP requests in this frame

Frame: https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0w3MTcw&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ciu=XRzTeTi6gk&btid=NTVFOURCOTg2MkQzREI4NDcwMzBCMUI5MjU2N0U2MkR8R0ZMRWdZalNVcHwxNjkwMjI1MDQ3MDMzfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xNzY3MDg4MzI5X0VYfDEzODUxNnx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=bg3.co&cip=1&hmt=1&uidu=CAESEGnigiYczVCF5bbqQUK1GCI&spidu=GOOGLE&pidu=7170&hmpvu=f789ffc1-4772-4e0c-b27c-f334cfa24de8&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&
Frame ID: 51F3E4DAE53AFB41375702DDBEEE2177
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 78230F38E0DC35BC05FFEEDEEBFE0348
Requests: 9 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: C98730A695C93F11F8E488E311A32471
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Frame ID: 7BDC792A41A71C85AE8C503FAD48F986
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 153B9AF837877E6F6EC5831915CA84E3
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: E9A5065F8AAF5D349769AAB1B80DDA22
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Frame ID: 202876605B75571058E9F26468EF11C1
Requests: 14 HTTP requests in this frame

Screenshot

Page Title

海南三亞:海灘人頭攢動 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • moatads\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

310
Requests

88 %
HTTPS

44 %
IPv6

57
Domains

99
Subdomains

71
IPs

12
Countries

5181 kB
Transfer

12113 kB
Size

39
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 147
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 173
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 186
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Request Chain 207
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mUmIhQqcTWOs4Y7JSbQYtQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mUmIhQqcTWOs4Y7JSbQYtQ
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMyiHIGPE3H6idBBofgtnz0&google_cver=1
Request Chain 211
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=b9BssLXbgnf5&ev=1&pid=560687
Request Chain 212
  • https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Request Chain 214
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4EACE29F9CAA43EC8E2B45CBC4CFCE02&expires=365
Request Chain 265
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOp7nmXIR53KBvUBQTXA_mo&google_cver=1&google_push=AaAOQGG_rqdJLHVhDi1Ga3VIFkc3kGzZB6Yrf6U_QQ0tHkkcXMlwbXaadFrvtYEG7yzKEcwtraadPpdxGuF8zcCKPIdOuBT31kCV1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG_rqdJLHVhDi1Ga3VIFkc3kGzZB6Yrf6U_QQ0tHkkcXMlwbXaadFrvtYEG7yzKEcwtraadPpdxGuF8zcCKPIdOuBT31kCV1A&google_hm=2AHIeNb4SNar649YvV_sD2Y
Request Chain 266
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEK_rvoQcXlaEm7qPDoi3s14&google_cver=1&google_push=AaAOQGGCyleDJ_98Tu0V7_0yUz28JyZaqBnRRcVQyg8dh4M69_X5mLZyuTqViyRwlRj2WkVPkfCQWTPdriECdCvRUf4H3a0vNbBr-A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGCyleDJ_98Tu0V7_0yUz28JyZaqBnRRcVQyg8dh4M69_X5mLZyuTqViyRwlRj2WkVPkfCQWTPdriECdCvRUf4H3a0vNbBr-A HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 268
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECxh1DWhQ_PzEBrqyNW9iGY&google_cver=1&google_push=AaAOQGF9OcHHKgd-rTu5CpXwbDAtqQjcKjGu5lJwRUiyc1mbCc0BMUuEctchNsB2mkXRakNlKWuvuNkYnc7GECmWusHv7FQVh_E HTTP 302
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGF9OcHHKgd-rTu5CpXwbDAtqQjcKjGu5lJwRUiyc1mbCc0BMUuEctchNsB2mkXRakNlKWuvuNkYnc7GECmWusHv7FQVh_E&google_hm=Dv_KTAa0nz7XF_h5brVhug
Request Chain 270
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPwJIGSuHWaK6mY7PLCVUZk&google_cver=1&google_push=AaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPwJIGSuHWaK6mY7PLCVUZk&google_cver=1&google_push=AaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 271
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAWaC6aha1DcyCimDcpdkcs&google_cver=1&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5EnULqjvHj_U1bjKYHQ8VM HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAWaC6aha1DcyCimDcpdkcs&google_cver=1&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5EnULqjvHj_U1bjKYHQ8VM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcxMTc4MzY5MjIyOTc5MDY2OQ&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5EnULqjvHj_U1bjKYHQ8VM
Request Chain 272
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC1Jd2jVYlg7KOAOZaZ_Roc&google_cver=1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1690225047606 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-3388b781-8a3f-4627-95e8-3c481e5b81cc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P%26google_hm%3DAzOIt4GKP0Ynleg8SB5bgcw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P&google_hm=AzOIt4GKP0Ynleg8SB5bgcw
Request Chain 273
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDgwDtFD1Eb9zAM__Nv7Tn0&google_cver=1&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1JqY HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1JqY&google_gid=CAESEDgwDtFD1Eb9zAM__Nv7Tn0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE1NDcyNjE3MDE1NjM3NDEyMDA2Ng%3D%3D&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1JqY
Request Chain 294
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1690225048_ef604520-2a53-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Request Chain 297
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CISun_2CqIADFTaf_Qcd_voIOQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=0;gdpr_consent=;ltd=?https%3A%2F%2Fwww.telefonica-partner.de%2Ftpv.php%3Ft%3D117703V1226132702M%26subid%3Dreach_SUBIDTEST_view HTTP 302
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view HTTP 302
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218

310 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
www.bg3.co/a/
47 KB
13 KB
Document
General
Full URL
https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce3f16fdcb4ddab782f38b4895e6db8158e1e9125a326ec3a15e4754852ff610

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Jul 2023 18:57:23 GMT
etag
"bdbb-JmimHuPAlZuzF5KVjFiOSORmg0U"
expires
Mon, 24 Jul 2023 19:12:23 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/
277 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 24 Jul 2023 18:57:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72888
x-xss-protection
0
server
sffe
etag
"03bc649404a9850f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 24 Jul 2023 18:57:23 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 24 Jul 2023 18:57:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9649
x-xss-protection
0
server
sffe
etag
"23590aea1735b086"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 24 Jul 2023 18:57:23 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
7 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Mon, 24 Jul 2023 18:57:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7554
x-xss-protection
0
server
sffe
etag
"50eb993f3be7bbdc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 24 Jul 2023 18:57:23 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
11576
alt-svc
h3=":443"; ma=86400
content-length
40181
last-modified
Tue, 20 Jun 2023 03:04:26 GMT
server
cloudflare
etag
"6491173a-9cf5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nrgj8hKkfnbo5jD%2BNTFhBCzZ7%2BfN0hYe1kgO%2Fz4wO3AF8Y3ysYpN45yJQBhudAQFuIley0RH9UhaUiMnJ%2BfG1sEOxHIVAPVYv%2BpYgfm3UjNiGcnQSWniE6%2B2Q0TVi7iEnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7ebe6381db3537ec-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/
41 KB
11 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
f32e8ef37e467b4df1bfbe30dd43bb63b6a4fd3e150196459ecbe60a413afeb3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:23 GMT
content-encoding
br
last-modified
Mon, 24 Jul 2023 07:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-cf-geodata
DE
content-length
10988
expires
Mon, 24 Jul 2023 19:57:23 GMT
adpushup.js
cdn.adpushup.com/42753/
632 KB
135 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d4b3cf6066ae5f774c36da3ff9a829625ab6cc95c7e58934d6d2debfaba8fdb2

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:23 GMT
content-encoding
br
last-modified
Mon, 24 Jul 2023 12:04:40 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8, origin; dur=0, ak_p; desc="469506_34831752_336321818_767_1120_17_0_146";dur=1
x-cf-geodata
DE
content-length
137804
expires
Mon, 24 Jul 2023 19:57:23 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/
283 KB
46 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9457a23a9affbdd76a2510ca409e6db5bc6985d86084bff08cebf06f6e7a0467

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
HbReA6kvDkSV7fxQ0f.kXi7Gb0hvqJsy
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:23 GMT
x-amz-request-id
DE16ZW9FDBV7FNVR
age
14715
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
46587
x-amz-id-2
Syj+T/Y1X3337IEBbaHwpkW6696n4QeMi5zdb/xPULq145Jfnwlh7zkpgDCtxr2nLfE6GBnibRc=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:31:48 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.850133,VS0,VE2
etag
"e9eb87bb04ee2c516d6b80af9adab60f"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
71
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
lift_widget.js
nt.compass-fit.jp/
78 KB
17 KB
Script
General
Full URL
https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.114.150.222 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-114-150-222.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c4770185948e11618550389caa2e9e344f81cadfe55ec5448917e7a0293daede

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type
text/javascript
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
impl.20230723-13-RELEASE.js
cdn.taboola.com/libtrc/
789 KB
163 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
4bd8894acc33b04294418027b87cbc32f40e5661e56f642162940f3867fd0102

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
hA69QlflOTnsT3o4BOWGKnipa2RoZGt9
content-encoding
br
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:23 GMT
x-amz-request-id
7AD625D6GMKSYGGA
age
28549
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
167040
x-amz-id-2
HaBH5u66AWoh2x5RadYcDjYgZ3cEgpelfrym1JcHtb5yQ8Me777Z8NoAG89PQwoIxmrF0lDCo7c=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Sun, 23 Jul 2023 10:53:52 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.913249,VS0,VE0
etag
"23b95fe7ca61654394789bcf40bfb4d7"
vary
Accept-Encoding
content-type
application/javascript
abp
19
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
71964
4f542554f89695ce4a027aa056097118.jpg
static.bg3.co/imgs/202301/
0
0

18a7e3be6b270092f19ff35dc6a97ae7.jpg
static.bg3.co/imgs/202105/
0
0

049c7f4ad5aad60f6fc042df982b6d22.jpg
static.bg3.co/imgs/202107/
0
0

e5005c5308bc7c9467fcbd7e627d95de.jpg
static.bg3.co/imgs/202105/
0
0

1f37b8b29da65bb7711b25e687d33c61.jpg
static.bg3.co/imgs/202109/
0
0

82ab7bbe57b8b8339f37d9d152f4f574.jpg
static.bg3.co/imgs/202202/
0
0

09740c668fb27baf6b9563471727d285.jpg
static.bg3.co/imgs/202105/
0
0

e3822bcbc627f799d99bc89b318cd464.jpg
static.bg3.co/imgs/202106/
0
0

29a5314c3a1d44ecc1089d22a8ed1104.jpg
static.bg3.co/imgs/202107/
0
0

5b59010017b3fe303e1159af72427cfe.jpg
static.bg3.co/imgs/202107/
0
0

7156afbc3a3f4005800ed4e4b8ee8229.jpg
static.bg3.co/imgs/202105/
0
0

9346a255cd2c5b88a55511248e9dda6b.jpg
static.bg3.co/imgs/202010/
0
0

5eed160f905dbd9bee18c9ee6a31e3ee.jpg
static.bg3.co/imgs/202105/
0
0

587541147a553bd94cfc1e718b71021c.jpg
static.bg3.co/imgs/202105/
0
0

8f8d71d78c948a341dc713a437efca80.jpg
static.bg3.co/imgs/202106/
0
0

4041dccd2d6c25556233d27a67ee8da9.jpg
static.bg3.co/imgs/202105/
0
0

35c1505224bf70661848f4739132f505.jpg
static.bg3.co/imgs/202107/
0
0

97a4c40e47890e6e884e05c2a5048a0d.jpg
static.bg3.co/imgs/202106/
0
0

0e556532c7853e54be9bd48ec6276007.jpg
static.bg3.co/imgs/202105/
0
0

502b73ece4de97fa8352f5eced740110.jpg
static.bg3.co/imgs/202106/
0
0

880e71c53cc80a41380d15c709a0a5a5.jpg
static.bg3.co/imgs/202105/
0
0

841c21cc915a6c3e69d41b637e4e3023.jpg
static.bg3.co/imgs/202105/
0
0

09827277fd64d89a1a5afa7d40d2133e.jpg
static.bg3.co/imgs/202105/
0
0

amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012307052224000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Jul 2023 06:07:46 GMT
age
305378
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2966
x-xss-protection
0
server
sffe
etag
"4e4cebbab06b5f09"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 20 Jul 2024 06:07:46 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012307052224000/v0/
82 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Jul 2023 17:16:31 GMT
age
524453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23120
x-xss-protection
0
server
sffe
etag
"97458ea624168dde"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jul 2024 17:16:31 GMT
ama
pagead2.googlesyndication.com/getconfig/
3 KB
819 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3f5df93a32fe70c32f336098147de918a0122aaa41b3269a2d5c094a4b1fd851
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
471
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/
84 KB
29 KB
Script
General
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
last-modified
Fri, 12 Aug 2022 13:47:02 GMT
server
nginx
etag
W/"62f659d6-14e98"
vary
Accept-Encoding
x-hw
1690225044.dop052.fr8.t,1690225044.cds226.fr8.hn,1690225044.cds235.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-loader-0.1.js
cdn.ampproject.org/rtv/012307052224000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 24 Jul 2023 04:42:10 GMT
age
51314
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3939
x-xss-protection
0
server
sffe
etag
"21ee47434b69c418"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Jul 2024 04:42:10 GMT
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1690225044.dop052.fr8.t,1690225044.cds226.fr8.hn,1690225044.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
270215
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/
85 KB
19 KB
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=18%3A57%3A24.039&lti=deflated&data=%7B%22id%22%3A68%2C%22ii%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690209100609%2C%22vi%22%3A1690225044035%2C%22cv%22%3A%2220230723-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22vpi%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3252%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A782.25%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
bc577cd83b77ca7ae68e920423a57af78b90b7601b6a2cde93275f4ef5bc06ff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
243
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7376
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230072-FRA
server
nginx
x-timer
S1690225044.083301,VS0,VE243
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
253 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:a60:36e3:e4d:4584 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/
409 KB
120 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469506_34831752_336324062_44_1086_12_0_146";dur=1
content-length
122286
expires
Tue, 23 Jul 2024 18:57:24 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
555 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=1, ak_p; desc="469506_34831752_336324063_14_1073_12_0_146";dur=1
content-length
211
expires
Tue, 23 Jul 2024 18:57:24 GMT
linkPreview.js
cdn.adpushup.com/42753/
75 KB
18 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="469506_34831752_336324064_730_1252_12_0_146";dur=1
content-length
18371
expires
Mon, 24 Jul 2023 19:57:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
81 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f5dcbea96239f07b39c41eacbc25dbbf7fe3d397ba1c4e02f5ee9e1c25518f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27948
x-xss-protection
0
server
cafe
etag
812 / 19562 / m202307180101 / config-hash: 14308175188880485398
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:24 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
309 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTAyMjUwNDQxNjMsInBhY2tldElkIjoiMDAwMEE3MDEtYWI1M2FjNjUtM2I4Zi00MjE5LWE4NGYtN2M3OTRiYWU2NmQ4Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hhaS1uYW4tc2FuLXlhLWhhaS10YW4tcmVuLXRvdS16YW4tZG9uZy5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGwsImNvdW50cnkiOiJERSJ9&c_b=2150.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
308 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/
19 KB
8 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-mY6s_GAuldBs0X7hF9se6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-mY6s_GAuldBs0X7hF9se6Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
block.jpg
delivery.adrecover.com/
631 B
857 B
Image
General
Full URL
https://delivery.adrecover.com/block.jpg?ts=1690225044199
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:24 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
accept-ranges
bytes
content-length
631
expires
Mon, 24 Jul 2023 19:57:24 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/
385 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
2117
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Jul 2024 18:22:07 GMT
floating-unit.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0001f9204e0a7a42bbd784321b21240e17f73fb2e1ef8a12f6bbdf45b321a108

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
FQE00u774qjeCF53bfn_3NxyA7.s2jNY
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
YPPT0GD3RPDSH1WE
age
16191
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
5FThYiBEvnb4sQ+xUqninrAUd3B5qFN+DAAKjGxrIfZT4l4gHdDRbzTkvZvgtFap8FJvpBnjyvk=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:33 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.348651,VS0,VE0
etag
"aaea2ed2368c013984c6541fa4ef3db4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
10
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1498
taboola-vignette-new-scanning.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
27 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16ee6d9a2fdd8465eae5e3c6d0bddb185d37a4c6c6b974be4f6c22050a7486bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
fpVakkD0GlzPMe_Clgn9fVeLMwSGJTok
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
H0GYVAECDCSW5ADQ
age
16170
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8011
x-amz-id-2
BL4yifyo2YZ39hGsz4ZHeXHyKTCpS82Rdda9b571Fqu+MeJur6FYL/NYUiALkK68NSIwn9g2pic=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:53 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.349200,VS0,VE0
etag
"6927709e4645646144614889f35a2b9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1018
distance-from-article.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b1e2d3f970f197c1b9fb49d34865dfb36cc299f3babb9080acfc36b035551c9c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
a5Q2.xyQdvJxdX2kG2.UgELI4UUSquCc
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
B6MM8W856FCFMTPX
age
16202
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
IzLPACKVzIRdL/WQTjntTLC5+JkRKVItAFIAak1n7u0zPzLXbeGgxbtgzW1wrf+1LM7J4MoM3m8=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:22 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.361490,VS0,VE0
etag
"d5334d2c9eed51ffab820cd68b41d899"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
93
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17223
article-detection.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
15491372c6b6b02a7f7a7a5a0709ab3325690316125b050d4dcd460bce90ced0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
kBqJPsSfGnBJVGznP8E8Qz0IJT2gzBV8
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
NAMNFVGPNYXCEVJ7
age
16209
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1271
x-amz-id-2
j+iKOG1NHsWYtTdNPyQQFls0wUJGVwG+cId+ZmzUxDnFhRQ+9SIoG6BTSsbtxEQuEFjBoEQ5fQU=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:15 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.361459,VS0,VE0
etag
"d08cda75f1643dc5f1167c763a04fd33"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
35
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
17312
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.1.2/
123 KB
35 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18f6e93b6e1ac6b3971bbf06396514d80559a3df081ae53f7f59860b878d6e91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
466386
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
35118
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Wed, 19 Jul 2023 09:23:52 GMT
server
AmazonS3
x-timer
S1690225044.364895,VS0,VE0
etag
"23e2191935103aeeb4e92c57ab67b071"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
jeEcHGy4ko5_1pXyXnFaopBb8-Pg5LZMKgdlsyht_FBh6TG4UJ5W7A==
x-cache-hits
51218
feed-card-placeholder.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ed6acae7a9fe10a06060632b0f9e2c9ff507bc6237778ae3982f7e42bad5e98d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
Po5UNeJ_KI8aTbJ.mP5Vc4tV15OzY4uB
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
AEZT4FYQZEY2MWQ0
age
16196
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
xDFDjXDgwtHGNU7EKzr5ycUkvkQpwe9CGTSyNJcMa9IBXloUP6B1bTGQsAc12m2k/bLIr4ccfOI=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:28 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.365498,VS0,VE0
etag
"c7305020b4f274a8e9aee44627213cb0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
48
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
15188
userx.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e91114cccdf9ca8ddcce6eecbe034bc2e422c70eb2740a8bc892d2feeee1dcf0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
cwNT3gDBc5Gov868uwgD_oDsaow0DAIk
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
6SJJ50MDKRYDEKYB
age
16167
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5399
x-amz-id-2
0BoLvDjtOBJHkvihKbYhHKYnavRz79d7mqtF0nkaczILx89wxpmdvL8m9q5Mody27ZY4mKjbd48=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.371079,VS0,VE0
etag
"ba25962d26776ff31ad6e8f5eb682648"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
26
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3569
explore-more.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
30 KB
9 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ad1db962f0c7870ea69a2d5dc862c25da90e677901777cb56415e319785fd2b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
Pk3tmLSgP9j3zbjXErc8SjnYMyCPcEGD
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
48FZY9HFPZM45J5V
age
16198
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8778
x-amz-id-2
qvxZ1dON2JsGvuYZt3G+wmgTKWAnL4krRFrc9Ezl5SzPL/nZDxnVIpewBdgPjzlh5jEEjGwYLXk=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.386987,VS0,VE0
etag
"f864bbdd61986c1343e0d0e4d1aa70f6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
12
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8365
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=18%3A57%3A24.345&id=3504&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
231 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1690225044346%7D&tim=18%3A57%3A24.346&id=5418&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690225044352%7D&tim=18%3A57%3A24.352&id=3495&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A57%3A24.381&id=7464&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.385&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=4065&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13371
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.386&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=595&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13371
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.391&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=6324&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13371
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.392&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6035&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13371
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.397&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=1700&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13371
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
KH3H54SRP4YPB9PB
age
34
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
mP0nZ+4KDBKHVDyhuUEzb3LuG90df21M5809hL3yrjZ20OaHTMiCTGdDl6kK0Ov0/jyat3qi0Ao=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.404663,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
18
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
74
json
trc.taboola.com/palmate-bg3co/trc/3/
26 KB
7 KB
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=18%3A57%3A24.416&route=AM:AM:V&lti=deflated&data=%7B%22id%22%3A210%2C%22ii%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA%22%2C%22ui%22%3A%2289a44159-4087-497f-ba78-acf350888e63-tuctbb84f14%22%2C%22uifp%22%3A%2289a44159-4087-497f-ba78-acf350888e63-tuctbb84f14%22%2C%22lbt%22%3A1690209100609%2C%22vi%22%3A1690225044035%2C%22cv%22%3A%2220230723-13-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22stop_tslt%22%3Atrue%2C%22ack_exm%22%3Atrue%2C%22ack_vig%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22vpi%22%3A%22%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A4318%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A782.25%2C%22mw%22%3A760%2C%22fi%22%3A5%2C%22fb%22%3A2%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_2%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
450b99e9a62f42de2bc836fcffbb5538e7b613414ccd7ed9099a60481b525f46

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
226
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7520
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230072-FRA
server
nginx
x-timer
S1690225044.419150,VS0,VE226
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
ad685827c248a07b09b44a593a79bbf7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_900%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
65 KB
65 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_900%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4962c066bd951ac6dcb4f5b57b96302acd7eb917e6368394b4e993135c3ca573

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_900%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
age
852154
edge-cache-tag
318158332166076500936716601880124694530,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
318158332166076500936716601880124694530,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
466
req-referer
https://sipse.com/
content-length
66104
x-request-id
a09eeddb9a62a373b95a18f9dc357bf5
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100100-IAD, cache-iad-kjyo7100100-IAD, cache-sna10731-LGB, cache-iad-kiad7000143-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 13 Jul 2023 15:25:56 GMT
server
nginx
x-timer
S1690225045.613769,VS0,VE2
etag
"e326a04ff4a8a02d7b635451f1ef61d1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 0, 1
ad685827c248a07b09b44a593a79bbf7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
33 KB
34 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15de2bea0f33dfe7ad7f419efff11d608fbc35cd7eb535d13fdce4f12f48ec38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
age
893481
edge-cache-tag
318158332166076500936716601880124694530,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
318158332166076500936716601880124694530,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
160
req-referer
https://www.tag24.de/nachrichten/regionales/sachsen/zwickau/e-scooter-mit-ueber-100-km-h-in-zwickau-einkassiert-2893002?utm_source=facebook&utm_medium=social&utm_campaign=fb-post-chemnitz&fbclid=IwAR2EgQDfg7q13P-YJgt7Q1bvBmiw0YOFHb-mbIpwjbrT-B8PmXLxUNWfnz8
content-length
33892
x-request-id
2eecf42bf77148d0674e7f85a7dd5723
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kjyo7100166-IAD, cache-sna10742-LGB, cache-iad-kiad7000124-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 13 Jul 2023 15:25:56 GMT
server
nginx
x-timer
S1690225045.613805,VS0,VE2
etag
"8b2f05104d4497afc3b59a888c9b456b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
99d66149e4e5aa6ad9230eb0db96ccc1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
29 KB
30 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
120c9e94254d88820087e02ce6c3b51ddfd436bf1281e13f92e1c36233d14a73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
age
1760611
edge-cache-tag
485896271196729578255369217605344148865,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
485896271196729578255369217605344148865,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
133
expiration
expiry-date="Sat, 29 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.hoerzu.de/
content-length
30038
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000105-IAD, cache-iad-kiad7000052-IAD, cache-chi-kigq8000084-CHI, cache-iad-kiad7000021-IAD, cache-fra-eddf8230072-FRA
last-modified
Wed, 28 Jun 2023 05:41:40 GMT
server
nginx
x-timer
S1690225045.614276,VS0,VE2
etag
"0db72eed2bb3d74cfa648152808b4675"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
9e4652ada52ae69f307be3fe18bb316b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
42 KB
43 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4652ada52ae69f307be3fe18bb316b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e110ca8079116981495af7a2ab0e32156bfb91a2001daecba9ff565a4ab59ec0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4652ada52ae69f307be3fe18bb316b.png
age
789131
edge-cache-tag
588156813408017569507565850085625549913,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
588156813408017569507565850085625549913,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
174
expiration
expiry-date="Thu, 27 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.rundschau-online.de/
content-length
42900
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200029-IAD, cache-iad-kcgs7200124-IAD, cache-lga21933-LGA, cache-iad-kcgs7200134-IAD, cache-fra-eddf8230072-FRA
last-modified
Mon, 26 Jun 2023 14:34:04 GMT
server
nginx
x-timer
S1690225045.614202,VS0,VE2
etag
"f44803d6412e413868a147df66bc3d92"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 7, 1
592ecf3ab30638f4ed7b1f04592e8d94.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
32 KB
32 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/592ecf3ab30638f4ed7b1f04592e8d94.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85fb523567869516f07b3499050dac9667c49c0627a0a371754389d795bb1bc5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/592ecf3ab30638f4ed7b1f04592e8d94.jpeg
age
31422
edge-cache-tag
336752163488683836598896593607704084428,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
336752163488683836598896593607704084428,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time
190
req-referer
https://schnellerezepte.eu/
content-length
32374
x-request-id
985f9159d47c938c669ae74adbbad80f
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100137-IAD, cache-iad-kcgs7200044-IAD, cache-sna10740-LGB, cache-iad-kjyo7100052-IAD, cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 09:55:44 GMT
server
nginx
x-timer
S1690225045.613756,VS0,VE2
etag
"dd353b03222e6027170fa5637ef7cfdc"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 2, 0, 1
61208f00497f081f1146808d83777868.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
24 KB
25 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61208f00497f081f1146808d83777868.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4f5d8abbbeeae13bfe25acfb99235e0ce9f8b9e41cde8df150e182d5e547b978

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
3
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61208f00497f081f1146808d83777868.png
age
2293776
edge-cache-tag
452995907047975560667908281926024595829,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
452995907047975560667908281926024595829,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
125
req-referer
https://www.derstandard.at/
content-length
24734
x-request-id
6a910f952e1a6544723e18c2fc704184
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kiad7000062-IAD, cache-iad-kjyo7100104-IAD, cache-lga21925-LGA, cache-iad-kcgs7200168-IAD, cache-fra-eddf8230072-FRA
last-modified
Tue, 27 Jun 2023 13:37:53 GMT
server
nginx
x-timer
S1690225045.614122,VS0,VE3
etag
"625da4a82644c2af2ef3fa9bf76031b2"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 79, 1
0296d48e-c9b8-4eb7-bbff-5af1e191a3e3__qKNyHrHA.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0296d48e-c9b8-4eb7-bbff-5af1e191a3e3__qKNyHrHA.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d87ae53f01ccd7eb0750cd0ea864450054ba99c07025b44db1bb7318bd57b1a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/0296d48e-c9b8-4eb7-bbff-5af1e191a3e3__qKNyHrHA.jpg
age
956510
edge-cache-tag
380508010895749022599194741281918288835,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
380508010895749022599194741281918288835,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
541
req-referer
https://www.bangkokpost.com/
content-length
21434
x-request-id
2153b715cf17dd24e18ffaaf1b200bb6
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100129-IAD, cache-iad-kcgs7200120-IAD, cache-chi-kigq8000073-CHI, cache-iad-kcgs7200088-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 13 Jul 2023 13:07:49 GMT
server
nginx
x-timer
S1690225045.630594,VS0,VE2
etag
"e244f0b54f26d4855e293d2ade3a1dac"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 5, 1
ad685827c248a07b09b44a593a79bbf7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
41 KB
42 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9e97e0a0dcc9bf9088907dbabcf2ddddce22f29c9f451ffb5f329117e94170df

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
age
894229
edge-cache-tag
318158332166076500936716601880124694530,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
318158332166076500936716601880124694530,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
382
req-referer
https://www.t-online.de/
content-length
42348
x-request-id
0aa4f3dba237d2158f8fdce8626004d2
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000096-IAD, cache-iad-kiad7000043-IAD, cache-lax10667-LGB, cache-iad-kiad7000066-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 13 Jul 2023 15:25:56 GMT
server
nginx
x-timer
S1690225045.630485,VS0,VE2
etag
"46ebdb1bde72bbdf390339721fc7b69c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
99d66149e4e5aa6ad9230eb0db96ccc1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
93 KB
94 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4533249bc7e6699013673d6ed47fa170f00d0b116573317b8429a54311c46ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
age
2352784
edge-cache-tag
485896271196729578255369217605344148865,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
485896271196729578255369217605344148865,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
266
req-referer
https://www.t-online.de/
content-length
95408
x-request-id
5543ca5f0b043c6b27afa63fa37c20e8
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kcgs7200115-IAD, cache-iad-kcgs7200021-IAD, cache-sna10721-LGB, cache-iad-kcgs7200171-IAD, cache-fra-eddf8230072-FRA
last-modified
Tue, 27 Jun 2023 13:24:21 GMT
server
nginx
x-timer
S1690225045.630977,VS0,VE2
etag
"c1ae0dfafa1b57f100890f5381625ec1"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 159, 1
592ecf3ab30638f4ed7b1f04592e8d94.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
36 KB
36 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/592ecf3ab30638f4ed7b1f04592e8d94.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7ee7c30f06cf973c4d9801f35efea3825b00a63227516ac6f6ba3600b0a37a07

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/592ecf3ab30638f4ed7b1f04592e8d94.jpeg
age
32276
edge-cache-tag
336752163488683836598896593607704084428,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
336752163488683836598896593607704084428,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
256
req-referer
https://www.t-online.de/
content-length
36420
x-request-id
ef27e67144664f1e3ea9f79353e0cf74
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100172-IAD, cache-iad-kjyo7100103-IAD, cache-lga21944-LGA, cache-iad-kiad7000095-IAD, cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 09:55:44 GMT
server
nginx
x-timer
S1690225045.631403,VS0,VE2
etag
"57270688b199efbeb8a95f27655c1fa3"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
61208f00497f081f1146808d83777868.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
81 KB
82 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61208f00497f081f1146808d83777868.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
12a81bb89af8e0d716862eb124e4d37814d07ae387749378e08f7a8fcd81b512

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61208f00497f081f1146808d83777868.png
age
2351970
edge-cache-tag
452995907047975560667908281926024595829,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
452995907047975560667908281926024595829,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
403
req-referer
https://www.t-online.de/
content-length
82572
x-request-id
4a9c02310a2051835131fde50e0fc851
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100084-IAD, cache-iad-kcgs7200057-IAD, cache-sna10736-LGB, cache-iad-kcgs7200148-IAD, cache-fra-eddf8230072-FRA
last-modified
Tue, 27 Jun 2023 13:37:54 GMT
server
nginx
x-timer
S1690225045.631759,VS0,VE2
etag
"0a79b972445237cb2b382c5a89da7f85"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 77, 1
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.436&type=usage&msg=image_utils-event-1690225044436&llvl=2&id=3557&cv=20230723-13-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~3830649722251261353~~bT8eJM3UlMnjb%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13488
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.437&type=usage&msg=image_utils-event-1690225044437&llvl=2&id=1387&cv=20230723-13-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~4710571744434673089~~wU57FSyt3oCDJ%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13488
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.437&type=usage&msg=image_utils-event-1690225044437&llvl=2&id=2718&cv=20230723-13-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~3830649722251261353~~bT8eJM3UlMnjb%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13488
next-up-widget.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
16 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2a95b058fb7f372d8d10c64d316dc4d85cb4094383a4d1fbbb58eb63a1008e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
w.a79Y3ZDCHqeT1EwoMQel1y_xZK_vR9
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
0Q0E9PG0TRK4ZXVY
age
16188
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4624
x-amz-id-2
du6us5dNG5KuW13XBzTID5Qdk9K0TohBDzIGE/fRHzLicFXvh/gitQOfcUT5AmnzSSH2qfaSoro=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:36 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.446064,VS0,VE0
etag
"e6b560657c676c40cc496db78a2ddb1b"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1471
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012307052224000/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Jul 2023 17:16:31 GMT
age
524453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10347
x-xss-protection
0
server
sffe
etag
"59414361c8ed98c7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jul 2024 17:16:31 GMT
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A723%7D%22%2C%22eventTime%22%3A1690225044450%7D&tim=18%3A57%3A24.450&id=6518&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%2218.25%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A57%3A24.464&id=3691&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.480&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8185&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13488
css2
fonts.googleapis.com/
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 24 Jul 2023 18:26:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 24 Jul 2023 18:57:24 GMT
spa-detector.20230723-13-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230723-13-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
473f7ecbd50d5f917307b795db8c81e3998d1767349c4e575f1291d0c084ee8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
L_UN.0cD31mIBLQ7TGY2p1uCye.vrWcb
content-encoding
gzip
via
1.1 varnish
date
Mon, 24 Jul 2023 18:57:24 GMT
x-amz-request-id
0XN3PYJGZZXAJ3KZ
age
16180
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
810
x-amz-id-2
oJmKT5zTq1kz86JSQz3+LN9n5noh6wx7d76iS18oO/clyGj6kASpMqc+s4f53AbN/tjKpu4vtoo=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Mon, 24 Jul 2023 14:27:44 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1690225044.493823,VS0,VE0
etag
"e9a9ec6dd496486a16ace55d1a277ebe"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
47
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
8545
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A57%3A24.481&id=2013&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1690225044485%7D&tim=18%3A57%3A24.485&id=2298&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A57%3A24.487&id=8112&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9676a430e7de0affdf45dab48b85af80&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1690225044489%7D&tim=18%3A57%3A24.489&id=1590&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012307052224000/v0/
215 KB
57 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Jul 2023 17:16:34 GMT
age
524450
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
58154
x-xss-protection
0
server
sffe
etag
"0ba4e671a8cd7fee"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jul 2024 17:16:34 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 31 Jul 2023 18:57:24 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012307052224000/v0/
110 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 18 Jul 2023 17:16:31 GMT
age
524453
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32104
x-xss-protection
0
server
sffe
etag
"fc5a7023b69babf1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 17 Jul 2024 17:16:31 GMT
integrator.json
adservice.google.com/adsid/
86 B
479 B
Fetch
General
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83
x-xss-protection
0
nameframe.html
d-1870546441130110630.ampproject.net/2307052224000/
0
0
Other
General
Full URL
https://d-1870546441130110630.ampproject.net/2307052224000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

ad685827c248a07b09b44a593a79bbf7.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
6 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
63088eae25dd385b24269ce5de88876f70ecb0349f5dc43d87c7ac280ccc35fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ad685827c248a07b09b44a593a79bbf7.jpeg
age
651748
edge-cache-tag
318158332166076500936716601880124694530,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
318158332166076500936716601880124694530,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
291
req-referer
https://nashikcorporation.in/
content-length
5264
x-request-id
3c8ebbaa73580433baebad8912885bc8
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kcgs7200054-IAD, cache-chi-kigq8000065-CHI, cache-iad-kcgs7200115-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 13 Jul 2023 15:25:56 GMT
server
nginx
x-timer
S1690225045.654448,VS0,VE1
etag
"dac1388597620217b312c914c4551452"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 1, 1
99d66149e4e5aa6ad9230eb0db96ccc1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
7 KB
8 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2ebf6fcbbc205dbfbf719a54a1c4e1937c2b4e2aef162a6d2574b86a103a4390

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
age
2293811
edge-cache-tag
485896271196729578255369217605344148865,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
485896271196729578255369217605344148865,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
512
req-referer
https://news.livedoor.com/
content-length
7368
x-request-id
72fdf016a88822402799db7e1982b947
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000095-IAD, cache-iad-kiad7000154-IAD, cache-lax10642-LGB, cache-iad-kiad7000106-IAD, cache-fra-eddf8230072-FRA
last-modified
Tue, 27 Jun 2023 13:24:19 GMT
server
nginx
x-timer
S1690225045.654441,VS0,VE1
etag
"7482a5b6e587d80e22c766a1947b4efb"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 4, 1
9e4652ada52ae69f307be3fe18bb316b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
11 KB
12 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4652ada52ae69f307be3fe18bb316b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be5dea0996e10b5616e5812359c7e27a5b86bb97843de262c2e9bfab7e2bb5dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
14
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9e4652ada52ae69f307be3fe18bb316b.png
age
1860446
edge-cache-tag
588156813408017569507565850085625549913,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
588156813408017569507565850085625549913,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
127
expiration
expiry-date="Thu, 27 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://rezepte24.eu/
content-length
11116
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200087-IAD, cache-iad-kjyo7100104-IAD, cache-lga21973-LGA, cache-iad-kiad7000139-IAD, cache-fra-eddf8230072-FRA
last-modified
Mon, 26 Jun 2023 15:33:25 GMT
server
nginx
x-timer
S1690225045.658095,VS0,VE14
etag
"4cb1e197e93b45763d325829fa2fa43d"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 4, 1
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.646&type=usage&msg=image_utils-event-1690225044646&llvl=2&id=4948&cv=20230723-13-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~3830649722251261353~~bT8eJM3UlMnjb%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
13918
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.682&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-c-delta&llvl=2&id=5801&cv=20230723-13-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
18804
abtests
am-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:AM:V&lti=deflated&ri=9b4bcd71192d686bfa01852f9f578562&sd=v2_358d64407cc5eab774b74636ceb752ec_89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14_1690225044_1690225044_CNawjgYQ2YJdGMPUjcqYMSABKAEwODib4wlAgooQSIao5ANQ____________AVgAYABo1ZnSiuO0-bnkAXAA&ui=89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14&pi=/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&wi=3904600280533716546&pt=text&vi=1690225044035&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1690225044728%7D&tim=18%3A57%3A24.728&id=2482&llvl=2&cv=20230723-13-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
99d66149e4e5aa6ad9230eb0db96ccc1.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
84 KB
85 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
aa9434c9216e4a8ec705bedb08ad4d91e193ef60b18a6dc379c72f785855ce15

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
5
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/99d66149e4e5aa6ad9230eb0db96ccc1.png
age
2295738
edge-cache-tag
485896271196729578255369217605344148865,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
485896271196729578255369217605344148865,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
205
req-referer
https://weather.com/
content-length
86308
x-request-id
78a900e3bbc7b9d946e1705630792ebe
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by
cache-iad-kjyo7100106-IAD, cache-iad-kiad7000173-IAD, cache-sna10745-LGB, cache-iad-kiad7000114-IAD, cache-fra-eddf8230072-FRA
last-modified
Tue, 27 Jun 2023 13:24:19 GMT
server
nginx
x-timer
S1690225045.742003,VS0,VE5
etag
"df3d30565557ad006348712744e77ea0"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 2, 26, 1
6bdd466c-6ec1-415a-b541-2c6520636209__1R8sCQRJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/
13 KB
14 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6bdd466c-6ec1-415a-b541-2c6520636209__1R8sCQRJ.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
46345338a9b1b80c0bfc7aac1ea9797456308b61f7bf9aabe21eb7a04f25c1e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6bdd466c-6ec1-415a-b541-2c6520636209__1R8sCQRJ.jpg
age
781385
edge-cache-tag
533290435299566069032317088040437947192,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
533290435299566069032317088040437947192,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time
512
req-referer
https://www.freenet.de/
content-length
13400
x-request-id
2de6d0e9a547a3e22f4c18047a938fc4
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000075-IAD, cache-iad-kcgs7200104-IAD, cache-chi-kigq8000110-CHI, cache-iad-kjyo7100169-IAD, cache-fra-eddf8230072-FRA
last-modified
Sat, 15 Jul 2023 17:37:05 GMT
server
nginx
x-timer
S1690225045.741727,VS0,VE1
etag
"c200d989a3f31cec61540ea3c9fe10f7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 0, 1
5bef43376ecb40b6fecd5468c3207b1b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bef43376ecb40b6fecd5468c3207b1b.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e17ab51645544092b22460f4997a68a4d386c1b4aec3920874df701aeb0bb65d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5bef43376ecb40b6fecd5468c3207b1b.jpg
age
960787
edge-cache-tag
356792269968387247861719395523760692755,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
356792269968387247861719395523760692755,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
68
req-referer
https://www.express.co.uk/
content-length
25814
x-request-id
c7e7b264c687ce961d8c25e587d12abe
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100127-IAD, cache-iad-kcgs7200029-IAD, cache-sna10742-LGB, cache-iad-kiad7000095-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 13 Jul 2023 15:51:08 GMT
server
nginx
x-timer
S1690225045.741714,VS0,VE2
etag
"72b04ad375aef372fa5d85dab6ce3cd9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 48, 1
61208f00497f081f1146808d83777868.png
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1920%2Cx_0%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
231 KB
232 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1920%2Cx_0%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61208f00497f081f1146808d83777868.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
de6a8212fc82a56c8566f2347d5a14060df3ba2257d602edbff9eff1b41c6877

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1920%2Cx_0%2Cy_80/http%3A//cdn.taboola.com/libtrc/static/thumbnails/61208f00497f081f1146808d83777868.png
age
2295649
edge-cache-tag
452995907047975560667908281926024595829,318255766432028676977829764312177431599,29ecf9b93bbf306179626feeda1fab70
cache-tag
452995907047975560667908281926024595829,318255766432028676977829764312177431599,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
1195
req-referer
https://die-auto-seite.de/
content-length
236680
x-request-id
cfd3e2735c7be3adc92c36dfc7f3bb40
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by
cache-iad-kcgs7200026-IAD, cache-iad-kiad7000048-IAD, cache-chi-klot8100053-CHI, cache-iad-kiad7000062-IAD, cache-fra-eddf8230072-FRA
last-modified
Tue, 27 Jun 2023 13:37:53 GMT
server
nginx
x-timer
S1690225045.741722,VS0,VE2
etag
"e5176c3577db84703bb398fcf8ef6324"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 402, 1
36522425bdd2d2fd88f0ae9ec87cd4ab.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
37 KB
37 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36522425bdd2d2fd88f0ae9ec87cd4ab.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
48ba9b389f288b74287bbb83908f5ea61435f6c8f92fc91e099efcd780d5f85f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_512%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/36522425bdd2d2fd88f0ae9ec87cd4ab.png
age
2794057
edge-cache-tag
568109399524061360821615698999865650648,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
568109399524061360821615698999865650648,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
236
req-referer
https://www.hoerzu.de/
content-length
37442
x-request-id
06abe761819ea12cdca648f5943960bf
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kjyo7100078-IAD, cache-iad-kjyo7100177-IAD, cache-chi-klot8100034-CHI, cache-iad-kjyo7100088-IAD, cache-fra-eddf8230072-FRA
last-modified
Thu, 22 Jun 2023 10:49:47 GMT
server
nginx
x-timer
S1690225045.742054,VS0,VE2
etag
"19adce8c8e22eb28ea941fc87a6fbcc8"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 1, 42, 1
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.756&type=usage&msg=image_utils-event-1690225044756&llvl=2&id=3580&cv=20230723-13-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_did_not_matched%22%2C%22itemId%22%3A%22~~V1~~3830649722251261353~~bT8eJM3UlMnjb%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20012
debug
am-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://am-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=18%3A57%3A24.756&type=usage&msg=image_utils-event-1690225044756&llvl=2&id=9206&cv=20230723-13-RELEASE&lt=deflated&file=trcrbox-ui-image-utils&method=&position=&extraData=%7B%22eventName%22%3A%22event-cropping_matched%22%2C%22itemId%22%3A%22~~V1~~4710571744434673089~~nfMM_QMqN4jhR%22%2C%22isCropping%22%3Atrue%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
20012
st
imprammp.taboola.com/ Frame A470
422 B
389 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1690225044776&uv=3307&tms=1690225044776&abt=nonrv_vA!orstbycnd3_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a22d327-ff61-4471-ae7e-5b4255463a9a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
325e59cf15f115ec9e8f6ced6d0ac0ec5b0207e55cbb689108fcd2ee7a7405d8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Mon, 24 Jul 2023 18:57:24 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230072-FRA
x-timer
S1690225045.782648,VS0,VE10
sync
am-match.taboola.com/ Frame 1B95
439 B
533 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
1026a4e8d276f9f976b08a88287ac04619e45a3a4ef34b42291ea2df3ea62f78

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 24 Jul 2023 18:57:24 GMT
machineid
3408
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
862 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690225044783&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1535&pt=-135341067&tz=0&viewable=true&ddast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!orstbycnd3_vB!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2bfbdd3546188e48e60404db086d35c38d20e85149bf3e628b628195d3726d2e

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1459
x-cache
MISS
x-served-by
cache-fra-eddf8230072-FRA
pragma
no-cache
server
nginx
x-timer
S1690225045.795717,VS0,VE42
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=31589837&cb=1690225044776&uv=3307&tms=1690225044776&abt=nonrv_vA!orstbycnd3_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1690225042013.2!ts:1690225044776&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-length
0
server
nginx
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
635 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:17:16 GMT
via
1.1 44b457512f742b4e48fc7f0c87d8ed92.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2409
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
-TejkZh3PySILQglVE0Fv_U6dQgsFAAHyTwWG-DmC_uIaH-jobWI0g==
googleanalytics.json
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/
2 KB
812 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Jul 2023 06:45:16 GMT
age
216728
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
782
x-xss-protection
0
server
sffe
etag
"464f04a848bfb8ed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 21 Jul 2024 06:45:16 GMT
ga4.json
amp.analytics-debugger.com/
7 KB
3 KB
Fetch
General
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:6719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
83178
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 23 Jul 2023 19:51:06 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HU3pV5kJkxDfgUDKE%2FBFGq4Pfyc0CCzXZy%2F8RX%2FBLKxd%2BkYTLHESdkKLXmqNCW1zbZ%2BJfNVxgJsqSJIJckeC2MqCGBQxZvFSJsD0t6WCJWyALoB4tr%2Bs4D2l7%2BWITdfTZNYR3osY1H2zM%2BliQYtlb6nwUKIJNp7XNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
7ebe63824c5f9bfe-FRA
gtag.json
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/
3 KB
956 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 19 Jul 2023 02:34:57 GMT
age
490947
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"d6efea8de711c3e2"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 18 Jul 2024 02:34:57 GMT
generic
match.adsrvr.org/track/cmf/ Frame A470
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1690225044776&uv=3307&tms=1690225044776&abt=nonrv_vA!orstbycnd3_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a22d327-ff61-4471-ae7e-5b4255463a9a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14
pr-bh.ybp.yahoo.com/sync/taboola/ Frame A470
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1690225044776&uv=3307&tms=1690225044776&abt=nonrv_vA!orstbycnd3_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a22d327-ff61-4471-ae7e-5b4255463a9a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame A470
43 B
146 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=undefined&cb=1690225044776&uv=3307&tms=1690225044776&abt=nonrv_vA!orstbycnd3_vB!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9a22d327-ff61-4471-ae7e-5b4255463a9a&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-162-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
generic
match.adsrvr.org/track/cmf/ Frame 1B95
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1B95
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58785/ Frame 1B95
0
125 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
619 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4127
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pUVLrvKKRutEyNWVmR5xuCbbETGDGz4GMYCXRgcRpzBk3Xn6SSQoSkPPKFBL1THqcO9gSM9lXNmckYzx%2BD5yY5OfK4SBFGq25QQOPob0m%2FHv2XMbf4NoZY4FzeEZu9Q%2FMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7ebe63824bf137ec-FRA
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e31fe2f62ab830a7e251ba509c4acef6ee633189dbfd11b1dc50330127c68f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e31fe2f62ab830a7e251ba509c4acef6ee633189dbfd11b1dc50330127c68f3f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_0_7/infra/
889 KB
148 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_0_7/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b1000f75e1ca3cc63fd1fa8de524b4cf9bfa4c564e10a70824556aae2d075d45

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-meta-mtime
1690091768
date
Mon, 24 Jul 2023 18:57:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
7AFYJ5T8R34WX0F2
age
133131
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1690091768
x-amz-meta-mode
33188
content-length
150963
x-amz-id-2
KXXatLiQKoF3yeEJI/Vw8XGneu9rwo6mbgdbw/QfyPIPZhndMTJm1J+pvkeKXKcUjuzBZrUjVxg=
x-served-by
cache-fra-eddf8230117-FRA
last-modified
Sun, 23 Jul 2023 05:56:09 GMT
server
AmazonS3-br
x-timer
S1690225045.169350,VS0,VE0
etag
"b46661f285b4410e49411d88b2c7d7da"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
67776
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_0_7/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_0_7/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-meta-mtime
1690091785
date
Mon, 24 Jul 2023 18:57:24 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
7AFQ8VTBSFZDXA81
age
133131
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1690091786
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
zSWCTny4hE30RGUOwLn1/VT28QaDBmeQnWUxgXrmIToyQy/QtTn+lYzUUwjcWWW1z4njxP8cS8A=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Sun, 23 Jul 2023 05:56:27 GMT
server
AmazonS3-br
x-timer
S1690225045.894314,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
90618
ad_request
ads.aralego.com/
564 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5560255796770512&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:25 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ad_request
ads.aralego.com/
564 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.924017079892457&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:26 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
amp
www.googletagmanager.com/gtag/
684 B
762 B
Fetch
General
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Mon, 24 Jul 2023 18:57:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel;r=209884043;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fp...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=209884043;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-221926241-1690225044793;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1690225044905;tzo=0;ogl=;ses=6cc6c476-7e8c-4590-af8e-874024bc2952;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
www.google-analytics.com/g/
0
161 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=4944&cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1690225045&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
242 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-Hp-FZa5XuJht59_6vLHFEQ&aip=1&sid=1690225045&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/r/
35 B
135 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-Hp-FZa5XuJht59_6vLHFEQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.2685210349945424&gjid=0.5314440891894361&_r=1&a=4944&z=0.011587358208023701&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 1A66
42 KB
14 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2ac380584e9cf8bd45e0fc4fdae4020cd8a4b3de168c6ba2fcd7d918d9b14ebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14262
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:25 GMT
expires
Mon, 24 Jul 2023 18:57:25 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
content_v3.js
vidstat.taboola.com/
16 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_7/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
563650
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1690225045.407858,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
91304
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.3.5/
446 KB
84 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.3.5/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_7/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
cb6de99bf04dded7d7ee5d4440d3ee4c0e2b4e66085c3ffddcc317c11f3db48a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-meta-mtime
1690016466
date
Mon, 24 Jul 2023 18:57:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
VV9Z8R72S2M8MPT3
age
208508
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1690016481
x-amz-meta-mode
33188
content-length
85792
x-amz-id-2
dHuTDMkukCPATq2TwISFcXC+bbtH7dqHT1bUMXxB2uT9HdCEaCeHrFqVgqidEfcPwp075rCqkb4=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Sat, 22 Jul 2023 09:01:22 GMT
server
AmazonS3-br
x-timer
S1690225045.489754,VS0,VE0
etag
"f51ca12d667112502dbd7e37144bd69d"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
186402
sync
am-match.taboola.com/ Frame 5D46
422 B
516 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_0_7/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
325e59cf15f115ec9e8f6ced6d0ac0ec5b0207e55cbb689108fcd2ee7a7405d8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Mon, 24 Jul 2023 18:57:25 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&cmcv=&pix=31579697&cb=1690225045467&uv=3307&tms=1690225045467&su=3&abt=nonrv_vA!orstbycnd3_vB!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Mon, 24 Jul 2023 18:57:25 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FCO50-P1
age
578634
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1690225046.569769,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits
204771
bulk
trc.taboola.com/palmate-bg3co/log/3/
0
364 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=20
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
65
date
Mon, 24 Jul 2023 18:57:25 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7238
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230072-FRA
pragma
no-cache
server
nginx
x-timer
S1690225046.517609,VS0,VE65
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
732 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 24 Jul 2023 18:57:25 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
16229
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230072-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1690225046.569777,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
34
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
8498
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E175
714 B
784 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1524
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ebe63868ff51e49-FRA
content-encoding
br
content-type
text/html
date
Mon, 24 Jul 2023 18:57:25 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vyToe2mpWSG4ifhuUykTvaxuvMXq9m9q40%2FjuxwZN8StUALKYL4M39HHT1eIwfItWePL5l85uif52snH0EyEzrCapO3Hc1p%2BDoWHl%2BJk2%2BO0ho5JPmYnvz1zO%2BR5MUmOBrzU07KtelI7jKRGFw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame B10C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jul 2023 18:57:26 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 24 Jul 2023 18:57:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
idsync
sync.aralego.com/
35 B
384 B
Image
General
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:28 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E175
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6ee7cbecc2f7c52ae841c1fbc60adb3abeb507a32c7b227d524493ca89e7d3de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27603
x-xss-protection
0
server
cafe
etag
70 / 19562 / m202307180101 / config-hash: 14308175188880485398
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:25 GMT
rtb
rtb.ads.travelaudience.com/ Frame 0BBD
7 KB
4 KB
Document
General
Full URL
https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
f79df0ae9aa50c4c9c6890787cd830e481da4332f0c53640b3c0d7272e5aa348
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 24 Jul 2023 18:57:25 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
x-engine-version
0.0.0
x-host
deliveryengine-rtb-production-7885dcb6fd-4kpl7
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 5518
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
2093
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:22:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 5518
20 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 13:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21235
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 13:03:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5518
179 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:26 GMT
L2EvaGFpLW5hbi1zYW4teWEtaGFpLXRhbi1yZW4tdG91LXphbi1kb25nLmh0bWw=.json
cdn.adpushup.com/42753/
555 B
869 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2EvaGFpLW5hbi1zYW4teWEtaGFpLXRhbi1yZW4tdG91LXphbi1kb25nLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ec8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-akamai-country
DE
date
Mon, 24 Jul 2023 18:57:25 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=4, origin; dur=89, ak_p; desc="469506_34831752_336327928_9311_1204_18_0_219";dur=1
content-length
555
expires
Mon, 24 Jul 2023 19:57:25 GMT
im-uid-hook.js
dmp.im-apps.net/scripts/
633 B
568 B
Script
General
Full URL
https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.141 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
text/javascript
date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
cache-control
private, no-store
content-length
445
vary
Accept-Encoding
p3p
CP="NOI PSD OTR"
lift.json
l.logly.co.jp/
0
603 B
Script
General
Full URL
https://l.logly.co.jp/lift.json?adspot_id=4308934&widget_id=92995&auc_id=&callback=_lgy_lift_callback_4308934&render_id=MTY5MDIyNTA0NV8wXzYzZDM0YzRhMzg1Yw%3D%3D&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ref=
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-27.cdg50.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jul 2023 18:57:26 GMT
Via
1.1 a06b3af7aeb84a80d60dd16b849e62e0.cloudfront.net (CloudFront)
Server
nginx
X-Amz-Cf-Pop
CDG50-C2
Transfer-Encoding
chunked
X-Cache
Miss from cloudfront
P3P
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin
*
Cache-Control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection
keep-alive
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id
iZtJSt0dC0_22HAVTP_umXuGeF0dsDnW5XUjNiyIqnDKuKgQmaR4dw==
truncated
/
34 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/webp
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame E175
385 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
2118
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Jul 2024 18:22:07 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame E175
492 B
265 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3986258907284910&correlator=633892873599720&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690225045751&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=iz7x553ilvbq&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=24895077.1690225046&ga_sid=1690225046&ga_hid=443722952&ga_fc=false&dlt=1690225045547&idt=161
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8761dc78a8af6c82ee4fc1c1fba7e7312f453d5ada14a32d5e9ecaf004ad45d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame E175
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
dff36fb1433540958d8707a0235f82d1afa55e5335d099c34bebbfc5ba7485b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11715
x-xss-protection
0
container.html
10625a326852f021794df7af05d29ac7.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B529
6 KB
3 KB
Document
General
Full URL
https://10625a326852f021794df7af05d29ac7.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:26 GMT
expires
Tue, 23 Jul 2024 18:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
el.ashx
ads.travelaudience.com/ Frame 0BBD
631 B
538 B
Image
General
Full URL
https://ads.travelaudience.com/el.ashx?__trackerRequestId=0.6270337555383638&adPos=&ai1=1%3B30000490%3B0%3B1%3B%3B%3B0%3B-1%3B%3B%3B%3BVOYFYTXfFPGlQ5nkhfV5eA%3D%3D%3B60017721%3B999%252c1%3B%3B%3B2%3B4%3B50002626%3BPRxR9M8FGmj-6V7xBOIPLA%3D%3D%3BUSD%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B%3B70013567%3BQ8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg%3BEUR%3B2%3B%3B%3B%3B%3B0%3B%3B&aid=&an=&ask=&at=1&bc=1&bd=bidder-rtb-production-7df7859b5c-z2cd5&bnr=0&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&di=&did=-1&dnt=&dv=1&ed=&ev=ic&fm=300x250&gcpm=1143941&gctr=&ia=0&id5Decr=&id5Encr=&id5PID=&id5Src=&iid=&ilt=&ir=0&ld=&mai=&mat=1&mid=&na=&no=&oo=&pb=90000&pos_old=&rg=1&rts=&salt=09&sc=&site=www.bg3.co&ssp=0&sv=2&tsf=&ua=&uc=DE&ucy=&uuid=9AAD81BB-1267-450D-BBEB-60767AF0CDDF&view=&vrt=&vw=&wp=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/jpeg
x-host
tde-deliveryengine-production-58b44b5c5-vdrbq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trg.gif
ads.travelaudience.com/ Frame 0BBD
35 B
469 B
Image
General
Full URL
https://ads.travelaudience.com/trg.gif?ds=dp&acc=SC&lvl=1&pl=dubai&pt=16&rcm=444&pix=0&dp=event_type:impression
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
gzip
x-engine-version
0.0.0
via
1.1 google
server
nginx/1.21.6
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
content-type
image/gif
x-host
tde-deliveryengine-production-58b44b5c5-vdrbq
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
300x250.png
static.travelaudience.com/img/import/dubai_summer/June2023/IMG-Family%20-%20BAA%20-Germany-German/ Frame 0BBD
105 KB
105 KB
Image
General
Full URL
https://static.travelaudience.com/img/import/dubai_summer/June2023/IMG-Family%20-%20BAA%20-Germany-German/300x250.png
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.170.237 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
237.170.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
398361d173efba75d8499343b1dde2b5e98b586c7406411c10282662588ceb14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:56:16 GMT
age
69
x-guploader-uploadid
ADPycdveMJ_V8BMaB2-AqI69pLnwdnU8bwfBO1jAdNwDaskTfllLSojrfK9Wsnwy1QJzOmqar_lQ7z4mksgZDrodZ8QDaeGLQ0kN
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
107117
last-modified
Thu, 01 Jun 2023 01:41:08 GMT
server
UploadServer
etag
"d29dd99bd5eb931515bb6706fa031c75"
vary
Origin
x-goog-generation
1685583668121671
x-goog-hash
crc32c=a8b6wg==, md5=0p3Zm9XrkxUVu2cG+gMcdQ==
content-type
image/png
cache-control
public, max-age=3600
x-goog-stored-content-length
107117
accept-ranges
bytes
expires
Mon, 24 Jul 2023 19:56:16 GMT
moatad.js
z.moatads.com/travel198849194933/ Frame 0BBD
328 KB
111 KB
Script
General
Full URL
https://z.moatads.com/travel198849194933/moatad.js
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
0f1ecd101ab777d1ca7531c4a76cdcb6b5def1fe540c53ff2fc422ad57b45290

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 16:41:25 GMT
server
AmazonS3
x-amz-request-id
K30DYANVS9QMS1NN
etag
"bbe991d1987d0640f9e7fd72774f5859"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=53961
accept-ranges
bytes
content-length
113490
x-amz-id-2
9hDI4cea6s+TK0HrZh98MT7lt9Aj1Lt3F6BvS8Y+H2RrZjKGx+8OHJbGZVOYzllg6a/28vH3W6A=
creative.js
ads.travelaudience.com/js/ Frame 0BBD
56 KB
20 KB
Script
General
Full URL
https://ads.travelaudience.com/js/creative.js?version=0.0.0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.0.66 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
66.0.190.35.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
f4bda5ecc987de2c971fcb1f7e2421dcaf0176421a50962150bb2b5de69e3232

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
public
date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
gzip
via
1.1 google
last-modified
Mon, 24 Jul 2023 09:57:16 GMT
server
nginx/1.21.6
etag
W/"64be4afc-e196"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=86400, public
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 25 Jul 2023 18:57:25 GMT
js
www.googletagmanager.com/gtag/
240 KB
83 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1f99dda274265a192fbab0d56f5e85d4f132b6386a0a50d491a79c57bf9a3aba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
84412
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 24 Jul 2023 18:57:25 GMT
logs
http-intake.logs.datadoghq.com/api/v2/
2 B
252 B
Fetch
General
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b901:a60:36e3:e4d:4584 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
generic
match.adsrvr.org/track/cmf/ Frame 5D46
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 5D46
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
x.bidswitch.net/ Frame 5D46
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-162-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3081
714 B
751 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:567 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
age
1524
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7ebe6388bb5d1e49-FRA
content-encoding
br
content-type
text/html
date
Mon, 24 Jul 2023 18:57:25 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aV%2BEHu7ZeifbJcDqKhZ%2BxrechHWG9xqpr1Qs8%2B2SudRKZlYPLwCTGlVtasAuZE4pj1ldDG6mbGYXWLZNqppnww63Snjsqsa6JCVDZZMXUiG7%2F1I%2BdF6TCQvRzG5XTHVAXIObqM1JEQdI2xCKyw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 33CB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jul 2023 18:57:26 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 24 Jul 2023 18:57:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E175
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 18:57:25 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 0137
92 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b61d3b1b1510c8aeb458de7087bce1f86aad0323f54a0f146847f0f3b217dc84
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32822
x-xss-protection
0
server
cafe
etag
2503050170604220452
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3081
80 KB
27 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2d7e861c1407e3c5a8ab9c3ae716b1eb2d6ceb7609bbcec0c257cb223aa29c42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27604
x-xss-protection
0
server
cafe
etag
556 / 19562 / m202307180101 / config-hash: 14308175188880485398
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:25 GMT
truncated
/ Frame 5518
210 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e735964891880304732540ea946e4d622c817e86aef9ab10c7a04d5c77f409e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
n.js
geo.moatads.com/ Frame 0BBD
98 B
271 B
Script
General
Full URL
https://geo.moatads.com/n.js?e=35&ol=1458947768&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8j3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-8BdYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-E31B1BNzs6uFgA%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.bg3.co&t=1690225045996&de=597174175987&m=0&ar=c013c52fed3-clean&iw=e184fba&q=2&cb=0&ym=0&cu=1690225045996&ll=3&lm=3&ln=1&r=0&em=0&en=0&d=30000490%3A50002626%3A60017721%3A70013567&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=bg3.co&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=300x250&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=300x250&zMoatDomain=bg3.co&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=204627&na=231282739&cs=0&ord=1690225045996&jv=1254650747&callback=DOMlessLLDcallback_48195517
Requested by
Host: z.moatads.com
URL: https://z.moatads.com/travel198849194933/moatad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.9.88.183 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-9-88-183.eu-west-2.compute.amazonaws.com
Software
Microsoft-IIS/6.0 /
Resource Hash
3f95ba6f7ba10cac5d85ca14b9958539a100f3cec08258fd3c72d03f88256df9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
cache-control
max-age=900
server
Microsoft-IIS/6.0
timing-allow-origin
*
etag
"fae4f0e1066202be34079c8fc820a24db155b63f"
content-length
98
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=17&i=TRAVELAUDIENCE_DISPLAY1&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=1&nh=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.bg3.co&t=1690225045996&de=597174175987&m=0&ar=c013c52fed3-clean&iw=e184fba&q=3&cb=0&ym=0&cu=1690225045996&ll=3&lm=3&ln=1&r=0&em=0&en=0&d=30000490%3A50002626%3A60017721%3A70013567&zMoatSSP=0&zMoatDeal=-1&zMoatSubdomain=bg3.co&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&bo=googleads.g.doubleclick.net&bd=300x250&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=300x250&zMoatDomain=bg3.co&gw=travel198849194933&fd=1&it=500&ti=0&ih=2&pe=0%3A-%3A-%3A0%3A0&jk=-1&jm=-1&fs=204627&na=672356562&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:26 GMT
collect
region1.google-analytics.com/g/
0
251 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37j0&_p=4944&cid=328934196.1690225046&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690225046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 33CB
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
38a645e52df4f9dad43ca36901e1d126eeb38aeb87b3df5fda32ed3df90c8ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jul 2023 09:08:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51065
Connection
keep-alive
Content-Length
10114
Expires
Tue, 25 Jul 2023 09:08:31 GMT
usync.js
eus.rubiconproject.com/ Frame B10C
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
38a645e52df4f9dad43ca36901e1d126eeb38aeb87b3df5fda32ed3df90c8ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jul 2023 09:08:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51065
Connection
keep-alive
Content-Length
10114
Expires
Tue, 25 Jul 2023 09:08:31 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame ECA4
92 KB
32 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e917a2850005bebc49582dfa4c6ce177a94a1c4c202340ac4a526ec9cd5b876
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32818
x-xss-protection
0
server
cafe
etag
12996283562965802221
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:26 GMT
js-err
rtb.ads.travelaudience.com/ Frame 0BBD
35 B
354 B
Image
General
Full URL
https://rtb.ads.travelaudience.com/js-err?description=Script%20error.&amp;url=&amp;line=0&amp;col=0&amp;parent_url=https%3A%2F%2Frtb.ads.travelaudience.com%2Frtb%3Fads%3D30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%253D%253D.60017721.OTk5JTJjMQ%3D%3D...PRxR9M8FGmj-6V7xBOIPLA%253D%253D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ%3D%3D.2.0%26p%3D90000%26x%3D300%26y%3D250%26click%3Dhttps%3A%2F%2Fadclick.g.doubleclick.net%2Faclk%253Fsa%253DL%2526ai%253DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%2526client%253Dca-pub-3216231935713038%2526adurl%253D%26googlewinningprice%3DZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA%26wpc%3DEUR%26site%3Dwww.bg3.co%26slotvisibility%3D2%26gcpm%3D1143941%26gpos%3D1%26bidder%3Dbidder-rtb-production-7df7859b5c-z2cd5%26dv%3D1%26uuid%3D%26suid%3D%26brq%3DQ8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg%26ssp_id%3D0%26l%3Dzh_tw%26ts%3D1690225045%26uc%3DDE%26at%3D1%26ia%3D0%26mai%3D%26mat%3D1%26ir%3D0%26an%3D%26rg%3D1%26hm%3D9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc%3D
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.187.184.108 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
108.184.187.35.bc.googleusercontent.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Origin
https://rtb.ads.travelaudience.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
strict-transport-security
max-age=15724800; includeSubDomains
vary
Accept-Encoding
access-control-allow-methods
GET
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
access-control-allow-origin
https://rtb.ads.travelaudience.com
content-type
image/gif
sync.html
sync.logly.co.jp/sync/ Frame 5B57
495 B
665 B
Document
General
Full URL
https://sync.logly.co.jp/sync/sync.html
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.104.171 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=2592000
content-length
495
content-type
text/html
date
Mon, 24 Jul 2023 18:57:26 GMT
etag
"64be9a97-1ef"
last-modified
Mon, 24 Jul 2023 15:36:55 GMT
server
nginx
usync.html
eus.rubiconproject.com/ Frame 758E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
  • https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by
Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4308934
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 24 Jul 2023 18:57:26 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 24 Jul 2023 18:57:26 GMT
location
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server
AkamaiGHost
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1073
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:43:16 GMT
expires
Tue, 23 Jul 2024 18:43:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4AA5
783 B
740 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
50caa335b1d001d27eb325707cae3e24bb113170e9a2079bb61b74c9546b3a20
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lPZof5eB1KNr7IItFsuJvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lPZof5eB1KNr7IItFsuJvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:26 GMT
expires
Mon, 24 Jul 2023 18:57:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/ Frame 0137
360 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6b228a67dbaa860fafc158d874c0583ea237a8994cc55b353c0224f18155279e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126185
x-xss-protection
0
server
cafe
etag
17335908488622499219
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:26 GMT
pixel.gif
px.moatads.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=https%3A%2F%2Fstatic.travelaudience.com%2Fimg%2Fimport%2Fdubai_summer%2FJune2023%2FIMG-Family%20-%20BAA%20-Germany-German%2F300x250.png&i=TRAVELAUDIENCE_DISPLAY1&ol=1458947768&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8j3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-8BdYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-E31B1BNzs6uFgA%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&bq=0&g=0&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.bg3.co&t=1690225045996&de=597174175987&cu=1690225045996&m=231&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=-&vx=-%3A-%3A-&pe=0%3A-%3A-%3A0%3A0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=84&cd=0&ah=84&am=0&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002626%3A60017721%3A70013567&bo=googleads.g.doubleclick.net&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=300x250&zMoatDomain=bg3.co&zMoatSubdomain=bg3.co&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=-1&jm=-1&tc=0&fs=204627&na=1340562725&cs=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:26 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ Frame 3081
385 KB
122 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:22:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
2119
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125179
x-xss-protection
0
server
cafe
etag
2430563369519042680
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 23 Jul 2024 18:22:07 GMT
khaos.jpg
token.rubiconproject.com/ Frame 33CB
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
im-uid.js
dmp.im-apps.net/sdk/
6 KB
3 KB
Script
General
Full URL
https://dmp.im-apps.net/sdk/im-uid.js
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
92.123.12.141 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a92-123-12-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding
gzip
date
Mon, 24 Jul 2023 18:57:26 GMT
last-modified
Fri, 21 Apr 2023 06:05:08 GMT
etag
"14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI PSD OTR"
cache-control
max-age=10800
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
2434
khaos.jpg
token.rubiconproject.com/ Frame B10C
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
e06182bf224d96e6550f4595601cdb0b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/ Frame ECA4
360 KB
123 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6c60fe0df8b6cdff2fc3a11a4c823044c1ac965cb56256c487becec35a9e2498
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
126185
x-xss-protection
0
server
cafe
etag
6740812253991800283
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:26 GMT
usync.js
eus.rubiconproject.com/ Frame 758E
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.218.210.30 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-210-30.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
38a645e52df4f9dad43ca36901e1d126eeb38aeb87b3df5fda32ed3df90c8ba8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 24 Jul 2023 09:08:19 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=51065
Connection
keep-alive
Content-Length
10114
Expires
Tue, 25 Jul 2023 09:08:31 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=84&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=30000490&L2id=50002626&L3id=60017721&L4id=70013567&S1id=googleads.g.doubleclick.net&S2id=300x250&ord=1690225045996&r=597174175987&t=meas&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=bg3.co&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&bedc=1&nosend&q=1&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.197.124 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-197-124.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:26 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=258&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=30000490&L2id=50002626&L3id=60017721&L4id=70013567&S1id=googleads.g.doubleclick.net&S2id=300x250&ord=1690225045996&r=597174175987&t=hdn&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=bg3.co&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&bedc=1&nosend&q=2&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.197.124 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-197-124.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:26 GMT
get
audiencedata.im-apps.net/imuid/
10 B
180 B
XHR
General
Full URL
https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H64M6X171KXE1BFNKM1F9ZWF
Requested by
Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Mon, 24 Jul 2023 18:57:26 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10
content-type
application/json
0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
pagead2.googlesyndication.com/bg/ Frame 1073
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
90512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 17:48:54 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 33CB
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 758E
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=479&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=30000490&L2id=50002626&L3id=60017721&L4id=70013567&S1id=googleads.g.doubleclick.net&S2id=300x250&ord=1690225045996&r=597174175987&t=nht&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=bg3.co&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&bedc=1&nosend&q=3&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by
Host: rtb.ads.travelaudience.com
URL: https://rtb.ads.travelaudience.com/rtb?ads=30000490.0.0.70013567.0.0..0.DE.-1..VOYFYTXfFPGlQ5nkhfV5eA%3D%3D.60017721.OTk5JTJjMQ==...PRxR9M8FGmj-6V7xBOIPLA%3D%3D.a3M9OmRwPTpycz06ZHB0PTpkcGQ9OnJ0ZD06b2lhPQ==.2.0&p=90000&x=300&y=250&click=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCSxvUlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE7QFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av21olKIdBaCx4k42dYjISzukuntO92Ewv4UsaxbKdog115bWSDRLB5xgiABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_15tC-TtQwkW_imO88SGs7HTBz_jw%26client%3Dca-pub-3216231935713038%26adurl%3D&googlewinningprice=ZL7JlQACym8GrQfoAAGKixmu860eszwET7ECCA&wpc=EUR&site=www.bg3.co&slotvisibility=2&gcpm=1143941&gpos=1&bidder=bidder-rtb-production-7df7859b5c-z2cd5&dv=1&uuid=&suid=&brq=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&ssp_id=0&l=zh_tw&ts=1690225045&uc=DE&at=1&ia=0&mai=&mat=1&ir=0&an=&rg=1&hm=9NW5P4GWEp9gaElEMiOysvlKovW3QRPtMrXcz9LnZPc=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.197.124 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-197-124.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:26 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 3081
492 B
263 B
XHR
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=79218063257424&correlator=2904069955995670&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1690225046653&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=5nl5qwokbu3u&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1345567688.1690225047&ga_sid=1690225047&ga_hid=1384983388&ga_fc=false&dlt=1690225045926&idt=687
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c617833c2dcf6c7a5a01f378b855b71e4fc64ca91c60a057db2bff578b897816
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3081
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b135322cfb704a2cdf021495088a7af31b55f67968808d09827ef23617e96884
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11735
x-xss-protection
0
container.html
76ebc37c65beaae2fe65fa00797a71e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 963A
6 KB
3 KB
Document
General
Full URL
https://76ebc37c65beaae2fe65fa00797a71e5.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:26 GMT
expires
Tue, 23 Jul 2024 18:57:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ecm3
s.amazon-adsystem.com/ Frame 33CB
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=mUmIhQqcTWOs4Y7JSbQYtQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mUmIhQqcTWOs4Y7JSbQYtQ
43 B
479 B
Image
General
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mUmIhQqcTWOs4Y7JSbQYtQ
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jul 2023 18:57:27 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
EPN2X5YEE7HKZV947NSY
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=mUmIhQqcTWOs4Y7JSbQYtQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 33CB
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
tap.php
pixel.rubiconproject.com/ Frame 33CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMyiHIGPE3H6idBBofgtnz0&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMyiHIGPE3H6idBBofgtnz0&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEMyiHIGPE3H6idBBofgtnz0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
token
token.rubiconproject.com/ Frame 33CB
0
214 B
Image
General
Full URL
https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Expires
0
Pragma
no-cache
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 33CB
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560687&ev=1&rurl=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D390200%26nid%3D5120%26put%3D%25%25VGUID%25%25
  • https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=b9BssLXbgnf5&ev=1&pid=560687
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=b9BssLXbgnf5&ev=1&pid=560687
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://pixel.rubiconproject.com/tap.php?v=390200&nid=5120&put=b9BssLXbgnf5&ev=1&pid=560687
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-7b4d96fcf5-fj8sz
expires
-1
tap.php
pixel.rubiconproject.com/ Frame 33CB
Redirect Chain
  • https://www.storygize.net/ccm/729e4e94-63c3-438d-8ce4-184eb34e703f
  • https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=1172318&nid=5570&put=37cf273d-6031-4a9e-b4c2-17b86d952301
Pragma
no-cache
P3P
CP ALL ADM DEV PSAi COM OUR OTRo STP IND ONL
cache-control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
expires
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 33CB
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=17404
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 33CB
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4EACE29F9CAA43EC8E2B45CBC4CFCE02&expires=365
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4EACE29F9CAA43EC8E2B45CBC4CFCE02&expires=365
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 24 Jul 2023 18:57:26 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=4EACE29F9CAA43EC8E2B45CBC4CFCE02&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sun, 23 Jul 2023 18:57:26 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 0137
379 B
598 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86f0d371546469a16764f6884ebeab4ca4dadbd641b47855eaa9757ac7abbbbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 52C2
48 KB
17 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
29d2ef5c412a56e24eb5ad65c0c9e7cffe2521db43de6d33fa64e48d59beeae3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
17004
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0137
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1f9651f357de066bba58f4b058cf839fbd0ef41684e3d55b98d786e81a43451f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11733
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3081
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 18:57:26 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 5518
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CR_QGlcm-ZO-UC-iPtOUPi5WGsAKEvaKTcaaYzonCCsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi0zMjE2MjMxOTM1NzEzMDM4yAEJqQICP-6BZZqyPqgDAcgDAqoE6gFP0HJImHEXTKVO0U7lM0aSC1W2UTbOThrF0aGBZbuICWCJ54G09zZDjv5D8tbpB03b1a9jFR5wZ8CBBCEAjluYjzLZudDyVOf8d_Fj6RtApPt2oxvvUpd79sjo92HnAHgvMwTHQYrUWnrEQsPKvwmQEw_2rucGVL8GuulhP-OsXN3QD1h5LiOJmdpo64dy5cOu_jsLG2bcWBumb4cUsoAU436yB9u8lmOVzV5QE5mp48xOjKJ7G6uVgu4-kG8EflNX5av2lItrs0L05Be7DEyGYLJbfmKBvkJ8PRNKmjKHhGnsr3Fh_e90TS-ABrufhr3DuM20FaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjE2MjMxOTM1NzEzMDM4GAA&sigh=VsjT9RAX6CA&uach_m=[UACH]&cid=CAQSGwBpAlJW2d6qRrlp24Jv7qaohSRa6OaxkZQeBhgB&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=400x250&w=400&h=250&ptt=12&adk=90073500&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-4233147989137334537&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=16789255&nhd=0&adx=1000&ady=3152&oid=2&is_amp=5&amp_v=2307052224000&d_imp=1&c=5596004944&ga_cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ga_hid=4944&dt=1690225045036&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=3&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&bdt=1306&dtd=3&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 24 Jul 2023 18:57:26 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0137
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co&bust=31076298
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 18:57:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB28
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:43:16 GMT
expires
Tue, 23 Jul 2024 18:43:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6B40
783 B
742 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a617bb48ec9aab70464442043162e72773356dbf0940b54befcc8fae26604858
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-wzMiRFe1vQjR8tpAxsRkhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-wzMiRFe1vQjR8tpAxsRkhQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:26 GMT
expires
Mon, 24 Jul 2023 18:57:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 1073
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?6xD3Fg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
pagead2.googlesyndication.com/bg/ Frame DB28
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
90512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 17:48:54 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CF0
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
850
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:43:16 GMT
expires
Tue, 23 Jul 2024 18:43:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5137
783 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1bf92c4de563005f28b6e5e9bf0eacdaac33d1a62edc43db73e6758323a73d1a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OHr9NXEfpbz--rEJDhhtzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
511
content-security-policy
script-src 'report-sample' 'nonce-OHr9NXEfpbz--rEJDhhtzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:26 GMT
expires
Mon, 24 Jul 2023 18:57:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cookie.js
partner.googleadservices.com/gampad/ Frame ECA4
379 B
311 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c7fadad9b16879e4e0604f80bd8ef6b06c4a660ec6434ff16d4d0c9e97c2724d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
246
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D870
46 KB
16 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9187ab9115e1b57c02f8c11443d3cf3a6464f78cb410d440137b5cffe1aa5f6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
16707
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:27 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame ECA4
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230719&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b3a1fca51143901c1bd7b954117bc81b0114692af7fdc4c3fd6a4b3ba58ebe4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11787
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5137
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=866985116752645&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 4AA5
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=3986258907284910&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame 6B40
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=79218063257424&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
pagead2.googlesyndication.com/bg/ Frame 6CF0
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
90513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 17:48:54 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame ECA4
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202307190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4485239425924787&plah=www.bg3.co
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 24 Jul 2023 18:57:27 GMT
generate_204
tpc.googlesyndication.com/ Frame DB28
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?OVuRLQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync.js
sync.logly.co.jp/sync/ Frame 5B57
0
268 B
Script
General
Full URL
https://sync.logly.co.jp/sync/sync.js
Requested by
Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.104.171 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-249-104-171.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.logly.co.jp/sync/sync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
cache-control
private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server
nginx
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
p3p
CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 705D
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
851
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:43:16 GMT
expires
Tue, 23 Jul 2024 18:43:16 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0CB4
783 B
760 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
2c9b8113d6325f4b08af88eb603bb81c66455703d33ae56b44e44364b174eecf
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-qMXdPYdnnEV2_0pCN13N0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-qMXdPYdnnEV2_0pCN13N0g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:27 GMT
expires
Mon, 24 Jul 2023 18:57:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
pagead2.googlesyndication.com/bg/ Frame 705D
38 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/0j4FY6vZ_PUEn4D43bduuyAvhiDMGOGbS5pcl_NvY7Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Sun, 23 Jul 2023 17:48:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
90513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14729
x-xss-protection
0
last-modified
Tue, 18 Jul 2023 09:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 22 Jul 2024 17:48:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0CB4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230719&jk=1812971201998366&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 6CF0
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?LL1FVg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
creative_add_on.js
cti.w55c.net/ct/ Frame 51F3
5 KB
2 KB
Script
General
Full URL
https://cti.w55c.net/ct/creative_add_on.js?w=300&h=250&zindex=0&ci=Xmwo1n97Q8&ei=GOOGLE&ob=0&ai=0DaDXCcU00&epid=R0w3MTcw&fiu=WG1FS1o4a2t0eA&s=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ciu=XRzTeTi6gk&btid=NTVFOURCOTg2MkQzREI4NDcwMzBCMUI5MjU2N0U2MkR8R0ZMRWdZalNVcHwxNjkwMjI1MDQ3MDMzfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xNzY3MDg4MzI5X0VYfDEzODUxNnx8fHwuMFB8VVNE&c=DE&dt=2dt0005&sd=bg3.co&cip=1&hmt=1&uidu=CAESEGnigiYczVCF5bbqQUK1GCI&spidu=GOOGLE&pidu=7170&hmpvu=f789ffc1-4772-4e0c-b27c-f334cfa24de8&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2248:2a00:3:4706:a6c0:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Tue, 18 Jul 2023 01:25:03 GMT
x-amz-version-id
0IYa12QvFdrNK.CC2JhaeEJAYjkhUjCe
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 d2a765f1074cbe4a82f40c5927183e80.cloudfront.net (CloudFront)
x-amz-cf-pop
MXP63-P3
age
581545
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 17 Sep 2021 21:17:39 GMT
server
AmazonS3
etag
W/"a6c8a5bdec77729759b220b95bf503f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
must-revalidate
x-amz-cf-id
dxuhpt0_G2n9HVWWrg7cp8n8XgXlSdp5ZqBvIDzYSrGKpoqx0F6m2Q==
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 51F3
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
2095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:22:32 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 51F3
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 13:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 13:03:30 GMT
l
www.google.com/ads/measurement/ Frame 51F3
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTHMh1vc3cH6LdGZ7zUI1S5UcWWdMIH-H1czA394gIXlvVAX2XhVXPCuOUD5X-ol5K6CJLAWeB_dMBt_7_r4X6vJcAacA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 51F3
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:27 GMT
XassetkFJs3ny4.png
ads.w55c.net/t/d/ Frame 51F3
38 KB
39 KB
Image
General
Full URL
https://ads.w55c.net/t/d/XassetkFJs3ny4.png?at=0&rtbhost=conf01-europe-west1.rtb.roku.com&btid=NTVFOURCOTg2MkQzREI4NDcwMzBCMUI5MjU2N0U2MkR8R0ZMRWdZalNVcHwxNjkwMjI1MDQ3MDMzfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xNzY3MDg4MzI5X0VYfDEzODUxNnx8fHwuMFB8VVNE&ei=GOOGLE&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&js=0&ob=0&ccw=SUFCMjUtMSMwLjI4MDY1OTg4fElBQjI1IzAuMjgwNjU5ODh8SUFCMjUtMiMwLjA5NjIxMzJ8SUFCMTUjMC4wNzE4Mzc1N3xJQUIyIzAuMDUyOTk0OTI2fElBQjItNCMwLjA1Mjk5NDkyNg&ci=Xmwo1n97Q8&psid=NTkzOTA4MTEyNTc&s=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ts=1690225047036&c=DE&r=G-HE&epid=R0w3MTcw&mi=d2Vi&wp_exchange=NWP
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:8000:1b:f040:3600:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id
SLHuFXuOnpUf03k5jtH8203t4E1wMpAt
date
Mon, 24 Jul 2023 06:39:18 GMT
via
1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
44289
x-amz-server-side-encryption
AES256
x-amz-meta-width
300
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-meta-filesize
38935
x-amz-meta-height
250
content-length
38935
last-modified
Thu, 15 Jun 2023 15:29:43 GMT
server
AmazonS3
etag
"b29dd6c8e5bad4c52ce4a5727083404e"
vary
Accept-Encoding
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
ZGSo4_k0fTuPjnrwlVJu5XZbeHX33oEDrCMCMtxIQFq-6hDthOl_cg==
pixel.php
t.hspvst.com/ Frame 51F3
95 B
926 B
Image
General
Full URL
https://t.hspvst.com/pixel.php?id=2677&t=P&cb=2365660521750143
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.58.197.185 , Philippines, ASN174 (COGENT-174, US),
Reverse DNS
staticip-hv4m185.hispavista.com
Software
Apache / PHP/5.4.45-1~dotdeb+7.1
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:26 GMT
Server
Apache
X-Powered-By
PHP/5.4.45-1~dotdeb+7.1
Transfer-Encoding
chunked
P3P
CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
Content-Type
image/png
Cache-Control
max-age=315360000
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Keep-Alive
timeout=3, max=1000
Expires
Thu, 21 Jul 2033 18:57:26 GMT
generate_204
tpc.googlesyndication.com/ Frame 705D
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?NkSEUQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7823
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:21:06 GMT
etag
48472445140208031
expires
Mon, 24 Jul 2023 22:21:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 51F3
214 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b6dcab13480d66475b82ad03c7cc873d82881eba3b2b237cef3f5612bbe99ea1

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 51F3
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6Gqxlsm-ZP-kM96b2OMPp-uluAG6iLSPXJzX7u6pCMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqAMByAMCqgTkAU_Q832-8AwqB98rabbelILAbf-rdQT2M_AdRcJJlitqui-trJE3U1Tj3YC7qOBCGl-iMKn3gdbVgb_dItNMHdWLyGNBCxTknH3dIa190Wg-KirX5tU-2KPAcuxcxWEvJKcZ1NwQLH-b5yRASI10zwNCkWzxe7v5muetcN4klTXTfZGf30jCXOd7EJ7kO-P5iAn-e2IKplh9-f-9hoFB491R_-OF72WiQzQ6v42LH_bGt3ev8YS58syC0HEIWtYChQuFA2t4Gi7xxNWWgltodYRivX78hJD5tUwS2WOae9KLwemHo4AGm-uK68aOgupLoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIFAiA4YAQEAEyAqoCOgKAQEi9_cE6gAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=Zg2McvjGewQ&uach_m=[UACH]&cid=CAQSKQBpAlJW1N4mvblJcorZbQODAC0Dx22o9eG12veO9OvrFcdwhfifxHu-GAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 24 Jul 2023 18:57:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
a.gif
i.w55c.net/ Frame 51F3
42 B
582 B
Image
General
Full URL
https://i.w55c.net/a.gif?t=0&rtbhost=conf01-europe-west1.rtb.roku.com&rts=1&btid=NTVFOURCOTg2MkQzREI4NDcwMzBCMUI5MjU2N0U2MkR8R0ZMRWdZalNVcHwxNjkwMjI1MDQ3MDMzfDF8WG1FS1o4a2t0eHxYUnpUZVRpNmdrfC0xNzY3MDg4MzI5X0VYfDEzODUxNnx8fHwuMFB8VVNE&ei=GOOGLE&wp_exchange=ZL7JlgAM0n8Gdg3eAAl1p03ZaLg7NFK9qXa1Sg&ac=WFMwUE56aXZTMTpYU1pHTkNKTWpzfDB8MHxFVVI7&psid=NTkzOTA4MTEyNTc&js=0&ob=0&ccw=SUFCMjUtMSMwLjI4MDY1OTg4fElBQjI1IzAuMjgwNjU5ODh8SUFCMjUtMiMwLjA5NjIxMzJ8SUFCMTUjMC4wNzE4Mzc1N3xJQUIyIzAuMDUyOTk0OTI2fElBQjItNCMwLjA1Mjk5NDkyNg&ci=Xmwo1n97Q8&fiu=WG1FS1o4a2t0eA&fid=XmEKZ8kktx&sd=bg3.co&s=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ts=1690225047036&dvdp=i.w55c.net/dv.jpg&ai=0DaDXCcU00&c=DE&r=G-HE&rnd=2365660521750143&epid=R0w3MTcw&ct=b126c92c760c4964ba6058483a07fa14&os=Mm8wMDAy&dc=NzI4NWEyMmNjZmE2NGM1Y2JmMzBmYzExNmQzNGFhNGU&dv=MUxWSXJn&dm=MU1vb0JBMjUzMQ&l=emh8fA&ri=2rxtlU&cip=1&alg=TGcwMDA4&v=1&euid=Q0FFU0VHbmlnaVljelZDRjViYnFRVUsxR0NJ&mt=2cmt0001&mi=d2Vi&dt=2dt0005&tz=RXVyb3BlL0Jlcmxpbg&sg=Tjtcc25gmMGwxfhv3stMIA&buid=Xdb4DXiaK1Q&hmt=1&hmdp=s.h.w55c.net/2/948461/analytics.gif&hmtiu=9484611643830741015000&uidu=CAESEGnigiYczVCF5bbqQUK1GCI&spidu=GOOGLE&pidu=7170&hmpvu=f789ffc1-4772-4e0c-b27c-f334cfa24de8&hmtsu=3&odtu=2&mtfu=1&crdmu=300x250&cridu=XRzTeTi6gk&naoh=i.w55c.net/na.gif&ndgh=i.w55c.net/ng.gif&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.120.19.63 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-120-19-63.eu-central-1.compute.amazonaws.com
Software
PixelTracking/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg /
Resource Hash
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 24 Jul 2023 18:57:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PixelTracking/v2.0.30-783-g46ba6fe#rel-ec2-master i-0ee6b652682556fe2@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Content-Type
image/gif
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
42
Expires
Fri, 01 Jan 1990 00:00:00 GMT
dr
as.ad4m.at/ad/ Frame C987
2 KB
3 KB
Document
General
Full URL
https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5a3a9eb108dec4ac2859773e97a483389496a0f788772b591854e96b7ef5b88
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ebe63947bce1bcf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:27 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7BDC
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:22:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
2095
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:22:32 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 153B
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
74181
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Jul 2023 22:21:06 GMT
etag
48472445140208031
expires
Mon, 24 Jul 2023 22:21:06 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 7BDC
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 13:03:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
21237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8309
x-xss-protection
0
server
cafe
etag
1379281626718990200
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 13:03:30 GMT
l
www.google.com/ads/measurement/ Frame 7BDC
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRz9guDEQlf472UeQRuZgB8fSbk7MvK26xQEPpxldIRWz6SrvzHU0v9cRf9mqk7EUUmP_qWKFiuDkAJ3cYFMZCP-41e3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7BDC
179 KB
56 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57333
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1689766554590483"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 24 Jul 2023 18:57:27 GMT
dpixel
cms.quantserve.com/ Frame 7823
35 B
363 B
Image
General
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECxh1DWhQ_PzEBrqyNW9iGY&google_cver=1&google_push=AaAOQGHHdnyO_8P6dURekBaNi8InqXeN2g3fwxP4uLQo7tOKDbfX29drOMJTVMnoXWuqGgVKeZIyeR-_8fitGOoMYgsTouU7PyTx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 7823
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEN73Poi2-BabTAg0AvPwqRA&google_cver=1&google_push=AaAOQGGvwshKlto0HJvgNTl0LEDI74h8fj7q4puB_w4l3eKqU6NLm4r4MTHeRBnROzionV36lP9CjPylcQ-HSc-PW-Xt0Ke-b_aY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dds
rtb.openx.net/sync/ Frame 7823
43 B
245 B
Image
General
Full URL
https://rtb.openx.net/sync/dds?google_gid=CAESEINaSqrKhDdpm3NvaDxEMWU&google_cver=1&google_push=AaAOQGFTnA4Yc1GKDRXlb3DH6to5Qt4CBqK-nz8kU57-TTXsOCed7sQJQhlGfuWWWltYSoBJeXkB3vKXWU4o7vwb97e5TPPfqm_b
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
-
s.ad.smaato.net/c/n/// Frame 7823
0
294 B
Image
General
Full URL
https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEO6WKiEGJXdsU19JUF44j80&google_cver=1&google_push=AaAOQGHOGTOmOemD558K9OUSoe1bBcgFTrGPhxP2VSDvLhW41nGIO-pfBLeMNXgQwLeBgKzviB5ZYCOhjwYSjrt7iZtdnx8zm2F-
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211a:1c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
via
1.1 42c9dddb4e518a9ed3248bf50565b120.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
VIE50-C2
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
no-cache, must-revalidate
x-amz-cf-id
yJsXlWbd0GIvttrmHSSMeB6IYF0pT2OSXR9nC56yHu1E8dY7_AR0Ug==
sync
ups.analytics.yahoo.com/ups/58281/ Frame 7823
0
38 B
Image
General
Full URL
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEDenFqWphRKB7xUR96nBDjo&google_cver=1&google_push=AaAOQGF80iAKBUohxlWZkcxW1_gapEN6Y9G8qDwfQMKP6By17M7TT1Xg8N5y4mSseni5j9Z0twaCobicqF7bY3TnLxFYsvFmKB5H6w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 7823
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESEOp7nmXIR53KBvUBQTXA_mo&google_cver=1&google_push=AaAOQGG_rqdJLHVhDi1Ga3VIFkc3kGzZB6Yrf6U_QQ0tHkkcXMlwbXaadFrvtYEG7y...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG_rqdJLHVhDi1Ga3VIFkc3kGzZB6Yrf6U_QQ0tHkkcXMlwbXaadFrvtYEG7yzKEcwtraadPpdxGuF8zcCKPIdOuBT31kCV1A&google_hm=2...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG_rqdJLHVhDi1Ga3VIFkc3kGzZB6Yrf6U_QQ0tHkkcXMlwbXaadFrvtYEG7yzKEcwtraadPpdxGuF8zcCKPIdOuBT31kCV1A&google_hm=2AHIeNb4SNar649YvV_sD2Y
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AaAOQGG_rqdJLHVhDi1Ga3VIFkc3kGzZB6Yrf6U_QQ0tHkkcXMlwbXaadFrvtYEG7yzKEcwtraadPpdxGuF8zcCKPIdOuBT31kCV1A&google_hm=2AHIeNb4SNar649YvV_sD2Y
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame 7823
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEK_rvoQcXlaEm7qPDoi3s14&google_cver=1&google_push=AaAOQGGCyleDJ_98Tu0V7_0yUz28JyZaqBnRRcVQyg8dh4M69_X5mLZyuTqViyRwlRj2WkVPkfCQWTPdriE...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AaAOQGGCyleDJ_98Tu0V7_0yUz28JyZaqBnRRcVQyg8dh4M69_X5mLZyuTqViyRwlRj2WkVPkfCQWTPdriECdCvRUf4H3a0vNbBr-A
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
151 B
Image
General
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 7823
0
50 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LCucM3jkrAgrJMXYur4CO5uZAZIcptp_3ek_7p4ew8hBrmMGiZQKSDxdS4uePKIAEOXkX-5FV_
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134189&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046401&bpp=16&bdt=1550&idt=283&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=2&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=2088011310&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=783197305&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31075955%2C31076252%2C31076298%2C44788441%2C44796632%2C44796827&oid=2&pvsid=866985116752645&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.o4zym539n554&fsb=1&dtd=327
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 153B
Redirect Chain
  • https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESECxh1DWhQ_PzEBrqyNW9iGY&google_cver=1&google_push=AaAOQGF9OcHHKgd-rTu5CpXwbDAtqQjcKjGu5lJwRUiyc1mbCc0BMUuEct...
  • https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGF9OcHHKgd-rTu5CpXwbDAtqQjcKjGu5lJwRUiyc1mbCc0BMUuEctchNsB2mkXRakNlKWuvuNkYnc7GECmWusHv7FQVh_E&google_hm=Dv_KTAa0nz7XF...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGF9OcHHKgd-rTu5CpXwbDAtqQjcKjGu5lJwRUiyc1mbCc0BMUuEctchNsB2mkXRakNlKWuvuNkYnc7GECmWusHv7FQVh_E&google_hm=Dv_KTAa0nz7XF_h5brVhug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AaAOQGF9OcHHKgd-rTu5CpXwbDAtqQjcKjGu5lJwRUiyc1mbCc0BMUuEctchNsB2mkXRakNlKWuvuNkYnc7GECmWusHv7FQVh_E&google_hm=Dv_KTAa0nz7XF_h5brVhug
pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
current
dclk-match.dotomi.com/match/bounce/ Frame 153B
0
104 B
Image
General
Full URL
https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC00XOUrXoOW5BIASlvijjU&google_cver=1&google_push=AaAOQGG_37Rn6bZ0LoCC61JCLrpqzzCERBrUjvpa0DaQNWnm84r00KvJMW3_VEukWUtTfI_P3OTMiK-UQDuy40p_dN2jW0_KAS1t
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
i.match
s.tribalfusion.com/z/ Frame 153B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEPwJIGSuHWaK6mY7PLCVUZk&google_cver=1&google_push=AaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPwJIGSuHWaK6mY7PLCVUZk&google_cver=1&google_push=AaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28Jb...
43 B
414 B
Image
General
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPwJIGSuHWaK6mY7PLCVUZk&google_cver=1&google_push=AaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ebe6394a920bb83-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2172
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEPwJIGSuHWaK6mY7PLCVUZk&google_cver=1&google_push=AaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAaAOQGGbiuLcoGdUcTbtsSsAPRT6P-GvkhUD1LpS6vhqn3r35tFiBr49IT0gNlk6Ao8xBUeqiiDrVIhAkPmaNcNsbpV5mPU28JbB%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7ebe63936f51bb83-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 153B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEAWaC6aha1DcyCimDcpdkcs&google_cver=1&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5En...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEAWaC6aha1DcyCimDcpdkcs&google_cver=1&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-t...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcxMTc4MzY5MjIyOTc5MDY2OQ&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcxMTc4MzY5MjIyOTc5MDY2OQ&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5EnULqjvHj_U1bjKYHQ8VM
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NzcxMTc4MzY5MjIyOTc5MDY2OQ&google_push=AaAOQGErYEXRYEITkj23JsBoAKM3Luelt27dt1uzHjEai4UA58U2mNWL7Ms5qD9x9qgbqolMV-tuk5EnULqjvHj_U1bjKYHQ8VM
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame 153B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEC...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P&redir=https%3A%2F%2Fcm.g.doubl...
  • https://sync.targeting.unrulymedia.com/csync/RX-3388b781-8a3f-4627-95e8-3c481e5b81cc-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAaAOQGHXKa_xy6PkLbTY_maED...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P&google_hm=AzOIt4GKP0Ynleg8SB5bgcw
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P&google_hm=AzOIt4GKP0Ynleg8SB5bgcw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AaAOQGHXKa_xy6PkLbTY_maEDpMWGR75bS9RM1djyUo6a8XjGGgBmCro0WX5C-o57Py8u8DqRA0APFkDaUftaNz98zwwEcL7NZ_P&google_hm=AzOIt4GKP0Ynleg8SB5bgcw
date
Mon, 24 Jul 2023 18:57:27 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX3388b7818a3f462795e83c481e5b81cc003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 153B
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEDgwDtFD1Eb9zAM__Nv7Tn0&google_cver=1&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1JqY
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1Jq...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE1NDcyNjE3MDE1NjM3NDEyMDA2Ng%3D%3D&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_Bbr...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE1NDcyNjE3MDE1NjM3NDEyMDA2Ng%3D%3D&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1JqY
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzE1NDcyNjE3MDE1NjM3NDEyMDA2Ng%3D%3D&google_push=AaAOQGFY1fBSQktw0hGb5ERE1eF9LMzPZ0LyfqBbE3XHyGtZQp8L_BbrhBa3YvgSFkGTkbldmHLbuswaafhBUGqIhwPiEHYa1JqY
date
Mon, 24 Jul 2023 18:57:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 153B
43 B
145 B
Image
General
Full URL
https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEBU4udTJdp-uzNDIF1NNA1U&google_cver=1&google_push=AaAOQGG9jVEuaPErG6Q5FRriU5vraQVgOShtBMjFejI1jDe1Tk2zSo8o4mGA8iNFDmIblQafFNjZZyndvca_XhzLxYedJQzYfzhMCQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.158.162.107 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-158-162-107.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
attr
cm.g.doubleclick.net/pixel/ Frame 153B
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J8HJts8PvNFxJ2b-v2WKvqeOLBKmHnR6Sw99GoF0Pyo_tgNZp7dNNFmjzuMBxY-RQn2DgjnA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f194.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame E175
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=3986258907284910&bg=!QkGlQRXNAAZsPphkTD47ADkAdvg8WnPBiN35VBmqMa8FOi5sBNg8FWUGOvlkX_F9HEp0AFi23iN6WuOp0e4QSRa6O8TyMjIK4dkCAAABNVIAAAALaAEHmQLycutl4NiGtLC2444GtRCl5UaeBIOCH7xlohW2XNyrs9z598l1wGe-OIsG1PaOz1JLNI8JwP3WtVFDROw5D5bJYWKGoQ-nTF1WXe1_GpykMQNqSRT06nSiWLjs5CaGcIsuxRvnKBQjcJ1x4zFrHE2F8gzNMThOBx-c9qYL5BvnK0Ix6FuRSi5PsTY3HvAQKdhrXb3zKkUFZTofyJOY9-4qr9f00HnGt3FdJZgomYWLstSWT9jK0TdHoK67Pkzd_jjWAvJqyMo7Ie2YUD7qAp86XnEiWqNwoZMaFEZ5i2zBhtm7Cv8Tz22-u-zcEHczzSqU2tyaOjfiNKvU-IynRKyolrHLRZcXdrpJK1acpzH80om5xm-HUChbxtpaqCzZhslKXjlbUJU3KkZIl72MFEs0jo5u9JzcXkJBoMzM7lTi_bhA45A_00oDYqc6D5WEDhGiRt6Is98Ze2TnrEKbeBa-wi_wdCGjJtG9HyMFqwE6V-w9Db4trj3SYmTUiaEN-B91lsz0FNX8DGxkImpnfOxLqPM6-ms3QRI81fp1N733uQKILUXgBZ0RXabIfexq4-I7j3nkW4AahYzJaAbwkNfp2NBrObwirs8s-lPPloFKx58SqvCqruCFzwGcipoyJ2mp3x6XemVofY_7Ks48kVaXiEXKt3gN4MjN3kvgdmrKEgPRpjMA8CndBPauOuZmuF58rWwy9DU76hI5F5cnKfJ3Doc2VMbEAW3TwZqbyzzXY5ePwLFUdDKnBzBiuEWlS_xc9NgqRkJcBZfQvR434_hVH5DKLsO_TafIV3yOSyeF51K6uaoG12sxFA3jbRZziAqg7KLYKG_cu2wsdltfdo9eLPrNErVzSMt0J5ZdAUCZ-IvBw4E3kR1YnsHhD_HioyvA-7IZ5hon0K844LORmzpIVLDFR4WBGYJgSC6IzdI7DfjyuTgh6vjJu1DHEfh0sVmN4gK5YKaap0yjVCHF-gznJ7XcHEv8bcehHhjsKHACGsZLkg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

truncated
/ Frame 7BDC
211 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b6eef7c993ad851d1978da4844fd4c482b024fdf58790c36750f8110b4bbcbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 7BDC
0
19 B
Image
General
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CZjwKl8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE6QFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R40yf-MGqtr9Dpo0PGTBDDewvZtGCWFMt4y7pWkT8qFAnhpcGw7RwoAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=3Z1M9MZAgqs&uach_m=[UACH]&cid=CAQSKQBpAlJWaJ_BbAarNh1wTMYHitSLowVuyyz-itNVaU7_KXSOUlCiLw4qGAE&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Mon, 24 Jul 2023 18:57:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
winResponse
prod-rtb.ad4mat.net/ Frame 7BDC
0
103 B
Image
General
Full URL
https://prod-rtb.ad4mat.net/winResponse?a=1htyne8sah8v1emsddw7ezmw4n9adkeabtqgnypdt76m78vkwmrkpafxpds70ct0kzv87sn4hwmgpv3xgndfb4e7dp9t8hdamt3v95rwhzw1g9z9mhgpevpdredfzrrmajanwk0f6hbkg9et93fx1xa8jedzcvt7q2hbgsh5t72e8dbksk8zce4p6z699svk5qas9p8yjvjgh0517q0yj0cev4p15jwmvj5mfmc6aa31xcf1vh9b5banb1t6dej1zdexeaarm0jc623bvy300s0vxgnq74680dzxxskfq6t4ex7fnt68ps5ry2sddw233nk2f952rny7bnysc9abvzt7a3a9hcsbgfvdwsz5vr7a2szyfn4zvk4d5bywbg2z1wm4k36krr&b=ZL7JlwABBzcD5_4ZAAuooYcZnPAI9X90IaTHsA&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=758607166&adf=3615134186&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1690225046&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1690225046520&bpp=17&bdt=1656&idt=397&shv=r20230719&mjsv=m202307190101&ptt=5&saldr=sa&correlator=5215622723851&frm=23&ife=1&pv=1&ga_vid=328934196.1690225046&ga_sid=1690225047&ga_hid=174216216&ga_fc=1&nhd=1&u_tz=0&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1086&biw=1600&bih=1200&isw=336&ish=280&ifk=229877109&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C31075951%2C31076090%2C31076250%2C44788442%2C44796827%2C44797785&oid=2&pvsid=1812971201998366&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.3rnx4t6u2326&fsb=1&dtd=448
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 24 Jul 2023 18:57:27 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
image/gif
sodar
pagead2.googlesyndication.com/pagead/ Frame 3081
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=79218063257424&bg=!BQalBlLNAAZsPphkTD47ADkAdvg8WgFDSr_ZzA7rINOrMI6TNfLxG1W0cb9FhAdXPZHW_UZDZ_82RiVrDCgXbuSlgzIz6OeU_DwCAAAA31IAAAAWaAEHCgAJnuN4t1XL-OLEmQLuqDVW0fUEP1rS37gVBe77Mu7XRfaYuvvb-VqP9SmUeJaOU9xMC4__6SCLgnZ3ku3rmBwvKgYk9_-wvqDrI-G_jvOghZd5Kj6TVzhlFv1XnUdKPRfPvoYoLADePOkQBwZys9yT1O5lgKyFSHEZbHwMzk2-FGPzvsjCLIatzkP2R3Gr8_oqLYxQ471CFc5JSHY4lI0RMiBkrgottBPiqQNcQcg5uBpjiA9c9_ad21fVYDbJS0GZJWrTSLkKeZAmPEI2KTwyouFl9_8GYrg_VwIQLhLqYwSgwQTT5Ezgp19xZNFuR7Bzyyf8gSywuAWE9RTZriGKYbJvKSOSXBpACYVM1d2reFQP1443bR4912FRNuHBIN7V6Yb3ITJGptwe1_lGRnLC58iqGJhvwRs78bQra4T0E2Fobs9yjzTehJ6gqToHmb5xiz-CVs5ft_a9uncla8bjSUwUd6dt2efef2JZZO-TAM97QNmsyS7Z90o0gQu9lSuGzTC9lFaegVle9ELVmu1S1cs9sLZ9eTnRaIYGbRaJhF2ZcPn1fOv3IzNqErMpd8FDG5qIIdMAApO2StwowAD2oe5FMUjIVs536A0u-UatIJBsR0Gq_gB1xjhqsBBpPXE5QIsan1jDigqwnINT8mR-Pk55Ey06rstFWgS__b8NH1BAZj494ZE709ItjIY9F5NR-x9xra_RNgvXrHY0Twye0thcdqNalNavcXLC4pPTCMHEX7q8zIfPit_21S5pFO_6OvJBlhCCJTttxlpOe7YQhJ3frOMZyhKx32l-uU0I_5rDJZ8lCFmceqUtDAGxBALGtcjNIavnLOaym89MZPRLYkE77-OXeGu7ufez-v2xb0AjILYFYeAN_IhHMaRE3-K-zPMQnFag9XcxrAK2GPPzgcNlLw0zNRWr5inH90Lrgqu-EO30EnjSXAtvuGbmZKKtQR8hC1K_ZB2GG90pEONFczuS3c9_dZWCkDO8OfY9tVQOUDCqAlMgkOOq
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame C987
114 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1064660
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0Kp0QVar3l%2FKEuM2FGJD7PYODyyKEepYHgqEYZzx2QrF06B4ojmz0%2FbgIA9Kv%2BN09Oh0s4VDZHYzcHDvebw1cbler4fplnr1dYMFy9SUuIVpqqZrEv2MBUXDT3%2FPyLMm6PxBgWOX5E%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ebe6394cc491bcf-FRA
expires
Mon, 24 Jul 2023 19:57:27 GMT
r62eglto.js
ad4m.at/ Frame C987
25 KB
10 KB
Script
General
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 11 Jul 2023 16:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
527224
etag
W/"8f7b47e4fef4e58c4cfeb4f6c445dcb6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4fe6jSnzNa28ML75ygwdamHIOUPqMSHwpyE%2FOBgjP620BfRkV0C5MFGX31vENUQ6z%2FB57wgMiI7majpdohPKw0ZWHx9V8ylfIk8IzvYkNWI3qe128pnKn8pNkJUqcmUlOsygfz4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray
7ebe6394ec801bcf-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 18 Jul 2023 16:30:13 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0137
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=866985116752645&bg=!-vml-a3NAAZsPphkTD47ADkAdvg8WuX1RVoDHiwxK1LrBZc1Ztwu9sFlaMYibQ-P-HDP95YPQb9eFkjAj0q8wU0VDVKSSwRxY64CAAAA0FIAAAAIaAEHmQLunxzQVvut3tpnZyvpuGU3ZVPl3K3vebcob2M-KA2GUV7gF7pwtHF80B7YOnF9pYsA8YEReWT5CCrwpk0kshoK2W1d3VGMQXWMLkzdR8jIvKWZ7R9ZeXPyIZ4pKGUsF8f8p2Kk0IHEo1UKy3OMZ2J5zU0MeX37YOppD9rjf_bZ0698YPPOqufLpF7HXWSpE2G8Le7MVILEHdewOKKbrR8ScdW8e5rnWSQUFtYd3Ron8j5MatlQFpUCp5Psa_Rwc4ZSm261iGuPTCe8xxAXMJmvt7c2M3T9ZhQr5SwKZf70sO6EyJW5-pq54slWGEbux8CSMdJ-zOKNkcvk4UrdZeHNHOVAp7zjuimll_ulBScDjBpJ_gtyctE_WqcHh_0zxmNHym6G0t6AIGEpY1oUwTLboebJQHreL1sKnf9y1p8WkYtEN6V1Qli8QGH5wDqqwHNBZ3KmXMgQh3bmmgNCpYBbJzoPkB58Xnd42winQS_wv0Gevqas_oAgK8B1TAZg-MHq_Gyu99qESDPIYrcuV_V85PYfhpKiSkDU0yiRYNqu913O27LjltntDBl259vZLVqpXZUT-v4gQDOhad9jne6pQinmPM3iyi0-YkM88psKaNibh-ZzJIfmClb05qzHWfw2KmMneFkquNdkRgU3-uKFdWtcHx1cauzcUM6GQ1GTYq6C7uc1slpJOXX3MQa_E3vBf0JyFMxpZYPes6AX8Oykcchp9EZLnLfZb73bdOl95JckaNgcC0AVePOETTUOqPOyHFGsdFImVO7bSYKcyuoj_fXawQu81rAK_2CjbZcG9jpuj78ITKhoiasbKVOL4lMSaBokHJOneXvrOgM_yi0urwUFxZh6LFDDOVYMq64rp1eWC0R4NahVCXitaXJdpgcWlirsi4ZjcQ0Y-so_do9pNF5uPKxXgjf1sqRjCdJXc0fd1JXZAHWTJp5CJ6CUmSUOHQBUgwLWTaHRSo-7gXUlKJGNbwUT9Q43LXDGu0XV
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
826 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690225047842&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1535&pt=1860667983&tz=0&viewable=true&ddast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!orstbycnd3_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
5cf88404900dc2dd2751f3fc2c2d6335d5401a378eaabe01e617316c2708c63d

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Mon, 24 Jul 2023 18:57:28 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1473
x-cache
MISS
x-served-by
cache-fra-eddf8230072-FRA
pragma
no-cache
server
nginx
x-timer
S1690225048.847524,VS0,VE310
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame C987
3 KB
4 KB
Image
General
Full URL
https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:444e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2497
x-guploader-uploadid
ADPycdvwP-NwgXqNEbyI2qkcz3h5-Ehsvrbo1BzPr2w5R7YEx4A4494G82MbZGb67-CgTESrTtVZjLf5PX4N9CeItuw
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
content-length
3262
x-goog-meta-
last-modified
Wed, 09 Jun 2021 12:35:14 GMT
server
cloudflare
etag
"794c84d30e213ec6a144d64215f07551"
vary
Accept-Encoding
x-goog-generation
1623242114099744
content-type
image/png
x-goog-hash
crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control
public, max-age=31536000, immutable
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6C6Na8bg%2BGMwIuOXeRqdhufCGkG7ZHsM6CwoiOqH%2BPdT%2FoD1y6%2Bypx70JFDHfidZ5Agi9XxLNXvor4cbkixAlnWfRIxhafIrMUATiDzt7y5hcOK6WeBpLPfJG3xqaiVUgMAo%2BbhqTdqXOHlcGzw4j%2FSD"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
3262
accept-ranges
bytes
cf-ray
7ebe639569f9bbf2-FRA
expires
Mon, 24 Jul 2023 18:19:12 GMT
frame.html
ad4m.at/ Frame E9A5
2 KB
1 KB
Document
General
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
2267734
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
7ebe63951ce71bcf-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Mon, 24 Jul 2023 18:57:27 GMT
expires
Thu, 08 Jun 2023 00:41:56 GMT
last-modified
Thu, 25 Aug 2022 14:12:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oP9n8HSAi50erQJ3eC2qQbzheGUcrpVKApdnaowYS98g0UKHltjPC%2Fi%2FE4JKfn6EUpp1ebiG6eq4Bb5k%2BezgCg3RRJtoes2NJ3nOiYXgTumSSQ2u8YI6NKsj4NJO0UqnKLguGBc%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
sodar
pagead2.googlesyndication.com/pagead/ Frame ECA4
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230719&jk=1812971201998366&bg=!z8ylzJjNAAZsPphkTD47ADkAdvg8WregFBeBo0zvY_1686Pn5n8H4e4d1Y7hvyoYJzI7TJlC3hhI9h5N9WPKXnH9rWDc_M071KQCAAAAiVIAAAAGaAEHmQLlhrZ1yjQ-MQpgVRCpcaD3jVYBgL4P5fBS61Vr2-wk_CqmRmhqDkLd8R1eLPjrpKCYSkpnT2OhxOZ557C5AQ5kmpafYYsNk03jZ6tOQaRkMWgUPYeod26hx3vegxQOt0zV7QSNtg1ZPtREAnh2TeMbytLRteIkKrTEn2RIix3SaPCg5s_7H6pNeTdyoDmbjpBUZAulEwCJXdpVQwssBzr_s-M_fZamafuXwBAfSdhU92IoP-1M8E9FhfqVnlPLqaTvSvM4OJfVTkHguL-bdRkKwmejLN6XLDWU515HD6R542RRma1O7Z0M7Oz8ZtZauCww9ylTsU8EaEnD7oldCfM5mp84ra6pIkOKdhOgHWBbyZFGd6ccVxllAb0MUi2bgEYzyoPBeLDN-qJhSi6tv8faKqfwYlD9HlwviUWP3oaMKjTZI9xd_L5OdV7Vv000VPvHd4jcZNucIrwPbHAtguxBuQAvWZtgScncznzS_bgT4vhkgAM0UdhXrrctNMSXiANvwHbJ45j0lseF3AjSFe1dX-V6nU4Omf8lx3yqoKD-1Xcm4W_3HCV1KLMpS6sD60GgUKUMJ6NT4o2bhOvJydkK-KSybVHHnIu8LQH1r4AM8Knh1VVgg2jZff13d5ZWihhya9uOyiQXvhwlGHo9kNdctls57PtlpfJzSRgDm_16ukar4CjMV3sjdxNc-6sVDQcTnwnKrdCU3YWrI16PJtlGcZh9p_k8co9e_n3Jx-FULOoNTxReyQuzDsZhf2baVRGTTYR_vyZbZmelGTA4Ek5pwqWj2v1jO1CDbYubM-kXUJuuo5eWAK52XfjJIGe1H8WzeEyvdgifhaO6f0Rt4wgotLtEN4Hw0M7ZJCd7LmMh7IvXlbPiMN-GTZe_kR46Qb5MU6wmH6U0vHMfH7qomwYvOTI52hsuWwwVhEwIVTHJUEQG8_bePB0tuM7w30gk7cx5gmbmWlzmH4Ndc8QVJlcBhGbEx0AM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hai-nan-san-ya-hai-tan-ren-tou-zan-dong.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

rs
ad4m.at/ Frame C987
2 KB
2 KB
XHR
General
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6700c52dc66ecc201a28ff5e504b0a0d9ced88bb9516d9cbcd6212db27fba563

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jul 2023 18:57:27 GMT
via
1.1 google
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M78ZRUuGLwHPsGcDvfglSapNt754e0LAvvEkkvtAfrSa8tcayeqf8kxak8pKnewAe9bqZiGWSERaeUdM3funY08Oxt9FOb2D8jNcdT00nTNMG1XSGj5HqyQuUpICFvrJkbzmnN8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://as.ad4m.at
access-control-allow-credentials
true
cf-ray
7ebe6395aae818f5-FRA
x-backend-server
aa-reachservice-group-europe-west1-9vvl
alt-svc
h3=":443"; ma=86400
rs
ad4m.at/ Frame
0
0
Preflight
General
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://as.ad4m.at
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7ebe63956a7d18f5-FRA
content-length
24
content-type
text/plain
date
Mon, 24 Jul 2023 18:57:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dy3Hb4DVwvcGzQsQR6IzoTuZwRWDBcAkf7EBqY59hKhQ%2FgXt%2FO%2BunxJAdm9levz2QTI6kvh3NdRUgrmNw%2BmmfUnaRTJIm4ui6UvkHIyGWhixHALyhzo0QUYLLzxUYcaBYK5e0fU%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-rz5b
rar
as.ad4m.at/ad/ Frame 2028
11 KB
5 KB
Document
General
Full URL
https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d64c6c5e2c6d18767d2df0a7109a6424de4d8e36f779bcb116046b06d748308
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
7ebe6395fe021bcf-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-src *;img-src * data:;manifest-src 'none';media-src 'none';object-src 'none';worker-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Mon, 24 Jul 2023 18:57:28 GMT
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
default.css
as.ad4m.at/ad/style/0.1.48/one-ad/ Frame 2028
114 KB
14 KB
Stylesheet
General
Full URL
https://as.ad4m.at/ad/style/0.1.48/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime
1687950287
age
1064661
cf-polished
origSize=117335
x-guploader-uploadid
ADPycdu7Pb84Y6vCPqpUShyJrQGb98f4yuF1LiyC2B7DeEN9kG_1SbpI2iXm6tsp7d5fI22nNzf0l66mXGhEIUVspATbXw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Wed, 28 Jun 2023 11:05:15 GMT
server
cloudflare
etag
W/"5d49535c2a84a9762127b3d9e77d7e02"
vary
Accept-Encoding
x-goog-generation
1687950315098833
content-type
text/css
x-goog-hash
crc32c=aWAnwg==, md5=XUlTXCqEqXYhJ7PZ531+Ag==
cache-control
public, max-age=3600
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PopzVypRwVUJyI2oSaGqMP7u8tnaSTXIcVDPrHlParTip7coMeIoDKOzbnUexjkyNrkegCnCDGEPmYsAnNn0ePNe7tYtI962pKN1SK0bVAaQDLw56Uz5EQBUORmMGNLHacFOBS7rq7c%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
117335
cf-ray
7ebe63963e531bcf-FRA
expires
Mon, 24 Jul 2023 19:57:28 GMT
762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
assets.ad4m.at/logo/ Frame 2028
44 KB
44 KB
Image
General
Full URL
https://assets.ad4m.at/logo/762E992A001272DDC355514B76DC4960DDF6238B0F54854C0B29BE64A7E78BA5693E54C1A602322E523834805FE15471ECC3FEB06D9A02796A930A4085F71F84
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
596633
cf-polished
origFmt=png, origSize=65187
alt-svc
h3=":443"; ma=86400
content-length
44710
cf-bgj
imgq:85,h2pri
last-modified
Tue, 17 Jan 2023 14:45:52 GMT
server
cloudflare
etag
"99941d3864a6d6ef01023c96e0475815"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tciYJ5B7klM8%2FjXdNil5gE8cCU1XaxKYxcaGyU%2F759g03H3jKB98M9peywItPNIIdkRQ070zD1aYgO9S8DfGziqSQvk9kA8ccU6JuJwkCWRFOsDvrs54WN6WLwkufi4J%2FrkhWFjI6K2ssDvB"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ebe63964e7f1bcf-FRA
expires
Tue, 25 Jul 2023 18:57:28 GMT
EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 2028
222 KB
222 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1010159
cf-polished
origFmt=png, origSize=342797
alt-svc
h3=":443"; ma=86400
content-length
226916
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Jun 2022 14:01:11 GMT
server
cloudflare
etag
"82c7de0f42ff55fdd0acc07731664031"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPEDR4QCXJpxdo0PSl75lDlGknRvMfr6dob4dRRn%2BZjQIFmA9Zz%2BCMt7mCrw09WWe5f8hBqVf7lYnqqNvutuanXmEP2cUqtU9K5eN3Nw5%2F4UvAcVWfmZCA%2F7G98F%2FQshGSUJ%2BgQlPjm4dptA"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ebe63964e801bcf-FRA
expires
Tue, 25 Jul 2023 18:57:28 GMT
ztpv.php
www.conrad.de/ Frame 2028
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2470185&v=11354&q=377129&r=412871&pv=1&pref3=oneidJBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&gdpr_consent=&gdpr=0&gdpr_pd=0
  • https://www.conrad.de/ztpv.php?awc=11354_412871_1690225048_ef604520-2a53-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
0
472 B
Image
General
Full URL
https://www.conrad.de/ztpv.php?awc=11354_412871_1690225048_ef604520-2a53-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Server
2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
strict-transport-security
max-age=15552000
cf-ccp-worker
HTLPHandler-v1
server
cloudflare
vary
Accept-Encoding
cache-control
no-cache
cf-ray
7ebe6398385891fb-FRA
content-length
0
expires
-1

Redirect headers

Date
Mon, 24 Jul 2023 18:57:28 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location
https://www.conrad.de/ztpv.php?awc=11354_412871_1690225048_ef604520-2a53-11ee-87f6-2265f034cf4c&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
assets.ad4m.at/logo/ Frame 2028
74 KB
74 KB
Image
General
Full URL
https://assets.ad4m.at/logo/D694B3AB12381C049B127B34DC11A792684BA8B6EE8B598D6E4045678591B7D0DC6B2CEF7528F06BB05FC11826A1D16CF24DA68FCFC2416343996FBFC05A3155
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2267279
cf-polished
origSize=115129, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
75430
cf-bgj
imgq:85,h2pri
last-modified
Tue, 09 Feb 2021 15:11:24 GMT
server
cloudflare
etag
"0a277d59efca0369a6983645e273659e"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4vKfveZcGpgA7Rqgie2YGk6wu4Xm0AMa1YTHehohdKP6bWaxgkCet%2F3DvMKZ5pS7IK7UI9Lc4pfbrF0UUGRmhopNWPU4mLp0Hf97ZXBpaJPvbUNNOhYHT8TdWwwVCFvR9OsJ8z08BrfVG5%2BL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ebe63964e7e1bcf-FRA
expires
Tue, 25 Jul 2023 18:57:28 GMT
0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
assets.ad4m.at/ Frame 2028
22 KB
23 KB
Image
General
Full URL
https://assets.ad4m.at/0F1A9149B0506C8C1F1D1F27788DFE572ED80D70826E34AA54862ECE67BA7FF050878AC4EAD3B3BA71723C609CC8F5A5EB4EC344BC89C06A1A29A395A2C8C69D
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2231286
cf-polished
qual=85, origFmt=jpeg, origSize=60344
alt-svc
h3=":443"; ma=86400
content-length
22974
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Mar 2023 22:26:34 GMT
server
cloudflare
etag
"06609266defcd14ec685b2464aeced2e"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQNhzgBiJtjLyYf6iSmEmdUTMsJo2E2FWPA6RmGf1iUkuKiLSTh0y7ofY94oOyXY9c%2BJmjhseH%2Br7aaIoFoifMfVNog3TP5byvzxjJ%2BHz6TvKYoMx1sWyDiZnjAbqNeMnO0%2BTcqfEe52yKL4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ebe63964e7c1bcf-FRA
expires
Tue, 25 Jul 2023 18:57:28 GMT
/
partner.o2online.de/a/ Frame 2028
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=;dc_rdid=;tag_for_child_directed_t...
  • https://ad.doubleclick.net/ddm/trackimp/N773418.3417549O2_AFFILIATE/B25220131.345081615;dc_pre=CISun_2CqIADFTaf_Qcd_voIOQ;dc_trk_aid=536683351;dc_trk_cid=176936761;ord=%7B%7Btimestamp%7D%7D;dc_lat=...
  • https://www.telefonica-partner.de/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://www.lead-alliance.net/tpv.php?t=117703V1226132702M&subid=reach_SUBIDTEST_view
  • https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=202...
49 B
1 KB
Image
General
Full URL
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
HTTP/1.1
Server
167.233.13.224 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.224.13.233.167.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date
Mon, 24 Jul 2023 18:57:29 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
Content-Type
image/gif
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.o2online.de/a/?i=pview&client=o2&camp=pview&l=de&nw=lea1&affiliate=117703&s_id=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&gdpr_consent=&gdpr=0&cons=0&spid=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&partnerid=12218
date
Mon, 24 Jul 2023 18:57:29 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
assets.ad4m.at/logo/ Frame 2028
219 KB
220 KB
Image
General
Full URL
https://assets.ad4m.at/logo/F9B39585BFA0505D63AEC15D6DB1B02D9089CB0BB1445FD9678DBB04C32C81A56DC3B966E24F60B1752A92F908AA27DE3F0994E5B1621436EB0D2328EC61055B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
421791
cf-polished
origSize=233620, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
224653
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:10:51 GMT
server
cloudflare
etag
"d1d171dd651522f41a2fc0dba256a546"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HCgYRw7Dcl123Z173KsSk3%2BdS6bH0vwzTbwUQjM8ZUUhBFeX6V3u3p%2FZVsvZp%2BG6cZHo%2BafGRKIfxcV1BsdPuTECqO6gVfRIb1wFio%2BRTQe%2FfqvloEQpz0sLBAhFTytbbrr4D5z0s3QP1JC8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ebe63964e7b1bcf-FRA
expires
Tue, 25 Jul 2023 18:57:28 GMT
1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
assets.ad4m.at/product_image/ Frame 2028
637 KB
638 KB
Image
General
Full URL
https://assets.ad4m.at/product_image/1408E404D125984EC307986C30204BFB93CEF5A079A8B664A2AB24EB8E10E04B06FC2810F2A3432611FA8E4EB56D40C4CE476E3578F76162AC45AD15ADEE2CC0
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1398543
cf-polished
origSize=731561, status=vary_header_present
alt-svc
h3=":443"; ma=86400
content-length
651990
cf-bgj
imgq:85,h2pri
last-modified
Tue, 29 Mar 2022 07:03:31 GMT
server
cloudflare
etag
"1b69278243c107df5b11186b1f6ca585"
vary
X-Goog-Allowed-Resources, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cDexx3gOn%2FUx%2BXJ4WQmRA4egwuZfrYMMj0IFsOheWAMzrD4CXRmz0v3%2FcV9QvtG0ZcU%2B7pbGsNH29WndGASf9sEODxfBbwBd3wyLvNe8Zl4D9H8qJ0S2hdhanN9U36dKyH2Z7eWypMFw1TqP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
7ebe63964e791bcf-FRA
expires
Tue, 25 Jul 2023 18:57:28 GMT
link.html
track.webgains.com/ Frame 2028
1 KB
2 KB
Script
General
Full URL
https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j3h30jch71n5dt5ek0fdnp0cdy3wj77mc4zb9vytzachgdzv0zdzteczn70txbxqb5a7e70y6hpwaskyp2c0escb18jtmktbwwtyp874sfrznn3cjm1yyq5qgwn3wjwpyvsnwzmp442ctxahtv18wkvt5f5qjwxzwhy8y0kn1eg4tf238ssjf88pjbxn6r06ses5f39tgq3aft8z0f1z68bxtcr3pz9xtk924ja4rve4h594qfe30m47a0302d9rx3m0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%252526client%25253Dca-pub-4485239425924787%252526adurl%25253D&clickref=oneidBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&viewref=oneidgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMPoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.113.28 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-113-28.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
a01f1ff8009b20183447681053e668bf82ac4025660a179bcfbe08370ac621b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:29 GMT
last-modified
Mon, 24 Jul 2023 18:57:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 24 Jul 2023 18:58:29 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 51F3
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8HhLmubR7CNS5W5slt5bAuRD3jgPkMETv93H_oc46O4xbjIIIwVgU0PlxyOuLcT6afqw7_VPRjR3hMTGqohyMXLbW&sig=Cg0ArKJSzMIpJ3NWukSiEAE&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=758607166&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690225047272&rpt=187&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 2028
85 KB
31 KB
Script
General
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=2194035&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j3h30jch71n5dt5ek0fdnp0cdy3wj77mc4zb9vytzachgdzv0zdzteczn70txbxqb5a7e70y6hpwaskyp2c0escb18jtmktbwwtyp874sfrznn3cjm1yyq5qgwn3wjwpyvsnwzmp442ctxahtv18wkvt5f5qjwxzwhy8y0kn1eg4tf238ssjf88pjbxn6r06ses5f39tgq3aft8z0f1z68bxtcr3pz9xtk924ja4rve4h594qfe30m47a0302d9rx3m0%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%252526num%25253D1%252526sig%25253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%252526client%25253Dca-pub-4485239425924787%252526adurl%25253D&clickref=oneidBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2oneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&viewref=oneidgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMPoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.145.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-145-6.cdg50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 03:21:04 GMT
content-encoding
gzip
via
1.1 a1968deaa8ed5b7509e3f95848e4d7ec.cloudfront.net (CloudFront)
last-modified
Wed, 15 Mar 2023 17:26:29 GMT
server
AmazonS3
x-amz-cf-pop
CDG50-C2
age
56186
etag
W/"876c293e6c37046ecb0c11ce2e276942"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
PLIKyFPGEmmCC7B_BT_EyoRTgzqccTddm3ACViX2Xv9G6cDcxBdlBw==
link.html
track.webgains.com/ Frame 2028
48 KB
49 KB
Image
General
Full URL
https://track.webgains.com/link.html?wgdedup=1&wgcampaignid=1384975&viewref=oneidgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMPoneid__suite_Netmix_Reach02_SSP_CONTROL_ADX&wglinkid=2194035
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.134.113.28 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-134-113-28.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 18:57:29 GMT
last-modified
Mon, 24 Jul 2023 18:57:29 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Mon, 24 Jul 2023 18:58:29 GMT
collect
www.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://www.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=4944&cid=amp-Hp-FZa5XuJht59_6vLHFEQ&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1690225045&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=7803&epn.domain_lookup_time=20&epn.tcp_connect_time=734&epn.redirect_time=0&epn.server_response_time=958&epn.page_download_time=1&epn.content_download_time=1756&epn.dom_interactive_time=1756
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:29 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-Hp-FZa5XuJht59_6vLHFEQ&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=7803&dns=20&tcp=734&rrt=0&srt=958&pdt=1&clt=1756&dit=1756&a=4944&z=0.4908964593505323&gtm=45De1110&t=timing
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Jul 2023 21:20:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
77790
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 2028
16 B
209 B
Fetch
General
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.167.44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-167-44.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 24 Jul 2023 18:57:30 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame
0
0
Preflight
General
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.10.167.44 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-10-167-44.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Mon, 24 Jul 2023 18:57:30 GMT
server
nginx
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
900 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1690225050841&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1535&pt=1860667983&tz=0&viewable=true&ddast=V8Bm0CLAaIMipJpJWYUhAQZVSSSCsxpSgAAABgYID-AEkuLJORZ7Jby2y2xVo02i3WCpdv5VZNTJPVajTbLJwLIyDJhWUy8kx2a5nNtliLRrvFWuHyrdyqiWmyWo1mm4VzYQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZBaDodPte9Xvf73SU-z1zj9yv8QofTLXfY3ZqH3a18uIUOp1v0sLslL7tb9He9pQ-7W-S3--xC09tsBwAAAAAP_v___yEAAAAARAAAAACQAAAAAEAhoMK_BYELAAAAABj-____NQBAcThwl-vzNF3_AQAAAAAEAAAAAAkABPTDEgAxxnsn_v________9jDNBn3sj4____v2HQA-DBB8CDEAAAgI8hJ9gzgf4TPNVECoqLMAIAAAAgaVRndmSSTlCxqPL__99vBeAKAEBAYuKQ2ncW3UGJtzAAAAACYxboYfH7zQ67xu92mf________9_M_9n_tEIFcGRpgkacaVQ8wsIALDmFxAAgI26AQB4IwAn6BC0YjBYnYCYHQAAAIA7_____3pAZjUc2UajwW7jca0cFt9uNPGNZpvZxmXxrSYrj_dQGpU7-zOBtfbZEJbZ7zsoKKenx-wyyFguk0F80DAsJ4NgfiZsMVpNJpvlcLZcTAbD0XA02p-BWKwGaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweByYRotVsu1aDDcrUXL3cwtcfiGa4XH5lkNhsPhyrZZi14f08ViHM0coy0SDDjai-RpkU5Eo5HHOVmMBsPhxuJyDXarmW218YxcjsFisFlsLGKJ5mSRTmSXfWc1HNlGo8Fu43GtHBbfbjTxjWab2cZl8a0mK4-_uFyYRovVci0aDHdr0XI3c0scvuFa4bF5VoPhcLiybdai18d0sRhHM8do35gtB5PJajAa7Ruz5WAyWQ1Go32HzvBdfc5GZVkl-diEVtXjeLY5DQqXweL9SUyLaXd28Px-R6fJ8LsWdEa_3-_3-_1-v9_vN2g9B7NB4TumdU_T9SesJXavg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hFzqcbrnD7tY87G7lwy10ON2ih90tedndor_rLX3Y3SK_3WcXmt5mi1giOF2kE9HLeLqo_8ghRrO5bjBXLHZzxWCySgAAAAAAAAAAlmCa6SYAAAAATgY13AwXq3U6mMlsMtitlgvgIihLFzAIAAAAAADALpuXdqJDDSehYo091gAPs9therklPs_Gb2UAEsx5zDb7jCDWarWsAQAACGADAAAI4KYbbwLCrLj_____cQAAAGTk0AMAAKDfB5QFAAAAAADAb6BVg_0DUCHWarW63Vir1QI!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=nonrv_vA!orstbycnd3_vB!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.1.2/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
882bdd45746d260b3cbd58252eb63361ccea2b151779e8ce2bde631692f61518

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:30 GMT
content-encoding
gzip
server
nginx
machineid
1486
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel.gif
travel198849194933.s.moatpixel.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://travel198849194933.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5135&ui=0&uit=0&h=0&th=-1&s=-1&ts=-1&bfa=-1&d=bg3.co&L1id=30000490&L2id=50002626&L3id=60017721&L4id=70013567&S1id=googleads.g.doubleclick.net&S2id=300x250&ord=1690225045996&r=597174175987&t=page5&os=0&fi2=0&div1=0&ait=0&zMoatSubdomain=bg3.co&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&bedc=1&nosend&q=4&nu=1&ib=0&dc=1&ob=0&oh=1&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.197.124 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-197-124.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:31 GMT
collect
region1.google-analytics.com/g/
0
54 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je37j0&_p=4944&cid=328934196.1690225046&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1690225046&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhai-nan-san-ya-hai-tan-ren-tou-zan-dong.html&dt=%E6%B5%B7%E5%8D%97%E4%B8%89%E4%BA%9E%EF%BC%9A%E6%B5%B7%E7%81%98%E4%BA%BA%E9%A0%AD%E6%94%A2%E5%8B%95%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/
0
94 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230723-13-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 24 Jul 2023 18:57:31 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7552
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230072-FRA
pragma
no-cache
server
nginx
x-timer
S1690225051.328697,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pixel.gif
px.moatads.com/ Frame 0BBD
43 B
251 B
Image
General
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&ra=1&pxm=7&sgs=3&vb=-1&kq=1&lo=0&uk=null&pk=0&wk=0&rk=0&tk=0&ak=-&i=TRAVELAUDIENCE_DISPLAY1&ol=1458947768&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(K3%2BA%24%3D!!tex8j3Mn%3Cz%5D6WAJN3NZ_h)G%3E3%5D*lTr1W*d%5B4kf%2FLyUoRdByZ%3CPnKMV%25%3C%2Cbq.%22oDOk%2Cz%25GY&tf=1_nMzjG---CSa7H-nHVQZC-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=2%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-8BdYrdgGjXhDLOlS9taa18sl5UMbMAFrHQZRAnlp9pAdeA91T5s1LwZtUqv15LnesVBD&rs=1-E31B1BNzs6uFgA%3D%3D&sc=1&os=1-Cw%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MwBtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=300&qe=250&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&qr=0&vf=1&vg=100&bq=0&g=1&h=250&w=300&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&zMoatGSR=1&ph=&pj=standard&zGSRC=1&gu=https%3A%2F%2Fwww.bg3.co&id=0&ii=2&f=1&j=https%3A%2F%2Fgoogleads.g.doubleclick.net&lp=https%3A%2F%2Fwww.bg3.co&t=1690225045996&de=597174175987&cu=1690225045996&m=5471&ar=c013c52fed3-clean&iw=e184fba&cb=0&ym=0&ll=3&lm=3&ln=1&r=0&dl=0&nh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=250&le=1&lf=360&lg=1&lh=131&gm=1&io=1&vv=3&vw=0%3A3%3A0&vp=0&vx=-%3A0%3A-&pe=0%3A-%3A-%3A1193%3A907&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&ic=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5135&cd=84&ah=5135&am=84&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=30000490%3A50002626%3A60017721%3A70013567&bo=googleads.g.doubleclick.net&bd=300x250&gw=travel198849194933&zMoatOrigSlicer1=googleads.g.doubleclick.net&zMoatOrigSlicer2=300x250&zMoatDomain=bg3.co&zMoatSubdomain=bg3.co&zMoatSSP=0&zMoatDeal=-1&zMoatIMPID=Q8tCOQJS1F42Cpb-A0zB0Gbexq9QPTmyzcScUg&hv=Standard%20Image%20Ad%20finding%20&ab=1&fd=1&kt=sframe&it=500&oq=0&ot=0&zMoatJS=3%3A-&ti=0&ih=2&jk=4&jm=-1&tc=0&fs=204627&na=531680981&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.123 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-123.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.ads.travelaudience.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 24 Jul 2023 18:57:31 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Mon, 24 Jul 2023 18:57:31 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202301/4f542554f89695ce4a027aa056097118.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/18a7e3be6b270092f19ff35dc6a97ae7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/049c7f4ad5aad60f6fc042df982b6d22.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e5005c5308bc7c9467fcbd7e627d95de.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202109/1f37b8b29da65bb7711b25e687d33c61.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202202/82ab7bbe57b8b8339f37d9d152f4f574.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/09740c668fb27baf6b9563471727d285.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e3822bcbc627f799d99bc89b318cd464.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/29a5314c3a1d44ecc1089d22a8ed1104.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/5b59010017b3fe303e1159af72427cfe.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/7156afbc3a3f4005800ed4e4b8ee8229.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202010/9346a255cd2c5b88a55511248e9dda6b.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/5eed160f905dbd9bee18c9ee6a31e3ee.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/587541147a553bd94cfc1e718b71021c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8f8d71d78c948a341dc713a437efca80.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/4041dccd2d6c25556233d27a67ee8da9.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202107/35c1505224bf70661848f4739132f505.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/97a4c40e47890e6e884e05c2a5048a0d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0e556532c7853e54be9bd48ec6276007.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/502b73ece4de97fa8352f5eced740110.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/880e71c53cc80a41380d15c709a0a5a5.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/841c21cc915a6c3e69d41b637e4e3023.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/09827277fd64d89a1a5afa7d40d2133e.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| _taboola object| adpushup object| ucfad_async object| AMP function| _typeof object| TRC object| _tblConsole undefined| msg object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| setImmediate function| clearImmediate function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| $ undefined| jQuery string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| googlefc function| jqAlias function| __d3lUW8vwsKlB__ function| runAnimCheck object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing string| nam object| placementData number| ampAdSlotIdCounter object| cmTag object| _qevents object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter function| __an6na521li18__ object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| _cm_wfCounters string| lastWfUrl function| quantserve function| __qc object| ezt object| _qoptions object| gaGlobal number| ampAdPageCorrelator object| ucf object| request string| paramsString object| listeningFors number| 3pla object| regeneratorRuntime function| webpackHotUpdate function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer boolean| noPreviewPage function| _lgy_lift_callback_4308934 object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| google_reactive_ads_global_state object| IMUIDPushed object| IMUIDRequest object| IMUID object| google_ad_modifications number| google_global_correlator object| google_prev_clients

39 Cookies

Domain/Path Name / Value
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D89a44159-4087-497f-ba78-acf350888e63-tuctbb84f14
.quantserve.com/ Name: mc
Value: 64bec994-e00b9-eb9fa-3deac
.bg3.co/ Name: __qca
Value: P0-221926241-1690225044793
.aralego.com/ Name: sspid
Value: 68cb8c2f-a237-348d-b51a-c419a386a4b1
.travelaudience.com/ Name: _tracker
Value: %7B%22pb%22%3A%2290000%22%2C%22UUID%22%3A%229AAD81BB-1267-450D-BBEB-60767AF0CDDF%22%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUn5teGrdsoKEgztc0ifn9AqAhawwbzytvidw0CP4z4N4juEbOE-t_G9-CNAjOs
ads.travelaudience.com/ Name: _tracker
Value: %7B%22UUID%22%3A%229AAD81BB-1267-450D-BBEB-60767AF0CDDF%22%7D
.bg3.co/ Name: _ga
Value: GA1.1.328934196.1690225046
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1690225046.1.0.1690225046.0.0.0
.www.bg3.co/ Name: _im_vid
Value: 01H64M6X171KXE1BFNKM1F9ZWF
.simpli.fi/ Name: suid
Value: 4EACE29F9CAA43EC8E2B45CBC4CFCE02
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 95d8c55b11744f41
.bg3.co/ Name: __gads
Value: ID=5196bfbb5775e6f5-2225e66dede200e9:T=1690225046:RT=1690225046:S=ALNI_MZtzDGtMr0Yp9nPQkQG3Co7wcrs3Q
.bg3.co/ Name: __gpi
Value: UID=00000d128004e592:T=1690225046:RT=1690225046:S=ALNI_Ma4jtWx6C1pueKbTQGPwYaZ42L0VQ
.amazon-adsystem.com/ Name: ad-id
Value: A4zcEZq24Eagns27x3Igq6s
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.hspvst.com/ Name: VI2677
Value: %7B%22time%22%3A1690225046%2C%22utid%22%3A%221723e3b6e781b503558ae548c4e69702%22%2C%22t%22%3A%22P%22%2C%22s%22%3A%22%22%7D
.hspvst.com/ Name: VIP2677
Value: 1
.quantserve.com/ Name: d
Value: EHQBCQHFKYEA
.3lift.com/ Name: tluid
Value: 3154726170156374120066
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3388b781-8a3f-4627-95e8-3c481e5b81cc-003%22%7D
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7711783692229790669
.w55c.net/ Name: wfivefivec
Value: nYplWdoL1Qo0Kj5
.ctnsnet.com/ Name: gid_CAESEOp7nmXIR53KBvUBQTXA_mo
Value: 1
.ctnsnet.com/ Name: cid_d801c878d6f848d6abeb8f58bd5fec0f
Value: 1
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-3388b781-8a3f-4627-95e8-3c481e5b81cc-003%22%7D
.tribalfusion.com/ Name: ANON_ID
Value: ahntuJm5ab6AyuoCTNTAZdepn6gWdUbfgtbYiM60H7vSH3w5x0xmBcwLtM95MIuck2kIs71N8ZdWyVuvXrgeD6Aae0
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.awin1.com/ Name: awpv11354
Value: 412871|1690225048|ef604520-2a53-11ee-87f6-2265f034cf4c
.awin1.com/ Name: AWSESS
Value: 377129:2470185
www.conrad.de/ Name: HTLP_timestamp
Value: 1690225048364
www.conrad.de/ Name: CEAffHA
Value: YD
.www.conrad.de/ Name: __cf_bm
Value: twWhT0e_Mf3G_.6PJNnxEZZuQkX2Lgkaf02VhcVkybo-1690225048-0-Aacy26hTiIP1i+ZO29tq+TB/v1JSlMWJZ1INXK54DyDB5gcYRs15u9V1zoZkNZNWwJo2vafpuz0aXLagiSm6wcA=
.doubleclick.net/ Name: APC
Value: Aa3gxNqQO0guw7aLLvCVuOcaSLskaaoqy_wKSD5Wh1bCbjX56m9wUQ
.o2online.de/ Name: nscT485
Value: v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjkwMjI1MDQ5dmxlYTFkZTIwMjMwNzI0MjA1NzI5ODcxNDM3MTA0ODdYMTE3NzAzVjEyMjYxMzI3MDJNU3JlYWNoX1NVQklEVEVTVF92aWV3MTE3NzAz
.o2online.de/ Name: nscQ485
Value: V
.o2online.de/ Name: webShopPV
Value: ?partnerId=O2_AFF_CTA_EXA_15012&mediacode=AFF_la_117703_-HTLP&utm_term=AFF_la_117703_-HTLP&utm_content=O2_AFF_CTA_EXA_15012&spid=2023072420572987143710487X117703V1226132702MSreach_SUBIDTEST_view&wfid=117703&affiliateId=v01MTQyMTExMjExMTExMTExMTEwMTQyNjUwMDAwMDAwMDYxNjkwMjI1MDQ5dmxlYTFkZTIwMjMwNzI0MjA1NzI5ODcxNDM3MTA0ODdYMTE3NzAzVjEyMjYxMzI3MDJNU

33 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202107/29a5314c3a1d44ecc1089d22a8ed1104.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202202/82ab7bbe57b8b8339f37d9d152f4f574.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/e5005c5308bc7c9467fcbd7e627d95de.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/18a7e3be6b270092f19ff35dc6a97ae7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e3822bcbc627f799d99bc89b318cd464.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/049c7f4ad5aad60f6fc042df982b6d22.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/5b59010017b3fe303e1159af72427cfe.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202109/1f37b8b29da65bb7711b25e687d33c61.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/5eed160f905dbd9bee18c9ee6a31e3ee.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/587541147a553bd94cfc1e718b71021c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202010/9346a255cd2c5b88a55511248e9dda6b.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/4041dccd2d6c25556233d27a67ee8da9.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8f8d71d78c948a341dc713a437efca80.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202301/4f542554f89695ce4a027aa056097118.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0e556532c7853e54be9bd48ec6276007.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/97a4c40e47890e6e884e05c2a5048a0d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/841c21cc915a6c3e69d41b637e4e3023.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/502b73ece4de97fa8352f5eced740110.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202107/35c1505224bf70661848f4739132f505.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/880e71c53cc80a41380d15c709a0a5a5.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/09740c668fb27baf6b9563471727d285.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/09827277fd64d89a1a5afa7d40d2133e.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/7156afbc3a3f4005800ed4e4b8ee8229.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2EvaGFpLW5hbi1zYW4teWEtaGFpLXRhbi1yZW4tdG91LXphbi1kb25nLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://z.moatads.com/travel198849194933/moatad.js(Line 138)
Message:
The deviceorientation events are blocked by permissions policy. See https://github.com/w3c/webappsec-permissions-policy/blob/master/features.md#sensor-features
security error URL: https://as.ad4m.at/ad/dr?ed=1gnaketkm5gh20yt2enhrydaj2fxvscggq54q6c0xes0e9fm16sx4cf4rahstg5776shqmgxs4t9sfn3q6rsq13kg6kftmkphsfsx86b71vbc8f88j2bvwrbxz3crrmsfbxkywj774vtx9e5qq7qtfpj6ndr8whw79a9b4bjb30v6pkhdhxqycnq75sc5mg4kfff2a7ecm8bxmdwb87qdxgmt52pj194zn3ypj9rff65aw9jwdqhd8bmmv5c3f0ns52chzx2s6mz3f1z5mhpek7etp78tjw8yrnwm63mptscergxrp4mpk1bbew3hd0nvpv0sngsr01ptkcyc11ccn1k795rybr014mqtpj85qb620pzvfwmdevhndv1v577cgk04deb4wt1r8a0tdhyzr0cwbgecz29d39fmjeexgypsadsgg&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://ad4m.at/r62eglto.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://as.ad4m.at/ad/rar?a=14019%2C197101%2C183975&b=JBeszf5fZj9TBH6H7tptp5BaxSgTbWguA8%2CzmrcRfYfqBWPTpHBHMtqtzzAfVSwTgBqFrd%2CgVXF8frfY8G9CPHbH8t5tr17hmSQTm7VFMP&f=GjeTBfpf4BPhKHeHGtBCp5waZSYTeA9tY1%2C8RZUDf8fRGDdugHJHEtqCkkYcGSwT8J9TzD%2CBjeTgfPfxKAmaxH6H3tgC6wVfjSeTmVpFB2&c=300&d=250&e=&g=fcfc02412c838de77b1c75115b4ab7ad%2F14660394764624136663&i=21596%2C20774%2C20597&j=16%2C14%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach02_SSP_CONTROL_ADX&r=1690225047949&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g8811rb509j2qrw6grcmvh614n8qr9840ggww06nss6sy2hxnzdw0vdtmtv279sf80v6jkhg33x8249exvwbr2t19w5h0wdq61t0r2gh69w1q3ad78nnsezssjjws7e10awyke3xw5qb18f6jd1de24218wyx1jgec9mdm5w9wfjmhp5yme74brrm9w032nv8b3932hyb8jkzj5k14zkc5cwskr1w2sc14brwx1jp6dr5qyp620v17m4ka2gz1tbgx68rjgyjfy265qtv3g%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCEDl2l8m-ZLeOBJn8n88PodGumAOQ4YGEXLaoworwAsCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQICP-6BZZqyPqgDAcgDAqoE7AFP0ABkH3yK-FcmZBSBWHDLie0X-q0ZpGGEE65_Sc3CdzMCj1y9i7j1ijbDeoqDDyhVBsYWmqJSNolJNCs2gULjXXiGSFCTyjB3yEiD_5g8NmQXRIhRvzvchRWBHDNBuQxWEylmW0ug2I7X_lvHMPbwtdP44EZYgJq6zswN9DHpouHMerhOtwd1eyIAji0BmNua19-FY6DptHsrRmLQFabBLu94iSmfgfZoPSAPuVzSzFpu6nZgTvAtmwM2rhTY93a8R41wfcKUfSN6TlKzdPIbRaVChI9MpGtir1E7ZyCBCjVesgKJx5GRCuqXcYAGnr6F-fzR3IbdAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%2526num%253D1%2526sig%253DAOD64_3nVKfGg14fXYS042Bg3AOO1dEnYQ%2526client%253Dca-pub-4485239425924787%2526adurl%253D&y=1&s=&z=0
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.
security error URL: https://analytics.webgains.io/pvClk.min.js
Message:
Ignoring duplicate Content-Security-Policy directive 'worker-src'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10625a326852f021794df7af05d29ac7.safeframe.googlesyndication.com
76ebc37c65beaae2fe65fa00797a71e5.safeframe.googlesyndication.com
a.tribalfusion.com
ad.doubleclick.net
ad4m.at
ads.aralego.com
ads.travelaudience.com
ads.w55c.net
adservice.google.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
audiencedata.im-apps.net
bh.contextweb.com
c1.adform.net
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
cti.w55c.net
d-1870546441130110630.ampproject.net
dclk-match.dotomi.com
delivery.adrecover.com
dmp.im-apps.net
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fundingchoicesmessages.google.com
geo.moatads.com
googleads.g.doubleclick.net
gum.criteo.com
http-intake.logs.datadoghq.com
i.w55c.net
images.taboola.com
imprammp.taboola.com
ius.ctnsnet.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
partner.o2online.de
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
px.moatads.com
region1.google-analytics.com
rtb.ads.travelaudience.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
static-de.ad4mat.net
static.bg3.co
static.travelaudience.com
stats.g.doubleclick.net
sync.1rx.io
sync.aralego.com
sync.logly.co.jp
sync.targeting.unrulymedia.com
t.hspvst.com
token.rubiconproject.com
tpc.googlesyndication.com
track.webgains.com
travel198849194933.s.moatpixel.com
trc.taboola.com
um.simpli.fi
ups.analytics.yahoo.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.awin1.com
www.bg3.co
www.conrad.de
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.lead-alliance.net
www.storygize.net
www.telefonica-partner.de
x.bidswitch.net
z.moatads.com
static.bg3.co
103.231.174.251
104.26.5.103
13.114.150.222
13.248.245.213
13.32.145.27
13.32.145.6
141.226.228.48
142.250.186.34
151.101.1.44
151.101.193.44
154.58.197.185
167.233.13.224
172.217.16.134
172.217.16.194
18.134.113.28
18.158.162.107
192.96.203.13
2001:4860:4802:32::36
2001:4de0:ac18::1:a:2a
208.93.169.131
209.54.182.161
23.192.250.178
23.197.120.249
23.218.210.30
23.32.185.123
23.97.225.52
2600:1901:0:76b9::
2600:1901:0:e207::
2600:1f18:24e6:b901:a60:36e3:e4d:4584
2600:9000:211a:1c00:1b:5138:8a40:93a1
2600:9000:223c:8600:6:44e3:f8c0:93a1
2600:9000:2248:2a00:3:4706:a6c0:93a1
2600:9000:2491:8000:1b:f040:3600:93a1
2606:4700:20::681a:567
2606:4700:20::681a:bd1
2606:4700:20::ac43:444e
2606:4700::6812:18ad
2606:4700::6812:7f05
2606:4700:e0::ac40:6719
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:801::2002
2a00:1450:4001:808::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:827::200a
2a00:1450:4001:829::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a00:1450:4001:830::200e
2a00:1450:4001:831::2003
2a00:1450:400c:c07::9d
2a02:2638:d::d
2a02:26f0:480:f::213:7ec8
2a02:26f0:480:f::213:7ed4
2a02:fa8:8806:13::1370
2a05:d018:d29:3602:9f1d:de60:1b9f:c4d1
3.10.167.44
3.120.19.63
3.71.149.231
3.9.88.183
35.186.193.173
35.186.253.211
35.187.184.108
35.190.0.66
35.204.158.49
35.244.170.237
37.157.6.242
46.228.174.117
51.89.9.254
52.223.40.198
54.148.165.122
54.249.104.171
69.173.144.138
69.173.144.165
84.200.5.215
92.123.12.141
95.101.197.124
0001f9204e0a7a42bbd784321b21240e17f73fb2e1ef8a12f6bbdf45b321a108
00c5621a3f56c052959f8f0591b65e893f132b49b1447fde20767966cacbfbfe
01e65b90a460d22fe0d37f9505d831684e25709967d33967263a614fa4ebe3d0
032aee61923ef53fb2b9efbb5d55f771f780e9c2fce9c076638b809a9607eee3
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0f1ecd101ab777d1ca7531c4a76cdcb6b5def1fe540c53ff2fc422ad57b45290
1026a4e8d276f9f976b08a88287ac04619e45a3a4ef34b42291ea2df3ea62f78
120c9e94254d88820087e02ce6c3b51ddfd436bf1281e13f92e1c36233d14a73
12a81bb89af8e0d716862eb124e4d37814d07ae387749378e08f7a8fcd81b512
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15491372c6b6b02a7f7a7a5a0709ab3325690316125b050d4dcd460bce90ced0
15de2bea0f33dfe7ad7f419efff11d608fbc35cd7eb535d13fdce4f12f48ec38
16ee6d9a2fdd8465eae5e3c6d0bddb185d37a4c6c6b974be4f6c22050a7486bf
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
18f6e93b6e1ac6b3971bbf06396514d80559a3df081ae53f7f59860b878d6e91
1b771e6b9392f5a4e0d3ec1f63f18c0d7d93e798db9e1b7772ae64d665deafe5
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1bf92c4de563005f28b6e5e9bf0eacdaac33d1a62edc43db73e6758323a73d1a
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f9651f357de066bba58f4b058cf839fbd0ef41684e3d55b98d786e81a43451f
1f99dda274265a192fbab0d56f5e85d4f132b6386a0a50d491a79c57bf9a3aba
25cf0f0ce42f8acd9ea6facc223f54105c7fd0cce63fb7bb5d83e6600100acbd
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
29d2ef5c412a56e24eb5ad65c0c9e7cffe2521db43de6d33fa64e48d59beeae3
2a95b058fb7f372d8d10c64d316dc4d85cb4094383a4d1fbbb58eb63a1008e26
2ac380584e9cf8bd45e0fc4fdae4020cd8a4b3de168c6ba2fcd7d918d9b14ebc
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2bfbdd3546188e48e60404db086d35c38d20e85149bf3e628b628195d3726d2e
2c9b8113d6325f4b08af88eb603bb81c66455703d33ae56b44e44364b174eecf
2d7e861c1407e3c5a8ab9c3ae716b1eb2d6ceb7609bbcec0c257cb223aa29c42
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2e949f7c00fb28395839347af2832e00b0b17fa659b9107b1fe97e033cffa957
2ebf6fcbbc205dbfbf719a54a1c4e1937c2b4e2aef162a6d2574b86a103a4390
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325e59cf15f115ec9e8f6ced6d0ac0ec5b0207e55cbb689108fcd2ee7a7405d8
38a645e52df4f9dad43ca36901e1d126eeb38aeb87b3df5fda32ed3df90c8ba8
398361d173efba75d8499343b1dde2b5e98b586c7406411c10282662588ceb14
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b6eef7c993ad851d1978da4844fd4c482b024fdf58790c36750f8110b4bbcbc
3d64c6c5e2c6d18767d2df0a7109a6424de4d8e36f779bcb116046b06d748308
3e735964891880304732540ea946e4d622c817e86aef9ab10c7a04d5c77f409e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f5dcbea96239f07b39c41eacbc25dbbf7fe3d397ba1c4e02f5ee9e1c25518f7
3f5df93a32fe70c32f336098147de918a0122aaa41b3269a2d5c094a4b1fd851
3f95ba6f7ba10cac5d85ca14b9958539a100f3cec08258fd3c72d03f88256df9
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41b9b9d488e3a57902a671111dd089363c2f7d3a41ec3177f196abbb7cbac078
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
450b99e9a62f42de2bc836fcffbb5538e7b613414ccd7ed9099a60481b525f46
46345338a9b1b80c0bfc7aac1ea9797456308b61f7bf9aabe21eb7a04f25c1e4
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
473f7ecbd50d5f917307b795db8c81e3998d1767349c4e575f1291d0c084ee8e
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48544d39ceaebb01d8e31886a19c82330f02125740397558bb0baa16b81b8c6f
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ba9b389f288b74287bbb83908f5ea61435f6c8f92fc91e099efcd780d5f85f
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4962c066bd951ac6dcb4f5b57b96302acd7eb917e6368394b4e993135c3ca573
4bd8894acc33b04294418027b87cbc32f40e5661e56f642162940f3867fd0102
4d77fe1a9555985d6d3981209d00dbe2d28208cb42917322b57ec2f73b6e075b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f5d8abbbeeae13bfe25acfb99235e0ce9f8b9e41cde8df150e182d5e547b978
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
50caa335b1d001d27eb325707cae3e24bb113170e9a2079bb61b74c9546b3a20
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5cf88404900dc2dd2751f3fc2c2d6335d5401a378eaabe01e617316c2708c63d
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5f73dbf0c52edb570d0ad16efccefa6a5f8d053719c2cc827cd69148fede6aa4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63088eae25dd385b24269ce5de88876f70ecb0349f5dc43d87c7ac280ccc35fd
6700c52dc66ecc201a28ff5e504b0a0d9ced88bb9516d9cbcd6212db27fba563
697a485d98d08e27bff197276460857929881b7ce97704e5ca58da9c244113b1
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b228a67dbaa860fafc158d874c0583ea237a8994cc55b353c0224f18155279e
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c60fe0df8b6cdff2fc3a11a4c823044c1ac965cb56256c487becec35a9e2498
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6ee7cbecc2f7c52ae841c1fbc60adb3abeb507a32c7b227d524493ca89e7d3de
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7e917a2850005bebc49582dfa4c6ce177a94a1c4c202340ac4a526ec9cd5b876
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7ee7c30f06cf973c4d9801f35efea3825b00a63227516ac6f6ba3600b0a37a07
8065f98a0c313ee69495c3c529c6d093e08c980c4419bdf2c9c7318925056ead
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85fb523567869516f07b3499050dac9667c49c0627a0a371754389d795bb1bc5
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
86f0d371546469a16764f6884ebeab4ca4dadbd641b47855eaa9757ac7abbbbd
8761dc78a8af6c82ee4fc1c1fba7e7312f453d5ada14a32d5e9ecaf004ad45d8
882bdd45746d260b3cbd58252eb63361ccea2b151779e8ce2bde631692f61518
8b3a1fca51143901c1bd7b954117bc81b0114692af7fdc4c3fd6a4b3ba58ebe4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9187ab9115e1b57c02f8c11443d3cf3a6464f78cb410d440137b5cffe1aa5f6b
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
9457a23a9affbdd76a2510ca409e6db5bc6985d86084bff08cebf06f6e7a0467
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9dcf8abf06f74792caf9b0eb75556568165e119a2273611136f0436d652cdc45
9e97e0a0dcc9bf9088907dbabcf2ddddce22f29c9f451ffb5f329117e94170df
a01f1ff8009b20183447681053e668bf82ac4025660a179bcfbe08370ac621b0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a617bb48ec9aab70464442043162e72773356dbf0940b54befcc8fae26604858
a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c
aa9434c9216e4a8ec705bedb08ad4d91e193ef60b18a6dc379c72f785855ce15
ad1db962f0c7870ea69a2d5dc862c25da90e677901777cb56415e319785fd2b3
b1000f75e1ca3cc63fd1fa8de524b4cf9bfa4c564e10a70824556aae2d075d45
b135322cfb704a2cdf021495088a7af31b55f67968808d09827ef23617e96884
b1e2d3f970f197c1b9fb49d34865dfb36cc299f3babb9080acfc36b035551c9c
b61d3b1b1510c8aeb458de7087bce1f86aad0323f54a0f146847f0f3b217dc84
b6dcab13480d66475b82ad03c7cc873d82881eba3b2b237cef3f5612bbe99ea1
ba4a0c91bdda0c6f615970c6c39dbe9e47f84613f5460c2b21bf5d1eec6277a3
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bc577cd83b77ca7ae68e920423a57af78b90b7601b6a2cde93275f4ef5bc06ff
be5dea0996e10b5616e5812359c7e27a5b86bb97843de262c2e9bfab7e2bb5dd
bf7d7e68ce9f086dd78826a80ccef3acccb365a5d820ce194f88dcc52e67b7d9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ae6a18b973d0fbd53cd575408e3720cec1b94418b180ab6b83a82611eb1906
c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288
c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628
c4770185948e11618550389caa2e9e344f81cadfe55ec5448917e7a0293daede
c617833c2dcf6c7a5a01f378b855b71e4fc64ca91c60a057db2bff578b897816
c7fadad9b16879e4e0604f80bd8ef6b06c4a660ec6434ff16d4d0c9e97c2724d
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cb6de99bf04dded7d7ee5d4440d3ee4c0e2b4e66085c3ffddcc317c11f3db48a
ce3f16fdcb4ddab782f38b4895e6db8158e1e9125a326ec3a15e4754852ff610
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23e0563abd9fcf5049f80f8ddb76ebb202f8620cc18e19b4b9a5c97f36f63b6
d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c
d4533249bc7e6699013673d6ed47fa170f00d0b116573317b8429a54311c46ac
d4b3cf6066ae5f774c36da3ff9a829625ab6cc95c7e58934d6d2debfaba8fdb2
d87ae53f01ccd7eb0750cd0ea864450054ba99c07025b44db1bb7318bd57b1a2
de6a8212fc82a56c8566f2347d5a14060df3ba2257d602edbff9eff1b41c6877
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
dff36fb1433540958d8707a0235f82d1afa55e5335d099c34bebbfc5ba7485b9
e110ca8079116981495af7a2ab0e32156bfb91a2001daecba9ff565a4ab59ec0
e17ab51645544092b22460f4997a68a4d386c1b4aec3920874df701aeb0bb65d
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e31fe2f62ab830a7e251ba509c4acef6ee633189dbfd11b1dc50330127c68f3f
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5a3a9eb108dec4ac2859773e97a483389496a0f788772b591854e96b7ef5b88
e634cdea6fc8a42921753f7da1799c4719b763400d8891a778bdcc519e43c919
e8090651b52c256938df2fb0582f24521fe0476939aab81d01b7f31a7ac75beb
e91114cccdf9ca8ddcce6eecbe034bc2e422c70eb2740a8bc892d2feeee1dcf0
ed6acae7a9fe10a06060632b0f9e2c9ff507bc6237778ae3982f7e42bad5e98d
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32e8ef37e467b4df1bfbe30dd43bb63b6a4fd3e150196459ecbe60a413afeb3
f4bda5ecc987de2c971fcb1f7e2421dcaf0176421a50962150bb2b5de69e3232
f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f79df0ae9aa50c4c9c6890787cd830e481da4332f0c53640b3c0d7272e5aa348
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffae8fb9199235cf70171d14a964159b4eda2da695a258c2586de98e3cb27bb2