URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Submission: On September 05 via manual from US — Scanned from CH

Summary

This website contacted 56 IPs in 9 countries across 43 domains to perform 313 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
11 2a00:1450:400... 15169 (GOOGLE)
3 7 192.96.203.13 30633 (LEASEWEB-...)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
14 2400:52e0:1e0... 200325 (BUNNYCDN)
1 152.199.21.70 15133 (EDGECAST)
5 2a02:26f0:ab0... 20940 (AKAMAI-ASN1)
39 151.101.1.44 54113 (FASTLY)
1 2001:4de0:ac1... 20446 (STACKPATH...)
31 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:d::d 44788 (ASN-CRITE...)
8 2a00:1450:400... 15169 (GOOGLE)
2 23.97.225.52 8075 (MICROSOFT...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e6:... 13335 (CLOUDFLAR...)
1 2600:9000:223... 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
16 185.106.33.48 200478 (TABOOLA-AS)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
5 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2620:1ec:bdf::45 8075 (MICROSOFT...)
5 141.226.228.48 200478 (TABOOLA-AS)
6 3.33.220.150 16509 (AMAZON-02)
1 4 2a05:d018:d29... 16509 (AMAZON-02)
10 95.101.149.233 16625 (AKAMAI-AS)
2 2 23.201.255.110 16625 (AKAMAI-AS)
4 20.114.189.70 8075 (MICROSOFT...)
4 8 69.173.144.165 26667 (RUBICONPR...)
1 172.105.43.230 63949 (AKAMAI-LI...)
2 69.173.151.100 26667 (RUBICONPR...)
2 4 69.173.144.139 26667 (RUBICONPR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 16 142.250.185.130 15169 (GOOGLE)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 2 52.94.222.140 16509 (AMAZON-02)
1 2 52.46.151.131 16509 (AMAZON-02)
22 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
12 169.150.247.35 60068 (CDN77 ^_^)
5 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 38.98.69.175 174 (COGENT-174)
1 1 20.85.134.6 8075 (MICROSOFT...)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
4 4 13.248.245.213 16509 (AMAZON-02)
2 2 185.86.138.151 201081 (SMARTADSE...)
1 1 35.186.193.173 15169 (GOOGLE)
1 2 104.86.61.128 16625 (AKAMAI-AS)
2 2 185.64.190.78 62713 (AS-PUBMATIC)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 35.157.139.48 16509 (AMAZON-02)
1 1 20.127.253.7 8075 (MICROSOFT...)
1 162.19.138.117 16276 (OVH)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2001:4860:480... 15169 (GOOGLE)
313 56
Apex Domain
Subdomains
Transfer
60 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 919
trc.taboola.com — Cisco Umbrella Rank: 614
vidstat.taboola.com — Cisco Umbrella Rank: 2542
il-trc-events.taboola.com — Cisco Umbrella Rank: 20471
images.taboola.com — Cisco Umbrella Rank: 1780
imprammp.taboola.com — Cisco Umbrella Rank: 15906
am-match.taboola.com — Cisco Umbrella Rank: 16049
wf.taboola.com — Cisco Umbrella Rank: 2698
am-vid-events.taboola.com — Cisco Umbrella Rank: 14973
vidstatb.taboola.com — Cisco Umbrella Rank: 4450
am-wf.taboola.com — Cisco Umbrella Rank: 17391
862 KB
53 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
3e3cee70c05ed1736f82af86df621de4.safeframe.googlesyndication.com
0c88d885d498c7483d95dcd3213fbff4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 150
681 KB
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 203
stats.g.doubleclick.net — Cisco Umbrella Rank: 87
googleads.g.doubleclick.net — Cisco Umbrella Rank: 40
cm.g.doubleclick.net — Cisco Umbrella Rank: 237
pubads.g.doubleclick.net — Cisco Umbrella Rank: 421
541 KB
26 rubiconproject.com
eus.rubiconproject.com — Cisco Umbrella Rank: 593
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1036
token.rubiconproject.com — Cisco Umbrella Rank: 597
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1110
pixel.rubiconproject.com — Cisco Umbrella Rank: 366
61 KB
26 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 32070
stream.unibotscdn.com — Cisco Umbrella Rank: 47771
3 MB
11 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 405
218 KB
10 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com
124 KB
8 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 900
t.clarity.ms — Cisco Umbrella Rank: 7691
c.clarity.ms — Cisco Umbrella Rank: 1455
23 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2547
760 B
7 google.com
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1504
www.google.com — Cisco Umbrella Rank: 2
12 KB
7 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15810
e3.adpushup.com — Cisco Umbrella Rank: 18406
279 KB
7 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 40826
sync.aralego.com — Cisco Umbrella Rank: 2723
4 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 348
2 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 41
imasdk.googleapis.com — Cisco Umbrella Rank: 488
357 KB
4 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 388
2 KB
4 amazon-adsystem.com
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1076
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
2 KB
4 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 451
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 47
265 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15124
42 KB
2 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 752
1 KB
2 owneriq.net
px.owneriq.net — Cisco Umbrella Rank: 1590
476 B
2 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 777
967 B
2 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3663
sync.inmobi.com — Cisco Umbrella Rank: 1434
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 214
114 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1104
649 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 365
917 B
2 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1240
pixel.quantserve.com — Cisco Umbrella Rank: 928
10 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
765 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 400
1 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 558
35 B
1 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 7140
233 B
1 ctnsnet.com
ius.ctnsnet.com — Cisco Umbrella Rank: 6851
619 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 13061
631 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 5723
728 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
17 KB
1 unibots.in
newsbot.unibots.in — Cisco Umbrella Rank: 55380
693 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1136
634 B
1 analytics-debugger.com
amp.analytics-debugger.com — Cisco Umbrella Rank: 25069
3 KB
1 ampproject.net
d-3020712156855592794.ampproject.net
1 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 426
288 B
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 733
30 KB
1 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 28688
10 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
16 KB
313 43
Domain Requested by
29 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
imasdk.googleapis.com
googleads.g.doubleclick.net
www.googletagservices.com
22 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
16 cm.g.doubleclick.net 2 redirects eus.rubiconproject.com
www.bg3.co
googleads.g.doubleclick.net
16 il-trc-events.taboola.com www.bg3.co
14 images.taboola.com www.bg3.co
14 cdn.unibotscdn.com www.bg3.co
cdn.unibotscdn.com
13 cdn.taboola.com www.bg3.co
cdn.taboola.com
12 stream.unibotscdn.com cdn.unibotscdn.com
11 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
10 eus.rubiconproject.com imprammp.taboola.com
eus.rubiconproject.com
ads.aralego.com
am-match.taboola.com
8 token.rubiconproject.com 4 redirects eus.rubiconproject.com
8 securepubads.g.doubleclick.net cdn.adpushup.com
securepubads.g.doubleclick.net
cdn.aralego.net
6 fonts.gstatic.com fonts.googleapis.com
6 www.google.com tpc.googlesyndication.com
googleads.g.doubleclick.net
6 match.adsrvr.org imprammp.taboola.com
am-match.taboola.com
www.bg3.co
eus.rubiconproject.com
5 pubads.g.doubleclick.net imasdk.googleapis.com
5 region1.google-analytics.com cdn.ampproject.org
www.googletagmanager.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 eb2.3lift.com 4 redirects
4 pixel.rubiconproject.com 2 redirects eus.rubiconproject.com
4 t.clarity.ms www.clarity.ms
4 pr-bh.ybp.yahoo.com 1 redirects imprammp.taboola.com
am-match.taboola.com
4 sync.aralego.com 2 redirects ads.aralego.com
4 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
cdn.unibotscdn.com
www.googletagmanager.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 fonts.googleapis.com cdn.taboola.com
googleads.g.doubleclick.net
3 trc.taboola.com cdn.taboola.com
3 ads.aralego.com 1 redirects ads.aralego.com
2 csi.gstatic.com imasdk.googleapis.com
2 c.clarity.ms 1 redirects
2 image6.pubmatic.com 2 redirects
2 px.owneriq.net 1 redirects googleads.g.doubleclick.net
2 ssbsync.smartadserver.com 2 redirects
2 www.gstatic.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 s.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 aax-eu.amazon-adsystem.com 1 redirects eus.rubiconproject.com
2 px.ads.linkedin.com 1 redirects eus.rubiconproject.com
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 secure-assets.rubiconproject.com 2 redirects
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 www.clarity.ms www.bg3.co
www.clarity.ms
2 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
2 www.google-analytics.com www.bg3.co
2 e3.adpushup.com www.bg3.co
1 am-wf.taboola.com vidstat.taboola.com
1 c.bing.com 1 redirects
1 id5-sync.com
1 sync.inmobi.com 1 redirects
1 match.sharethrough.com googleads.g.doubleclick.net
1 rtb2-useast.e-volution.ai googleads.g.doubleclick.net
1 ius.ctnsnet.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 mweb.ck.inmobi.com 1 redirects
1 aep.mxptint.net 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 0c88d885d498c7483d95dcd3213fbff4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 3e3cee70c05ed1736f82af86df621de4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 newsbot.unibots.in cdn.unibotscdn.com
1 vidstatb.taboola.com www.bg3.co
1 imprammp.taboola.com vidstat.taboola.com
1 stats.g.doubleclick.net cdn.ampproject.org
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 amp.analytics-debugger.com cdn.ampproject.org
1 d-3020712156855592794.ampproject.net cdn.ampproject.org
1 secure.quantserve.com cdn.adpushup.com
1 fundingchoicesmessages.google.com cdn.adpushup.com
1 gum.criteo.com cdn.taboola.com
1 code.jquery.com cdn.adpushup.com
1 delivery.adrecover.com www.bg3.co
1 www.bg3.co
0 static.bg3.co Failed www.bg3.co
313 78
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4
2023-05-22 -
2024-06-22
a year crt.sh
misc-sni.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
cdn.unibotscdn.com
R3
2023-08-31 -
2023-11-29
3 months crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1
2023-08-11 -
2024-07-12
a year crt.sh
cdn.adpushup.com
R3
2023-08-23 -
2023-11-21
3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1
2022-12-08 -
2023-12-31
a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA
2023-07-11 -
2024-07-14
a year crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-07-19 -
2023-10-18
3 months crt.sh
*.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
quantserve.com
R3
2023-08-29 -
2023-11-27
3 months crt.sh
analytics-debugger.com
GTS CA 1P5
2023-07-18 -
2023-10-16
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2023-04-18 -
2024-04-17
a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA
2022-10-19 -
2023-11-19
a year crt.sh
upload.video.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2022-12-01 -
2023-12-01
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2023-04-12 -
2024-05-13
a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA
2023-08-29 -
2024-02-21
6 months crt.sh
*.rubiconproject.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1
2023-03-07 -
2024-04-03
a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06
2023-02-13 -
2024-02-08
a year crt.sh
cricket.unibots.in
R3
2023-06-22 -
2023-09-20
3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
www.google.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.doubleclick.net
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
stream.unibotscdn.com
R3
2023-08-06 -
2023-11-04
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2023-08-14 -
2023-11-06
3 months crt.sh
*.e-volution.ai
Sectigo RSA Domain Validation Secure Server CA
2022-09-29 -
2023-10-30
a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01
2023-06-14 -
2024-07-12
a year crt.sh

This page contains 32 frames:

Primary Page: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Frame ID: 48239D853D7E54ECE6890ACAB8A737C7
Requests: 177 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=undefined&cb=1693929205103&uv=3334&tms=1693929205103&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9791b711-6e42-47e4-9aa8-837db0afe675&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 120309387BE53EDB1190EC54D69D5CDA
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: BE33D58A6AD2742CA9F255AF03C6D1C7
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 8B8A622096F4C93787BE2BDEB931BE2F
Requests: 12 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 63598040ACDF2D441A48E2C325E05B52
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 390E760120284AE2E4092C9A88395911
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: E1B8B32EEF9DB89579465FE2CF9D0AEB
Requests: 3 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A8F77DE18B426D4300A12E5D40A31DF2
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 79AFFB574FF5B63F33BFD19A593C4054
Requests: 3 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: 369E257F3B60BB1D7571B9F1DE522941
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: D75AEF959D3C51DB9DD8EEA473C30DA5
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: B5FC4FAC032ABCE22FAD60CB862F2BFB
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 0213000CECF624409752FDFBFA1A09D5
Requests: 3 HTTP requests in this frame

Frame: https://3e3cee70c05ed1736f82af86df621de4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 2A57D29669625DE64A7977ADC38A9FE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Frame ID: 8BDF51F6BBA1834F6E4F5591FFEB8614
Requests: 1 HTTP requests in this frame

Frame: https://0c88d885d498c7483d95dcd3213fbff4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: D60B8DA5385D62252DCC5957DDD1CA05
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D4C73B2A7B3F6CE9A3B39E7BC1213210
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 38FB4696984A59C103EC3A20B62F6DEE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Frame ID: 3F999F2F7C679B97A8CDC1A24D118400
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07C66E64437EA88A1B979CAD63575C76
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1B6684CB5DA42F9441F345E179F208AA
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Frame ID: CB0EFB7762B302EE7BB037763C3E9CE4
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1B4C42F8A3F00B8CE4AC968C029F9E18
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 803D6140DE6EE1D96F73866ADC5124EE
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3DC3A5B392F662484D0A792E3A9788F4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E306F02C12D97332440002785CA7087A
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Frame ID: D8A14C36BACF625C82ECAB6966A7080E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B24FAC452C320B523E59F8919E79F4FB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1075D08DC1FB0D66DDEFEF519F91EA83
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7836B6BC07885972A0DAA42C47FC5E88
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Frame ID: 98CEB8A996A7A4402849B015E9B26841
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Frame ID: 4674063840CFB772CE9507C7A0922DEF
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

川普計劃偷偷訪英? 示威團體準備好了:真是膽小鬼! - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js

Overall confidence: 100%
Detected patterns
  • 2mdn\.net

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

313
Requests

84 %
HTTPS

52 %
IPv6

43
Domains

78
Subdomains

56
IPs

9
Countries

7004 kB
Transfer

15852 kB
Size

44
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 131
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 132
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 135
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 170
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM6HPO5A-1F-F90V HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM6HPO5A-1F-F90V HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 178
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE4ZDE3YTQzZmQ1MWZhNmMxNjIxNTI4Mzc3ZjQ2ODkwODZjZTIyNA&gdpr=1&us_privacy=1---
Request Chain 179
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP6D99XigUzddX1vmMNvyEw&google_cver=1
Request Chain 180
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1--- HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM6HPO5A-1F-F90V&gdpr=1&us_privacy=1---
Request Chain 182
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1--- HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE02SFBPNUEtMUYtRjkwVg==&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEMuOlyL2uvtg42wpeQ8JEvo&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE02SFBPNUEtMUYtRjkwVg==&google_push=&gdpr=1
Request Chain 183
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 184
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1--- HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UBAGXiniyLsorLiIWsbCFMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1--- HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuIOGZ5E2oIDvdGAf0hc4XSZwC.I45dseebmvw--~A
Request Chain 185
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1--- HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Request Chain 271
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEKHeMv5MYzN3AM8tGfwIrC4&google_cver=1&google_push=AXcoOmT2nZgNE6TVR3n2XNt2XiXGPSq_Uyw32ztFZe6TNaLIxhThM5tlwN45UzrT4kZ8IzuuSB5qxtLJmnG2qP4Fy-pCyT5VMh8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT2nZgNE6TVR3n2XNt2XiXGPSq_Uyw32ztFZe6TNaLIxhThM5tlwN45UzrT4kZ8IzuuSB5qxtLJmnG2qP4Fy-pCyT5VMh8&google_hm=UjMzNjQ1XzEwODg5NUIwNF83RDQzMzk0NA%3D%3D
Request Chain 272
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFtLVJHAz_ijsZ0g8PWyMlY&google_cver=1&google_push=AXcoOmTWVXqygmNbVtmh8ViFWNsfwGkBWZ1fjMfx3KvlDngZDj-CKFyaPz6ObPs_0Pxc6lgdq3CTOkTZ59DL2a_D9BVU267sAys HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTWVXqygmNbVtmh8ViFWNsfwGkBWZ1fjMfx3KvlDngZDj-CKFyaPz6ObPs_0Pxc6lgdq3CTOkTZ59DL2a_D9BVU267sAys
Request Chain 273
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJMnQ5GOj78gpBpXHW-9F-Y&google_cver=1&google_push=AXcoOmT3Dt2tbSbSQLZhraRhB5rgw_QxfZ4hA41X29sMD1shlmnd6mfab5mlU8CGoxb4ocFUmdS1Zdnh64G99fEnXkEe7d9DzFc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJjZjZhZmItZTA2OC00OWFjLWIzYjYtMmNhYjIyNzc3NmNj&google_gid=CAESEJMnQ5GOj78gpBpXHW-9F-Y&google_cver=1&google_push=AXcoOmT3Dt2tbSbSQLZhraRhB5rgw_QxfZ4hA41X29sMD1shlmnd6mfab5mlU8CGoxb4ocFUmdS1Zdnh64G99fEnXkEe7d9DzFc
Request Chain 274
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEOqm-6fLy7aNarx79NZ9GhM&google_cver=1&google_push=AXcoOmRnFZqpi8CTa5tP77Qo52bcgyP4N-Rfo4PgYvydUOnDm_IQQTnY_uCCM0o7MCbTVwdtINagLx70KYUij6YylxCf3sSDjQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NWE1ZTliOGM4OTU0NDY2YThkNDE2ZGNiMzlmZTYwMTE%3D&UIDF=CAESEOqm-6fLy7aNarx79NZ9GhM&google_cver=1&google_push=AXcoOmRnFZqpi8CTa5tP77Qo52bcgyP4N-Rfo4PgYvydUOnDm_IQQTnY_uCCM0o7MCbTVwdtINagLx70KYUij6YylxCf3sSDjQ
Request Chain 275
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKuHh9rzoc1ODoaafHdf34Y&google_cver=1&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE&google_gid=CAESEKuHh9rzoc1ODoaafHdf34Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE
Request Chain 276
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN-1kH1QLEApBtJE9s-xY7U&google_cver=1&google_push=AXcoOmQBa9Qi_6-N-fqwgpeVDvqPnkYZtzB236AhV1GHEsju2lPqBsqDbowFARUG2gYQnlgQ9eo7dtbQr4ChygjCd6mKBHS6Qw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQBa9Qi_6-N-fqwgpeVDvqPnkYZtzB236AhV1GHEsju2lPqBsqDbowFARUG2gYQnlgQ9eo7dtbQr4ChygjCd6mKBHS6Qw&google_hm=Njg4ODY2NTc3NDE2NTQ2NTU1Nw%3D%3D
Request Chain 277
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELqszEge82RT6nKQ1hy6bQk&google_cver=1&google_push=AXcoOmQsMTKcwe06ILTTLeWKx90i2QR9FRAc4pOd56tkMXahH5b7qeIDy_6Npnuvd4qmH7qEirnjb3iu_3549SUbt5J89RHfFee2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQsMTKcwe06ILTTLeWKx90i2QR9FRAc4pOd56tkMXahH5b7qeIDy_6Npnuvd4qmH7qEirnjb3iu_3549SUbt5J89RHfFee2&google_hm=jTFhGAjfS9K737eKvEiSeII
Request Chain 280
  • https://px.owneriq.net/ecmg?google_gid=CAESEIdKIH9Gkd2Sm9c4CL7qeyg&google_cver=1&google_push=AXcoOmRk81LamaKjb6PscFrQt4c2Jkx4HCNefBBxVsSARSZjiVVMzmBZ3cVhg2Cpz_tsuHgG1wA5TQ7enWCOe5eIoxiWUThTCtsaS8HS-UNcU4nxVAHZjsToba9RCLeFxoY75JZECQ-yfFUPkyPpzQw7C7-O HTTP 302
  • https://px.owneriq.net/noop?ct=image%2Fgif
Request Chain 281
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPQePsYWLKV-Mr27tOSx8nA&google_cver=1&google_push=AXcoOmTISdaIiLZMPQj-igqbfcX9y4lNUUZCydGnidW59tU3ozrwdSs3h7h6y9Xz1n50JkQJBxX4hYoRwyAwA2y0Phv_RJDGc-ICFTNDBatdhdv3FoXG5-uKW6iPqMmLVZVZG2N84SCEIyV5cynS-O_Tw6Ga HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEPQePsYWLKV-Mr27tOSx8nA&google_cver=1&google_push=AXcoOmTISdaIiLZMPQj-igqbfcX9y4lNUUZCydGnidW59tU3ozrwdSs3h7h6y9Xz1n50JkQJBxX4hYoRwyAwA2y0Phv_RJDGc-ICFTNDBatdhdv3FoXG5-uKW6iPqMmLVZVZG2N84SCEIyV5cynS-O_Tw6Ga&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RJ00qQeIQ6CtCJVTVPIlkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTISdaIiLZMPQj-igqbfcX9y4lNUUZCydGnidW59tU3ozrwdSs3h7h6y9Xz1n50JkQJBxX4hYoRwyAwA2y0Phv_RJDGc-ICFTNDBatdhdv3FoXG5-uKW6iPqMmLVZVZG2N84SCEIyV5cynS-O_Tw6Ga
Request Chain 282
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKuHh9rzoc1ODoaafHdf34Y&google_cver=1&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2YpbPnF-ZiNFOLFLxOW26uUy83ZEK25xomEi8m7GvSBBAuOHlKpkNPRmcmu5S3 HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2YpbPnF-ZiNFOLFLxOW26uUy83ZEK25xomEi8m7GvSBBAuOHlKpkNPRmcmu5S3&google_gid=CAESEKuHh9rzoc1ODoaafHdf34Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2YpbPnF-ZiNFOLFLxOW26uUy83ZEK25xomEi8m7GvSBBAuOHlKpkNPRmcmu5S3
Request Chain 283
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN-1kH1QLEApBtJE9s-xY7U&google_cver=1&google_push=AXcoOmSQIv8JjqQ1pvoFp1kr6SauozmRrWpyIoz4_7SQMtSAHACtJMpiiuFdGxY-d756_0Iwk4X3IaO8dUaymk0OXjMPHjEWiG9TMtpw1N21u10PE1Git3RALyXga1TE8U3AGlb86bCMn4tDU9OEb8aIeEM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSQIv8JjqQ1pvoFp1kr6SauozmRrWpyIoz4_7SQMtSAHACtJMpiiuFdGxY-d756_0Iwk4X3IaO8dUaymk0OXjMPHjEWiG9TMtpw1N21u10PE1Git3RALyXga1TE8U3AGlb86bCMn4tDU9OEb8aIeEM&google_hm=MzUyNjA1Mjk1OTQ4ODQ0ODc3OQ%3D%3D
Request Chain 286
  • https://sync.inmobi.com/gob?google_gid=CAESEDFgIqYiuh_XleeCR7eg0SM&google_cver=1&google_push=AXcoOmSOh37nAWDSAIy82-MIiHXBHb1T_lOMUKuBRcl10qEwVrDMFuIqPpuCy0JS3LXqFAhO_GX4p9up-oXYFcktCN4qwnrrbZ7aUlGbQ_GkewG8fHl0k0e7x6U2-04Azfhr8YRucumcbCmAhUqVuzFgMaJ2pA HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSOh37nAWDSAIy82-MIiHXBHb1T_lOMUKuBRcl10qEwVrDMFuIqPpuCy0JS3LXqFAhO_GX4p9up-oXYFcktCN4qwnrrbZ7aUlGbQ_GkewG8fHl0k0e7x6U2-04Azfhr8YRucumcbCmAhUqVuzFgMaJ2pA
Request Chain 298
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FA1A7D8C449A42CB821CCD7B667882F9&RedC=c.clarity.ms&MXFR=276D5FEB31216F1834704C6835216197 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FA1A7D8C449A42CB821CCD7B667882F9&MUID=0E5E40A6F8DD66372F065325F92C67F1

313 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
www.bg3.co/a/
53 KB
16 KB
Document
General
Full URL
https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e6b5ab2cb1baaa8127abcb8930d998aa1f12f0e2af1491dad2a6c7b32a9529b3

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=900
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 05 Sep 2023 15:53:23 GMT
etag
"d52a-uER4yZ/zR7OIpUxLTQnfajrJEK8"
expires
Tue, 05 Sep 2023 16:08:23 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/
277 KB
71 KB
Script
General
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 15:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72923
x-xss-protection
0
server
sffe
etag
"8f05ddb4de6114d6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 15:53:24 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/
31 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 15:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9638
x-xss-protection
0
server
sffe
etag
"3c97018a73867a04"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 15:53:24 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/
24 KB
8 KB
Script
General
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Tue, 05 Sep 2023 15:53:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7567
x-xss-protection
0
server
sffe
etag
"694191137fe44b1a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 05 Sep 2023 15:53:24 GMT
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB
Script
General
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8187
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AfiOvTs5%2BzA9BxlajkMtp5%2FQhIPKHGYU1kvqK8EPUxdTRMfF24cOMxh9%2F6%2FrGwYV0X4p7DuVKoMv3SFkl95sHWcRxk3RykaksUg8xoPgzXlHckLna0cCho%2BezYIGgzPbhcYqKAxyW5%2FRhP0%2ByA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
801fa5196ccc1ad4-FRA

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
player.js
cdn.unibotscdn.com/ubplayer/
244 KB
93 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-382
cdn-cachedat
09/02/2023 08:40:33
cdn-pullzone
873945
last-modified
Sat, 02 Sep 2023 08:40:17 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64f2f4f1-3ce5e"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
538dce8c268457e75b3b05bf6aa69048
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
adRecover.js
delivery.adrecover.com/43519/
37 KB
10 KB
Script
General
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
21ae83bd23677cdebc8138a1dc65b1479d03466c9200e943acfcf4a9adc33702

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Tue, 05 Sep 2023 16:53:24 GMT
date
Tue, 05 Sep 2023 15:53:28 GMT
content-encoding
br
x-ap-device
DESKTOP
last-modified
Tue, 05 Sep 2023 13:09:56 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
x-client-device
desktop
x-client-geo
CH
adpushup.js
cdn.adpushup.com/42753/
658 KB
139 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
533138950dd7237eae697a2b822338760afe6553ac2119ab648d1bcfb13b7f16

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 15:53:24 GMT
x-ap-device
DESKTOP
content-encoding
br
last-modified
Thu, 31 Aug 2023 21:40:02 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
x-ap-geo
DE
server-timing
cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, ak_p; desc="1693929204085_3088659109_361234949_714_1447_20_46_146";dur=1
content-length
141533
expires
Tue, 05 Sep 2023 16:53:24 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/
492 KB
53 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
29b110ded380d57fd0b65e05023807dd1ed2d7a50d293f8b1dffc415929df8e1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
CS4xXnbn3e0eQM.Y8bfmZ_XtvJ_HUi_a
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
M3VZGS0PZ6PVNWBH
age
23081
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
content-length
53746
x-amz-id-2
kwOEz1bR2lNbE1d7kcQVT6OEpt0FAaOwyL8RnIwS5mPGnBlI99TOl84LTuCCqNFkX7MW87SgYmQ=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929204.121485,VS0,VE0
etag
"6f10d5706f39c3d8dbbf8f496b40a0c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
49
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
3
impl.20230904-6-RELEASE.js
cdn.taboola.com/libtrc/
804 KB
167 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e22158808f2f86a0356dd020a0a86bdfded121d34ecc9055830973870e674115

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
jk1U17_tVU9HHlI58kwr84SV8wNlkfRk
content-encoding
br
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
8N3WWZS83FY7KXYZ
age
23834
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
170198
x-amz-id-2
1Pd1M/fJq1x3ptOaUCNdcj1gaKA8gdpblHHvPIZ1QnUvgFp7XWDXIFPigWO79nbvUhNRK8ed8aY=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Mon, 04 Sep 2023 08:57:08 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929204.201418,VS0,VE0
etag
"7e2de674deacd469493acfda59783351"
vary
Accept-Encoding
content-type
application/javascript
abp
75
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
16887
jquery-3.6.0.min.js
code.jquery.com/
87 KB
30 KB
Script
General
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac18::1:a:3a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
gzip
last-modified
Fri, 20 Aug 2021 17:47:53 GMT
server
nginx
etag
W/"611feac9-15d9d"
vary
Accept-Encoding
x-hw
1693929204.dop241.fr8.t,1693929204.cds213.fr8.hn,1693929204.cds144.fr8.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
0e9216dbd70730b24c0b36fcc512cbdf.jpg
static.bg3.co/imgs/202105/
0
0

8dd5b9ad2d6a7c8183a6f3828fcf8f86.jpg
static.bg3.co/imgs/202106/
0
0

ffa7d0e643062e13dae40ba712d353f8.jpg
static.bg3.co/imgs/202106/
0
0

dfdc81e8f6245326e25d79d51cfa5a28.jpg
static.bg3.co/imgs/202105/
0
0

5a742c50cfa96cb95eeb62c3f2c68ded.jpg
static.bg3.co/imgs/202106/
0
0

e458c0057c32ed3caabbe5a1b0cdbb75.jpg
static.bg3.co/imgs/202106/
0
0

e48fb5a3998a7aae17d497dd33a36e70.jpg
static.bg3.co/imgs/202105/
0
0

ca9ff807cc8ae7d76e2f5a437228442d.jpg
static.bg3.co/imgs/202105/
0
0

90e36d97c217db41ffe5c3f0e7abe599.jpg
static.bg3.co/imgs/202105/
0
0

4ee135783b056abf873c5f7650bf9986.jpg
static.bg3.co/imgs/202106/
0
0

a3857f55afff17574d6326e5bfcba9ed.jpg
static.bg3.co/imgs/202105/
0
0

65a0f38790c59ef75273f39816af6234.jpg
static.bg3.co/imgs/202105/
0
0

39f7ace128fa1f81bd33ba7055a39ee4.jpg
static.bg3.co/imgs/202106/
0
0

935b114128c56bef5044e5fb96b3c8a7.jpg
static.bg3.co/imgs/202105/
0
0

879a27b9c3897591d7c03a80b22bce62.jpg
static.bg3.co/imgs/202105/
0
0

f5fdcba36b0abd1bacb5e9dff0faa6ea.jpg
static.bg3.co/imgs/202105/
0
0

f1691c4596ff883060992218c756e54d.jpg
static.bg3.co/imgs/202105/
0
0

a617baab6c24eed234eb877369b3a05c.jpg
static.bg3.co/imgs/202106/
0
0

03977bccd57186dd5b7f0bd552623d97.jpg
static.bg3.co/imgs/202105/
0
0

0d494a8bcdb73062c7ba354fb4ff2711.jpg
static.bg3.co/imgs/202105/
0
0

95abfefa67fa7f81ce25d9d2d0646d54.jpg
static.bg3.co/imgs/202105/
0
0

ee5b959904055ec1b1e32e88bbac6c09.jpg
static.bg3.co/imgs/202106/
0
0

amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/
8 KB
3 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:08 GMT
age
588076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2971
x-xss-protection
0
server
sffe
etag
"81fe35e806c986f9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:08 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/
82 KB
23 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:08 GMT
age
588076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23145
x-xss-protection
0
server
sffe
etag
"1e24d49ff16f97fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:08 GMT
ama
pagead2.googlesyndication.com/getconfig/
4 KB
871 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
523
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/
12 KB
4 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
588075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3937
x-xss-protection
0
server
sffe
etag
"256c2c03e8e2f982"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
sync
gum.criteo.com/
46 B
288 B
Script
General
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:23 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
248173
expires
60
json
trc.taboola.com/palmate-bg3co/trc/3/
73 KB
18 KB
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=17%3A53%3A24.300&lti=deflated&data=%7B%22id%22%3A19%2C%22ii%22%3A%22%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1693906069385%2C%22vi%22%3A1693929204297%2C%22cv%22%3A%2220230904-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html%22%2C%22vpi%22%3A%22%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3186%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A1956.53125%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
15f112ee1b4466cde8bf5d2e814a427ab4325cfe558da55131bdffb07d5e4e88

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
281
date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
63938
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230122-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1693929204.324819,VS0,VE281
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pb.42753.1685716554093.js
cdn.adpushup.com/prebid/
409 KB
120 KB
Script
General
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1685716554093.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
last-modified
Wed, 19 Jul 2023 17:13:32 GMT
server
nginx/1.18.0
etag
W/"64b819bc-66521"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1693929204362_3088659109_361235180_660_1453_20_42_146";dur=1
content-length
122286
expires
Wed, 04 Sep 2024 15:53:24 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/
450 B
584 B
Script
General
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4, origin; dur=0, ak_p; desc="1693929204404_3088659109_361235181_419_1395_20_0_146";dur=1
content-length
211
expires
Wed, 04 Sep 2024 15:53:24 GMT
linkPreview.js
cdn.adpushup.com/42753/
75 KB
18 KB
Script
General
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
nginx/1.18.0
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6, origin; dur=0, ak_p; desc="1693929204404_3088659109_361235182_603_1442_20_0_146";dur=1
content-length
18371
expires
Tue, 05 Sep 2023 16:53:24 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/
99 KB
29 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c8489c6659b9bfa781b3443f22ab54ae37ee8ebc5e4f73cb6252d97ee0ad12d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29336
x-xss-protection
0
server
cafe
etag
465 / 19605 / m202308310101 / config-hash: 4851663212883413440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:24 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/
70 B
309 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2OTM5MjkyMDQzNzIsInBhY2tldElkIjoiMDAwMEE3MDEtZjczZjQ5MTgtZTc3Yi00MjAxLTg4Y2YtZTNkNzMwZTUzMWI0Iiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NodWFuLXB1LWppLWh1YS10b3UtdG91LWZhbmcteWluZy1zaGktd2VpLXR1YW4tdGktemh1bi1iZWktaGFvLWxpYW8temhlbi1zaGktZGFuLXhpYW8tZ3VpLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkRFIn0%3D&c_b=1879.6000022888184
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/
70 B
308 B
Image
General
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:24 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
fundingchoicesmessages.google.com/f/
19 KB
9 KB
Script
General
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWGtL7zuZ1y1IcNdDu97XV3A1nSFYlAxzUsMF11iBnZwCEpDsaZDLJvauA2_Cx3VImW-PkAxWSsA1Yld5y1tqA=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
85de64e42a31530c967098d4c926e786d5f61aec92e064b84533ff1035066bee
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0etBfipO1tc-WN33VaZdxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-security-policy
script-src 'report-sample' 'nonce-0etBfipO1tc-WN33VaZdxQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Mon, 01 Jan 1990 00:00:00 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012308181609000/v0/
40 KB
10 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:08 GMT
age
588076
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10348
x-xss-protection
0
server
sffe
etag
"279670ab552e383b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:08 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/
213 KB
56 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:35:15 GMT
age
587889
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57645
x-xss-protection
0
server
sffe
etag
"2fe8959ce43a8d1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:35:15 GMT
quant.js
secure.quantserve.com/
22 KB
9 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 12 Sep 2023 15:53:24 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/012308181609000/v0/
110 KB
31 KB
Script
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:03 GMT
age
588081
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32193
x-xss-protection
0
server
sffe
etag
"473971c650298c2f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:03 GMT
nameframe.html
d-3020712156855592794.ampproject.net/2308181609000/
0
0
Other
General
Full URL
https://d-3020712156855592794.ampproject.net/2308181609000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

googleanalytics.json
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/
2 KB
886 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/googleanalytics.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:09 GMT
age
588075
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
856
x-xss-protection
0
server
sffe
etag
"0fc0eb4a65ca6481"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:09 GMT
ga4.json
amp.analytics-debugger.com/
7 KB
3 KB
Fetch
General
Full URL
https://amp.analytics-debugger.com/ga4.json?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e6::ac40:ca0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
36386
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 05 Sep 2023 05:46:58 GMT
server
cloudflare
vary
Accept-Encoding, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u%2FvuSoh0zvuCKjSAV9QJYAX7e8O75T7EzMRaIGIbMTh8A9TuDKESpaY4lAMjwPLjCqjfLM5dPlqnnS4TKd%2BUOcLiwaFcg18pAgbnvmIhr%2BtK4Z7lxycj%2FotIUWnGc8fs25VdKlX4MJgv1AFpvrwvUT6zS5xdrsor7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=86400
access-control-allow-credentials
true
x-debug-em-all-ga4amp-version
20230607
cf-ray
801fa5196dc235eb-FRA
gtag.json
cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/
3 KB
956 B
Fetch
General
Full URL
https://cdn.ampproject.org/rtv/012308181609000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 29 Aug 2023 20:32:10 GMT
age
588074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
926
x-xss-protection
0
server
sffe
etag
"d9a6653d564716b0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 28 Aug 2024 20:32:10 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/
160 B
634 B
Script
General
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:9000:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:17:17 GMT
via
1.1 59d5785a1d012a54118141e7e216a492.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
2168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
QyNNEi9BLjySSRjYVLrYPfLtCtJHWJ8vbiOtn_7rDla7UwZHe3uQ1A==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/
403 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2455
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Sep 2024 15:12:29 GMT
amp
www.googletagmanager.com/gtag/
684 B
762 B
Fetch
General
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
305
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
floating-unit.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
8 KB
3 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0523c9f4c6e8ba75215efcb5a0dd935a921f2f7ab3fb4704ce76e1581b138f8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gCyHf_VCfjZj4MCtkTlwg.UqGXFNzlsk
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
CPQK909B5FDC125Z
age
23122
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
2474
x-amz-id-2
U+RbM3c+KhVYDklAMG5nRTIdUFwi37tgwxJ8dkSlzJiRxIZzaE5B4Hal5BU4SKUTqMKfyT1g0ZU=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:03 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.659444,VS0,VE0
etag
"2f075479883762ccb190880a2d99a178"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
32
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1147
taboola-vignette-new-scanning.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
27 KB
8 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4c81fdea7c18bbcfa19c107195f178531a1894893820fa4f813e8a2d4626e7ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
gD92SrEmdVN9wiZ2ljLxk6xmqtYcr2Zx
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
T7QSD1WKG39VA09Q
age
23102
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8019
x-amz-id-2
Q6rL/wcYIVVRSo6X4d8EiTQYtTKeYPOuVnKj9Vhh+/vA1LjvPMc6DVHh2PJj7yD+kddLML6bpaE=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:23 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.660033,VS0,VE0
etag
"b64dfc1b22cb23aa523b455c1b278478"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
29
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
621
distance-from-article.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c96ae71aaa29dc81173e75f0decbce2c96524acc59f1dc3e99a0292560a2b892

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
fcaFwkup65aQSTOfbV798hbxQaKYLZN0
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
TBAF86P320DWNCNC
age
23130
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1133
x-amz-id-2
f4BMEakH1WnK7qd/8+Q0DLe0xcWCvigexxOAuAFZqSUFVXdQjNrrLbj/W7KX5vEOeLIJW9ntywg=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:27:55 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.673259,VS0,VE0
etag
"bb24e279c0edcbe16d2ff26dac9946d1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
60
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10608
article-detection.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/article-detection.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
16c56af26101715bb14f3afe53bf3f2c60a1413cbe8e58a1d2c6d8296908f665

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
FV1al.V4wnjth4d5oxM5T_RrUBt1RiQC
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
8ARDCGFHWDRSQFV6
age
23136
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1291
x-amz-id-2
Ofk6E/uif5xfbuReF/tqeVHyX6lvLneKQGV6c7eCfuujRV0yOWJm2EtPWQ0tnRXCgiyrTolG5cc=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:27:49 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.673332,VS0,VE0
etag
"314d847535f292f04cfd0a2d8c97c85c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
61
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
10596
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.2.9/
127 KB
36 KB
Script
General
Full URL
https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
91673
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront, HIT
content-length
36490
x-served-by
cache-fra-eddf8230097-FRA
last-modified
Mon, 04 Sep 2023 14:25:10 GMT
server
AmazonS3
x-timer
S1693929205.753101,VS0,VE0
etag
"fd7ae01836d3569c79370b947186fc34"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
zY8aCoBHNlS93pxqjFjaT-d-7We2oA4brP-hg1H22wJfPEM1hA9XIg==
x-cache-hits
11249
feed-card-placeholder.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
5 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
53294044ef54aa72d219a20ecea405f082270bb7774af92c6117b2c7a5ea8013

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
pQEvK3O7.nDcN6fftr4DN4W2TxDndq5Q
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
JBRQRFRD2YDH6WYF
age
23125
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
1262
x-amz-id-2
jBNzSO4e6FEgjBx1CEsXt44GkAYej/Hd4tICKex78JJV031r+9RwuFdRlYNmQuIr8ONLv62yO70=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:00 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.675658,VS0,VE0
etag
"fb5fdfa274fdc2467deb2cb66f816ee1"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
23
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9561
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/
4 KB
2 KB
Image
General
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
CCG7A4WVWN5WJAVZ
age
63
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
TBmCggLO8/GElgFPb5rvRR7gHff4xRNz3fdHVeMViDUfwUB4CbODSlFFpnwJ77ZBlNCMfCXQR04=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.679733,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
85
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
89
userx.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
17 KB
6 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/userx.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
920e61c4d114a96b890545ff904a61109578821e50306b6d9f642cebead0eca3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
ULC0lSCIq3CJA8CiJO4V6IWR2raQl_y5
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
FSBMWH530VRS62CD
age
23098
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5397
x-amz-id-2
j3yH8/NdleXn3yw0lyq8dOBLo9//QRWBjx5IWoFfpAn2FGOo234cvso935W6ioHD7H5S49t0HVg=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:26 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.681707,VS0,VE0
etag
"bef5c48573436bea4af3bca2d3a096c2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
8
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3326
explore-more.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
30 KB
9 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/explore-more.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4f6a107a3fdb1536c81826561e818486e2a0ae0b230df8b15f908af89b0071e0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cGIJeEWfP5aFkjM4FO.sq.jOyEuP0ujD
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
PFT5D60MTMS3ZF4Y
age
23126
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
8803
x-amz-id-2
d5Vq0xWrqgOvY24b6aGmY+EXGqOFLvKngOdsUUQhTIG4mKWvlNVYFDCb6iywjiqkjQJpGkCchfM=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:27:58 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.698144,VS0,VE0
etag
"faaae21a0564075e67ac64af0bda9aad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4862
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=17%3A53%3A24.649&id=505&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1693929204650%7D&tim=17%3A53%3A24.650&id=6804&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1693929204657%7D&tim=17%3A53%3A24.657&id=6343&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A53%3A24.687&id=5130&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
90 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A53%3A24.689&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=2323&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74353
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A53%3A24.690&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=1508&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74353
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A53%3A24.736&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=3687&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74353
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A53%3A24.736&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=4779&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74353
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A53%3A24.741&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=5395&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74343
7ac303a1b85d437a92f9e124f44eacd5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_840%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
26 KB
27 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_840%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ac52cad3c361c2183207004c3a6c99aa12961ce4970fcd81e15758357baa357b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_840%2Cw_1120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
age
1391750
edge-cache-tag
306897254391702446897814943512356472171,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
cache-tag
306897254391702446897814943512356472171,300725542225319019678437132620861179772,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
483
expiration
expiry-date="Sat, 02 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.news.de/
content-length
26272
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000072-IAD, cache-iad-kiad7000072-IAD, cache-ewr18167-EWR, cache-iad-kjyo7100119-IAD, cache-fra-eddf8230122-FRA
last-modified
Wed, 02 Aug 2023 15:13:07 GMT
server
nginx
x-timer
S1693929205.775689,VS0,VE1
etag
"14b00b60b95d27f07e0284fa17b46ab6"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 7, 0, 1, 1
7ac303a1b85d437a92f9e124f44eacd5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
16 KB
17 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b83d2a06c78b17a21cbe6d507b1b2c216bc8d31adcb543a2a8dd993b7575a270

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
age
3720925
edge-cache-tag
306897254391702446897814943512356472171,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
306897254391702446897814943512356472171,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
210
req-referer
https://tamilwin.com/
content-length
16100
x-request-id
e8573224a27a0d7b5f011f76305aebcd
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000077-IAD, cache-iad-kiad7000043-IAD, cache-lax10678-LGB, cache-iad-kiad7000104-IAD, cache-fra-eddf8230122-FRA
last-modified
Sun, 23 Jul 2023 02:38:49 GMT
server
nginx
x-timer
S1693929205.778375,VS0,VE1
etag
"0c56b9f0c7921e39b019e959a7a13016"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 7, 1
64664bd1b26340e8644a614ea0d246c0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
12 KB
13 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64664bd1b26340e8644a614ea0d246c0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
4d4d48407b223dc62ee2fe4b345a00363ff732efc5fab2307c823624e04b36c1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64664bd1b26340e8644a614ea0d246c0.png
age
2763571
edge-cache-tag
439780117774413239295210516677367588713,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
439780117774413239295210516677367588713,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
252
expiration
expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.express.de/
content-length
12450
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100033-IAD, cache-iad-kiad7000122-IAD, cache-sna10723-LGB, cache-iad-kcgs7200149-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 11 Jul 2023 08:55:25 GMT
server
nginx
x-timer
S1693929205.778339,VS0,VE1
etag
"fc2c883038d75384ca2c93477f45ef64"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 0, 114, 1
dce379eb5a0a6c89278360c7dec56b43.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dce379eb5a0a6c89278360c7dec56b43.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f777d45fd8e1e5312828563d8ed65665d1055abefcf95d60599fbf94b54c8b8f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dce379eb5a0a6c89278360c7dec56b43.jpeg
age
101516
edge-cache-tag
337219963552705767105796159782841005544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
337219963552705767105796159782841005544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
81
req-referer
https://www.bleacherbreaker.com/
content-length
8538
x-request-id
90df210e4c04c1a5fb3f3bbb28c361b7
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000084-IAD, cache-iad-kiad7000084-IAD, cache-sna10729-LGB, cache-iad-kjyo7100145-IAD, cache-fra-eddf8230122-FRA
last-modified
Sat, 02 Sep 2023 23:03:28 GMT
server
nginx
x-timer
S1693929205.782954,VS0,VE1
etag
"719078b08d23f466b642e8f97b98de4a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 6, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
25 KB
26 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c15f1d59737fd83228622836f14095c34e902c50564a25a3b0efb60464be6ac8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_460,w_920,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
4362436
edge-cache-tag
553345370031307653688610699912439950752,572832214153325356336544796315132161834,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,572832214153325356336544796315132161834,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
236
expiration
expiry-date="Fri, 21 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.footmercato.net/
content-length
26108
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb203
x-served-by
cache-iad-kiad7000168-IAD, cache-iad-kcgs7200071-IAD, cache-sna10751-LGB, cache-iad-kiad7000148-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 20 Jun 2023 07:36:45 GMT
server
nginx
x-timer
S1693929205.801306,VS0,VE1
etag
"801a05593096c701eb747085cb4b1282"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 165, 1
c71ef43979c78a8531ce13d353f0fec3.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
5 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c71ef43979c78a8531ce13d353f0fec3.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
61cd427b14819b5ab75c11b9c69501875f73d805802dc95cd835ed3f827863a4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c71ef43979c78a8531ce13d353f0fec3.png
age
3021463
edge-cache-tag
495640879743501137556832602041882971601,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
495640879743501137556832602041882971601,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
77
req-referer
https://www.manoramaonline.com/
content-length
4608
x-request-id
79313181c24e3bff4d2084e9f6a1e87d
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kiad7000026-IAD, cache-iad-kcgs7200077-IAD, cache-lga21969-LGA, cache-iad-kjyo7100065-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 01 Aug 2023 12:27:55 GMT
server
nginx
x-timer
S1693929205.803754,VS0,VE1
etag
"427f0bdba215034677c81dab96e10431"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 46, 1
7d8100fbfe5c8707b36c7fb65ca2bc7f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
8 KB
9 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d8100fbfe5c8707b36c7fb65ca2bc7f.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
7d7d8f6b4232ff745a1cd08a00c5c9fca407eecb685bd18ec01b12dbf17d0c98

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7d8100fbfe5c8707b36c7fb65ca2bc7f.png
age
2430278
edge-cache-tag
586436954864707297027469644355705941308,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
586436954864707297027469644355705941308,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
120
req-referer
https://www.gazzetta.it/
content-length
8320
x-request-id
dc8325f087d26638854f16a7ea9dbcaa
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000101-IAD, cache-iad-kjyo7100106-IAD, cache-sna10728-LGB, cache-iad-kcgs7200111-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 08 Aug 2023 12:48:25 GMT
server
nginx
x-timer
S1693929205.804053,VS0,VE1
etag
"f1f03230e1dfe90ff301de6405aca755"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 0, 1
7ac303a1b85d437a92f9e124f44eacd5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
18 KB
18 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
f36d0f06662e7f486c754ae4b945c541325432a8076926b5585a6c8a0704e596

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
age
2802374
edge-cache-tag
306897254391702446897814943512356472171,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
306897254391702446897814943512356472171,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
306
req-referer
https://www.augsburger-allgemeine.de/
content-length
18110
x-request-id
26b3eb1eff4e89f676b3094f13cfbede
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by
cache-iad-kjyo7100179-IAD, cache-iad-kjyo7100160-IAD, cache-lga21942-LGA, cache-iad-kcgs7200142-IAD, cache-fra-eddf8230122-FRA
last-modified
Sun, 23 Jul 2023 02:38:49 GMT
server
nginx
x-timer
S1693929205.807815,VS0,VE0
etag
"2c7fb0f3d86e803d54ae87855f71c3a7"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 3, 1, 3, 299
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
29 KB
29 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_523,w_940,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
2353366
edge-cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,402479757437519981525365986995415241909,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
261
expiration
expiry-date="Fri, 01 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
29394
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kcgs7200136-IAD, cache-iad-kcgs7200115-IAD, cache-lax10660-LGB, cache-iad-kcgs7200071-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 01 Aug 2023 07:44:45 GMT
server
nginx
x-timer
S1693929205.829083,VS0,VE1
etag
"a8139c2d2ea8fa23ad77f4b509ad1b5b"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 4, 1, 31, 1
64664bd1b26340e8644a614ea0d246c0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
22 KB
23 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64664bd1b26340e8644a614ea0d246c0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
02580960f786252394390d58499ffa747e062d66b36adc81d06090cd9a58b187

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64664bd1b26340e8644a614ea0d246c0.png
age
2428108
edge-cache-tag
439780117774413239295210516677367588713,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
439780117774413239295210516677367588713,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
305
expiration
expiry-date="Fri, 11 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://omgifacts.com/
content-length
23018
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000134-IAD, cache-iad-kjyo7100101-IAD, cache-iad-kiad7000058-IAD, cache-fra-eddf8230122-FRA
last-modified
Tue, 11 Jul 2023 02:10:50 GMT
server
nginx
x-timer
S1693929205.829232,VS0,VE1
etag
"3de3cf6c1d3a56b0b37d83107cfdd26e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 31, 1
dce379eb5a0a6c89278360c7dec56b43.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
21 KB
22 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dce379eb5a0a6c89278360c7dec56b43.jpeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
08343513bdf048d9de4f537b2c227c74cd295b18ec28bdf9a21c2becceafb3ed

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/dce379eb5a0a6c89278360c7dec56b43.jpeg
age
101515
edge-cache-tag
337219963552705767105796159782841005544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
337219963552705767105796159782841005544,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
293
req-referer
https://www.t-online.de/
content-length
21428
x-request-id
90df210e4c04c1a5fb3f3bbb28c361b7
x-backend-name
CH_nlb802
x-served-by
cache-iad-kiad7000084-IAD, cache-iad-kiad7000062-IAD, cache-iad-kjyo7100051-IAD, cache-fra-eddf8230122-FRA
last-modified
Sat, 02 Sep 2023 23:03:28 GMT
server
nginx
x-timer
S1693929205.829225,VS0,VE1
etag
"719078b08d23f466b642e8f97b98de4a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
pixel;r=1312606111;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html;uh=e51ed67dfb8d91dc24b15e...
pixel.quantserve.com/
35 B
371 B
Image
General
Full URL
https://pixel.quantserve.com/pixel;r=1312606111;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-2060918979-1693929204536;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1693929204785;tzo=-120;ogl=;ses=c3a35a6a-3b8f-4f4e-91ac-5af725d4b903;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:e365:4988:e8a7:3270 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:24 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/
975 B
634 B
Stylesheet
General
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
10004
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fZLYmXzjhUzlN14rRIwWKIlJe5azWCbGt1DI1QaqWFqyTbK7rfUM%2Fz99VQxuDbC%2BkGP%2ByMAtVI%2BlDHNnIU0FuP3tfXVP1AKaKI56g0U1CgVjH95wQvh1beOhmFjdIWj6NtCLw0QFbQTNc1%2B%2BLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
801fa51a0de21ad4-FRA
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
179b7e1951da161ed13c7877025515b1691a3b7576df631bccb401368c7be9cb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/
46 B
488 B
XHR
General
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
179b7e1951da161ed13c7877025515b1691a3b7576df631bccb401368c7be9cb

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
collect
www.google-analytics.com/r/
35 B
303 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-vLezSh7kAX01QrGfbCEnJA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.7922076762242669&gjid=0.7425883208392836&_r=1&a=7195&z=0.28549614444301485&gtm=45De1110
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
next-up-widget.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
16 KB
5 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
36e0d542a26e9291d9a13b1686f8acf7f4499e4b386a7e9387e5e04ad46e4210

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Uj6rnUgvjwYcuHvxp5KuHTjsxEE90fU5
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
YQN8GD9NKG5R3KPE
age
23116
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
4623
x-amz-id-2
HUzG8PTtgYGGG7SJVQ7E+qSOxkkvodV8lcx+TbaskvJ+eyp3kylIDqa4/f0Dr6K2BTOPXvMCcJU=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:08 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.835395,VS0,VE0
etag
"9668a4b280e1c3ec93ab1607871c6e9c"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
90
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
1122
ad_request
ads.aralego.com/
564 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5305225024410036&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
ad_request
ads.aralego.com/
564 B
1 KB
XHR
General
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=300&h=250&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.1285185522751735&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22345.609375%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A53%3A24.842&id=5527&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A854%7D%22%2C%22eventTime%22%3A1693929204850%7D&tim=17%3A53%3A24.850&id=254&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/
0
89 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=17%3A53%3A24.858&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=2100&cv=20230904-6-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
74345
css2
fonts.googleapis.com/
20 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 15:02:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 15:53:24 GMT
spa-detector.20230904-6-RELEASE.es6.js
cdn.taboola.com/libtrc/
2 KB
1 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20230904-6-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
db94893653c53b70e0c63bd0b7c24b0cbf802b844f6613001062c7c0725d5b65

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
E.5k2hvExY0HvLe0iU0yoGD_raVTUlHD
content-encoding
gzip
via
1.1 varnish
date
Tue, 05 Sep 2023 15:53:24 GMT
x-amz-request-id
K2SYPGNMJRJQ3V36
age
23110
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
779
x-amz-id-2
R5nRigxbCRqhvOm2gH56uv4ZPFP5yJ8je7VAkoWB/faPa7bMXAsOlNtlgLmSymXCUgx9zZNt0WY=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 09:28:15 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1693929205.878190,VS0,VE0
etag
"658119ffa9cdad090a44b659ec9886c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
38
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
5049
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A53%3A24.858&id=4164&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1693929204865%7D&tim=17%3A53%3A24.865&id=4726&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=17%3A53%3A24.866&id=7495&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/
0
230 B
Image
General
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi48=11593&tvi50=9563&lti=deflated&ri=b6375e81178256744932e022d78078ec&sd=v2_6a92632c281beaa42fe510405aea839b_f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474_1693929204_1693929204_CNawjgYQ2YJdGMnUsbCmMSABKAEwKziy0A1AyYgQSKGe3QNQ____________AVgAYABosa_ptcr9986tAXAA&ui=f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474&pi=/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&wi=-3747820645356813489&pt=text&vi=1693929204297&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1693929204868%7D&tim=17%3A53%3A24.868&id=8275&llvl=2&cv=20230904-6-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
region1.google-analytics.com/g/
0
242 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7195&cid=amp-vLezSh7kAX01QrGfbCEnJA&ul=en-us&sr=1600x1200&_s=1&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dr=&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=page_view&sid=1693929205&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JLX4K2W8JS&cid=amp-vLezSh7kAX01QrGfbCEnJA&aip=1&sid=1693929205&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:24 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
7ac303a1b85d437a92f9e124f44eacd5.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
3 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
be9e17df5fd8251aa8202faac9c0f7d856856ab184a48f4285a6a571ef1ba949

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7ac303a1b85d437a92f9e124f44eacd5.png
age
350204
edge-cache-tag
306897254391702446897814943512356472171,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
306897254391702446897814943512356472171,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
55
req-referer
https://www.salud180.com/
content-length
2864
x-request-id
32ce52eec25dfd540cfa83b8dc34f483
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100082-IAD, cache-iad-kjyo7100082-IAD, cache-lga21976-LGA, cache-iad-kcgs7200130-IAD, cache-fra-eddf8230122-FRA
last-modified
Wed, 23 Aug 2023 16:10:21 GMT
server
nginx
x-timer
S1693929205.932708,VS0,VE2
etag
"d972b94084603cc3960ef05a16609c41"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1, 1
59dc2ff7d57394a42f2e1770eccf577d.jpg
images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
4 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_160,w_160,c_fill,g_xy_center,x_526,y_397/http%3A//cdn.taboola.com/libtrc/static/thumbnails/59dc2ff7d57394a42f2e1770eccf577d.jpg
age
1848361
edge-cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
cache-tag
553345370031307653688610699912439950752,560938299729802386461231437678133054091,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
94
expiration
expiry-date="Thu, 24 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.oranews.tv/
content-length
3584
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kiad7000157-IAD, cache-iad-kcgs7200132-IAD, cache-lax10678-LGB, cache-iad-kcgs7200147-IAD, cache-fra-eddf8230122-FRA
last-modified
Mon, 24 Jul 2023 04:35:47 GMT
server
nginx
x-timer
S1693929205.936405,VS0,VE1
etag
"e5c6d9c0f2aada11bf284ce428581f10"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 17, 1
64664bd1b26340e8644a614ea0d246c0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/
4 KB
5 KB
Image
General
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64664bd1b26340e8644a614ea0d246c0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2b2d647ddb6fc50140af3f0bd31e594fa49eea51d4a499c96b3ea241f677724a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Tue, 05 Sep 2023 15:53:24 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/64664bd1b26340e8644a614ea0d246c0.png
age
1729946
edge-cache-tag
439780117774413239295210516677367588713,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
439780117774413239295210516677367588713,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
630
req-referer
https://flytant.com/
content-length
4234
x-request-id
48234bcea0704ab0e88ab63663f6057a
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by
cache-iad-kcgs7200090-IAD, cache-iad-kiad7000047-IAD, cache-lga21982-LGA, cache-iad-kcgs7200116-IAD, cache-fra-eddf8230122-FRA
last-modified
Thu, 10 Aug 2023 20:35:27 GMT
server
nginx
x-timer
S1693929205.958090,VS0,VE1
etag
"04b318eced63fcde46d2ebbae5b75ba5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 9, 1
bg3.json
cdn.unibotscdn.com/clientdata/
19 KB
2 KB
Fetch
General
Full URL
https://cdn.unibotscdn.com/clientdata/bg3.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
gzip
cdn-edgestorageid
1078
cdn-storageserver
DE-383
cdn-cachedat
09/03/2023 07:31:15
cdn-pullzone
873945
last-modified
Sun, 03 Sep 2023 07:30:40 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
652
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
9bfe5691903230f4b68e8d7a1996ee08
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.js
cdn.unibotscdn.com/clientdata/js/
1 KB
1 KB
Script
General
Full URL
https://cdn.unibotscdn.com/clientdata/js/bg3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-168
cdn-cachedat
08/26/2023 12:01:21
cdn-pullzone
873945
last-modified
Sat, 26 Aug 2023 12:00:46 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
660
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e9e96e-57f"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
a7f03179f5002be24f21a19a3b7282e1
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/
975 B
1 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-588
cdn-cachedat
08/09/2023 17:49:28
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
1687cded8e99b66b4eec09c7deda3fd4
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/
4 KB
2 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 14:43:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
ca5059ed6e40f33c689ebb39556aed0d
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/
39 KB
11 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-680
cdn-cachedat
08/29/2023 14:59:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
6dfdfbe35646f5082b41ed1cb93abd8c
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
bg3.css
cdn.unibotscdn.com/clientdata/css/
1 KB
1 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/clientdata/css/bg3.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
863
cdn-storageserver
DE-167
cdn-cachedat
08/09/2023 22:25:50
cdn-pullzone
873945
last-modified
Tue, 01 Aug 2023 11:45:19 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64c8f04f-534"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
5d6a44a17e7c2c49c9bcaf9f8a4b3a4b
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ub-player.css
cdn.unibotscdn.com/ubplayer/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
1054
cdn-storageserver
DE-599
cdn-cachedat
09/03/2023 13:09:27
cdn-pullzone
873945
last-modified
Fri, 25 Aug 2023 08:08:48 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
647
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64e86190-1b06"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
924c77e30346632d428df282f82e65d7
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/
356 KB
123 KB
Script
General
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
125515
x-xss-protection
0
expires
Tue, 05 Sep 2023 15:53:25 GMT
il95o8vjrn
www.clarity.ms/tag/
699 B
1 KB
Script
General
Full URL
https://www.clarity.ms/tag/il95o8vjrn
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
14d46daf0295dde85657ab55cf28a3117f43551ac7290dedf0ba5d44fc497da2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

request-context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
date
Tue, 05 Sep 2023 15:53:24 GMT
x-azure-ref
09U73ZAAAAAASKHjtcALlS4mtplckgXESWlJIRURHRTA2MjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
content-length
699
expires
-1
st
imprammp.taboola.com/ Frame 1203
577 B
505 B
Document
General
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=undefined&cb=1693929205103&uv=3334&tms=1693929205103&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9791b711-6e42-47e4-9aa8-837db0afe675&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
daab4a0a22070d27f04317209828f0a92f28df472a58883c44809e98d12b1e7f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Tue, 05 Sep 2023 15:53:25 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230122-FRA
x-timer
S1693929205.117057,VS0,VE9
sync
am-match.taboola.com/ Frame BE33
577 B
663 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
daab4a0a22070d27f04317209828f0a92f28df472a58883c44809e98d12b1e7f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 05 Sep 2023 15:53:25 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
741 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693929205107&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1547&pt=1463136322&tz=120&viewable=true&ddast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1402
x-cache
MISS
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1693929205.135015,VS0,VE75
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/
0
44 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=31589837&cb=1693929205103&uv=3334&tms=1693929205103&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1693929202493.1!ts:1693929205103&mntl=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-length
0
server
nginx
generic
match.adsrvr.org/track/cmf/ Frame 1203
70 B
265 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=undefined&cb=1693929205103&uv=3334&tms=1693929205103&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9791b711-6e42-47e4-9aa8-837db0afe675&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 1203
43 B
426 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474?gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=undefined&cb=1693929205103&uv=3334&tms=1693929205103&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9791b711-6e42-47e4-9aa8-837db0afe675&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7665:e1fe:4dc7:2c74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
usync.html
eus.rubiconproject.com/ Frame 8B8A
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=undefined&cb=1693929205103&uv=3334&tms=1693929205103&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=9791b711-6e42-47e4-9aa8-837db0afe675&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://imprammp.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 15:53:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_3_4/infra/
880 KB
144 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693922380
date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEQYM4MR0ZRP5J1
age
6698
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922381
x-amz-meta-mode
33188
content-length
147123
x-amz-id-2
EBlzWPD6iKqbOB4H1z5wHohK8Wh0TTibYEfCs5fBpD2xxbylSU0TWKUB2Q0mV8JFlBxT6dJUGQc=
x-served-by
cache-fra-eddf8230097-FRA
last-modified
Tue, 05 Sep 2023 13:59:42 GMT
server
AmazonS3-br
x-timer
S1693929205.256017,VS0,VE0
etag
"38ea6c5249cc72e909660623b02bf7b8"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
6342
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_3_4/assets/css/
60 KB
8 KB
Stylesheet
General
Full URL
https://vidstat.taboola.com/vpaid/units/33_3_4/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693922399
date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
FPEY0CJZ5CP448HD
age
6698
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693922400
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
gVazDaezCRHQYY8kPxJDod2jVIgirHImf1myU/cjbP0xNs8QizH4a+tId0Tt1JKOHSNppWVNwEE=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Tue, 05 Sep 2023 14:00:01 GMT
server
AmazonS3-br
x-timer
S1693929205.255869,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
8334
clarity.js
www.clarity.ms/s/0.7.10/
57 KB
20 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.10/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/il95o8vjrn
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:24 GMT
content-encoding
br
last-modified
Tue, 05 Sep 2023 13:50:16 GMT
x-azure-ref-originshield
0uTX3ZAAAAADG7ym8WXzCR5rVBZYowHBTRlJBMjMxMDUwNDE4MDQ1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
etag
"0x8DBAE170900AD3F"
x-azure-ref
09U73ZAAAAACG+kNCg5ZeSrUvfSKlFQI+WlJIRURHRTA2MjIANmNmYmVlZTAtNTAyNy00ODRiLTg5NjctNGEyOWFmNzdmMWUx
x-cache
TCP_HIT
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
9ffdcb6f-601e-000d-1600-e0e60f000000
cache-control
public, max-age=86400
x-ms-version
2018-03-28
accept-ranges
bytes
video.min.js
cdn.unibotscdn.com/ubplayer/dist/js/
524 KB
155 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/06/2023 22:30:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
340
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf623-830a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
743ff44baafc3cd6f43a1e4ba9a683ef
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
usync.js
eus.rubiconproject.com/ Frame 8B8A
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26048
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:33 GMT
generic
match.adsrvr.org/track/cmf/ Frame BE33
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474
pr-bh.ybp.yahoo.com/sync/taboola/ Frame BE33
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7665:e1fe:4dc7:2c74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 6359
714 B
784 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
14385
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
801fa51d6e719bac-FRA
content-encoding
br
content-type
text/html
date
Tue, 05 Sep 2023 15:53:25 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sHEAaH9ksK8KIHKqlSdasWNtzI99iOYn6HqB2yAdgW%2BlrCkWF0w5lUZX3gCNSCMvF6ub6QsvK51vcCy40iIWQy%2BtS1t2RGBWYDjj89iOaH7IzIeYIb%2BXyDDB2jLHnNt1LP%2BbKN6ReARae3iDZA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 390E
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 15:53:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 05 Sep 2023 15:53:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Tue, 05 Sep 2023 15:53:25 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame E1B8
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 15:53:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A8F7
714 B
752 B
Document
General
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:467 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
14385
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
801fa51d7e909bac-FRA
content-encoding
br
content-type
text/html
date
Tue, 05 Sep 2023 15:53:25 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UDRRsj8llTKKaePR7z5s0yfDDeDeIk9%2BZfdAcwN%2FOraVt%2F%2FcHr%2FHNqAotAW0SMmadLKPTbabvHbrmkWHY6P%2F4IVGSrZL53M9Xwil9QN016RZAbG4me9Jjm%2FRnpL4aUhi9c3Z35Fv6ELsDHZHFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 79AF
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 15:53:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 05 Sep 2023 15:53:25 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
content_v3.js
vidstat.taboola.com/
16 KB
5 KB
Script
General
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
FRA60-P1
age
1704073
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1693929205.405648,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
WPQDSHjI0-yBKHiRyp0A6R83yvp_1Crbueri-3T9dZgaMPkT7wTTlA==
x-cache-hits
185656
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/
448 KB
85 KB
Script
General
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.4.7/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
e80ab41aa28c4b4ed16b6aa5c8a00ec1b094b866fdc0f72147feaa324829a393

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1693839775
date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
HRC22A5QK3T16WNA
age
89389
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1693839788
x-amz-meta-mode
33188
content-length
86080
x-amz-id-2
trgASv92kd2SdiuQnfqpq1fGKZOJVAdS6uE7WOVq7mFkwVA/Kh/t4NRhGlaeNkiDPt9HKHhUzXo=
x-served-by
cache-fra-eddf8230097-FRA
last-modified
Mon, 04 Sep 2023 15:03:09 GMT
server
AmazonS3-br
x-timer
S1693929205.429825,VS0,VE0
etag
"cf6efc37bc8557b512b19e1e57d64560"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
66574
sync
am-match.taboola.com/ Frame 369E
577 B
671 B
Document
General
Full URL
https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_3_4/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
daab4a0a22070d27f04317209828f0a92f28df472a58883c44809e98d12b1e7f

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Tue, 05 Sep 2023 15:53:25 GMT
machineid
3402
server
nginx
st
am-vid-events.taboola.com/
0
43 B
Image
General
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&cmcv=&pix=31579697&cb=1693929205423&uv=3334&tms=1693929205423&su=3&abt=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-length
0
server
nginx
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame D75A
18 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df7e050aef92df54cbcbb886ca84342716ffbda435a46fe0325725a38400e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7893
x-xss-protection
0
server
cafe
etag
7902720723094393305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame B5FC
18 KB
8 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6df7e050aef92df54cbcbb886ca84342716ffbda435a46fe0325725a38400e92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7893
x-xss-protection
0
server
cafe
etag
7902720723094393305
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
usync.js
eus.rubiconproject.com/ Frame E1B8
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26048
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:33 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 6359
98 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b13aa7b0ce39ef735521da87d92e1fcc5d1eaaea20d54804d1f644279fb15b58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28970
x-xss-protection
0
server
cafe
etag
554 / 19605 / m202308310101 / config-hash: 4851663212883413440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A8F7
98 KB
28 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8b400aea1da7a9c0092a7fc36a4ce67e74e097110cec15d00d611e8cadbe3161
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28970
x-xss-protection
0
server
cafe
etag
317 / 19605 / m202308310101 / config-hash: 4851663212883413440
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
blackScreen5.mp4
vidstatb.taboola.com/vid/
89 KB
89 KB
Media
General
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
FCO50-P1
age
2527494
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1693929205.488353,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
video/mp4
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
z8uBX5rs5yx079LlNzOhRt0m40lBcgssXUNlz-RDQ6Zqn78U46CZIg==
x-cache-hits
703240
collect
t.clarity.ms/
0
290 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 15:53:25 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
L2EvY2h1YW4tcHUtamktaHVhLXRvdS10b3UtZmFuZy15aW5nLXNoaS13ZWktdHVhbi10aS16aHVuLWJlaS1oYW8tbGlhby16aGVuLXNoaS1kYW4teGlhby1ndWkuaHRtbA==.json
cdn.adpushup.com/42753/
555 B
875 B
XHR
General
Full URL
https://cdn.adpushup.com/42753/L2EvY2h1YW4tcHUtamktaHVhLXRvdS10b3UtZmFuZy15aW5nLXNoaS13ZWktdHVhbi10aS16aHVuLWJlaS1oYW8tbGlhby16aGVuLXNoaS1kYW4teGlhby1ndWkuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:ab00::b819:32a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
CH
date
Tue, 05 Sep 2023 15:53:25 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=90, ak_p; desc="1693929205484_3088659109_361236039_9538_1452_20_0_219";dur=1
content-length
555
expires
Tue, 05 Sep 2023 16:53:25 GMT
usync.js
eus.rubiconproject.com/ Frame 390E
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26048
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:33 GMT
usync.js
eus.rubiconproject.com/ Frame 79AF
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26048
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:33 GMT
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/
91 KB
25 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/09/2023 21:21:30
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
a1653ac7fb50fd5a4bb78c137a75941a
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/
84 KB
19 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-165
cdn-cachedat
07/07/2023 01:07:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
1d2536d5096c7a94012c968d53e8cd75
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/
11 KB
4 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-164
cdn-cachedat
08/28/2023 19:09:21
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
02d4e3784222a5b44f5ae512ddfd927a
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/
5 KB
2 KB
Script
General
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-167
cdn-cachedat
08/29/2023 17:57:29
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
d8d02cf08fff82b64591281cc778af2c
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
khaos.jpg
token.rubiconproject.com/ Frame 8B8A
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame 369E
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474
pr-bh.ybp.yahoo.com/sync/taboola/ Frame 369E
43 B
425 B
Image
General
Full URL
https://pr-bh.ybp.yahoo.com/sync/taboola/f6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474?gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:7665:e1fe:4dc7:2c74 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
af4cd1dc-f64d-4074-9112-61991f0ebec6
https://www.bg3.co/
31 B
0
Other
General
Full URL
blob:https://www.bg3.co/af4cd1dc-f64d-4074-9112-61991f0ebec6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
usync.html
eus.rubiconproject.com/ Frame 0213
281 B
554 B
Document
General
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 05 Sep 2023 15:53:25 GMT
ETag
"40010-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
khaos.jpg
token.rubiconproject.com/ Frame E1B8
284 B
536 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 390E
284 B
919 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
khaos.jpg
token.rubiconproject.com/ Frame 79AF
284 B
932 B
Image
General
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/jpg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usync.js
eus.rubiconproject.com/ Frame 0213
34 KB
10 KB
Script
General
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 05 Sep 2023 15:53:25 GMT
Content-Encoding
gzip
Last-Modified
Mon, 04 Sep 2023 23:07:25 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=26048
Connection
keep-alive
Content-Length
10124
Expires
Tue, 05 Sep 2023 23:07:33 GMT
ubpvideos
newsbot.unibots.in/get_videos/
521 B
693 B
Fetch
General
Full URL
https://newsbot.unibots.in/get_videos/ubpvideos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-105-43-230.ip.linodeusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 05 Sep 2023 15:53:26 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Length
521
Content-Type
application/json
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame D75A
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
02fec1882cfd529e6bfc9b4bd4b0192757053f863837f2a174d7ca37ebe15cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51057
x-xss-protection
0
server
cafe
etag
17285001099289993627
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame 6359
403 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2456
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Sep 2024 15:12:29 GMT
js
www.googletagmanager.com/gtag/
263 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
222e0e5bf0bbddf72c71f586407ca51f60f52643453c3bcce27438eb654b482e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
89397
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 15:53:25 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/ Frame A8F7
403 KB
127 KB
Script
General
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:12:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
2456
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129723
x-xss-protection
0
server
cafe
etag
14901160554504536944
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Wed, 04 Sep 2024 15:12:29 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0213
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LM6HPO4X-D-MAID
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
ffef7c53154b04a892ce1f9531c32cb1
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 8B8A
0
239 B
Image
General
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=16698&gdpr=1&us_privacy=1---&gdpr=1&us_privacy=1---&khaos=LM6HPO5A-1F-F90V
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
574abe46412f7df61ec8713ff1a5b646
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generic
match.adsrvr.org/track/cmf/ Frame 390E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LM6HPO5A-1F-F90V
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LM6HPO5A-1F-F90V
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Date
Tue, 05 Sep 2023 15:53:26 GMT
Connection
close
Content-Length
111
Vary
Accept, Accept-Encoding
Content-Type
text/plain; charset=utf-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B5FC
145 KB
50 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e46b5d12f9a0cb106588c0b3329424174c9cbd7a071ef2bf070bff82129394ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51054
x-xss-protection
0
server
cafe
etag
448704607893677854
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 6359
492 B
262 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2185991937045608&correlator=3109919960083476&eid=31077232&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693929205732&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=tq91hmp3qua8&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1208975767.1693929206&ga_sid=1693929206&ga_hid=1633246771&ga_fc=false&dlt=1693929205461&idt=240&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56548adbc9145ce29a21b1ebb0ae03e593c3c9f5160377a5ffcab47322f13a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6359
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de5c1f3576f96ed27dac11c157dec943be3ab80435fe3bd5e5c743c02374a60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11809
x-xss-protection
0
container.html
3e3cee70c05ed1736f82af86df621de4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2A57
6 KB
3 KB
Document
General
Full URL
https://3e3cee70c05ed1736f82af86df621de4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:25 GMT
expires
Wed, 04 Sep 2024 15:53:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame D75A
384 KB
130 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
dc31161647f64487d66d26d3a1cdb0a3ab087bca9736d279509a715f9d14d30e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133294
x-xss-protection
0
server
cafe
etag
2603762185771655287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/ Frame 8BDF
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230830/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
83009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4437
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 16:49:56 GMT
etag
9878862242593084568
expires
Mon, 18 Sep 2023 16:49:56 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bulk
trc.taboola.com/palmate-bg3co/log/3/
0
304 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi48=11593&tvi50=9563&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
74
date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
64218
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1693929206.842077,VS0,VE74
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 8B8A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE4ZDE3YTQzZmQ1MWZhNmMxNjIxNTI4Mzc3ZjQ2ODkwODZjZTIyNA&gdpr=1&us_privacy=1---
170 B
243 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE4ZDE3YTQzZmQ1MWZhNmMxNjIxNTI4Mzc3ZjQ2ODkwODZjZTIyNA&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTE4ZDE3YTQzZmQ1MWZhNmMxNjIxNTI4Mzc3ZjQ2ODkwODZjZTIyNA&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8B8A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP6D99XigUzddX1vmMNvyEw&google_cver=1
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP6D99XigUzddX1vmMNvyEw&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=1&put=CAESEP6D99XigUzddX1vmMNvyEw&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 8B8A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=1&us_privacy=1---
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM6HPO5A-1F-F90V&gdpr=1&us_privacy=1---
0
649 B
Image
General
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM6HPO5A-1F-F90V&gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: AE864356CF9B4DFBA3866F22BE086084 Ref B: ZRHEDGE1208 Ref C: 2023-09-05T15:53:25Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEnqCYt/097Xy7STgnmg==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LM6HPO5A-1F-F90V&gdpr=1&us_privacy=1---
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 8B8A
70 B
264 B
Image
General
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=1&us_privacy=1---
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 8B8A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=1&us_privacy=1---
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TE02SFBPNUEtMUYtRjkwVg==&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&gdpr=1&google_gid=CAESEMuOlyL2uvtg42wpeQ8JEvo&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE02SFBPNUEtMUYtRjkwVg==&google_push=&gdpr=1
170 B
232 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE02SFBPNUEtMUYtRjkwVg==&google_push=&gdpr=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
H2
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TE02SFBPNUEtMUYtRjkwVg==&google_push=&gdpr=1
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
Expires
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 8B8A
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B
Image
General
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 15:53:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
XPRJEY9RXZFJEWEZ149S
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 15:53:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PWVXHFH4EXR53GA2R3M9
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8B8A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=1&us_privacy=1---
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/UBAGXiniyLsorLiIWsbCFMn5EUdSAgOZEtemQ7w0kco?csrc=&gdpr=1&us_privacy=1---
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuIOGZ5E2oIDvdGAf0hc4XSZwC.I45dseebmvw--~A
42 B
689 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuIOGZ5E2oIDvdGAf0hc4XSZwC.I45dseebmvw--~A
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
c1913d0f161dfd12bb229b87994a2d1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 05 Sep 2023 15:53:25 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-SuIOGZ5E2oIDvdGAf0hc4XSZwC.I45dseebmvw--~A
content-length
0
dcm
s.amazon-adsystem.com/ Frame 8B8A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
43 B
568 B
Image
General
Full URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 15:53:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GAXPGFNER8V28APAAX8N
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 15:53:26 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
31CGYJJWN0H01YZ080Q0
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&gdpr=1&us_privacy=1---&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
45 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=7195&cid=315367280.1693929206&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693929205&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:25 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame A8F7
492 B
266 B
Fetch
General
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2614511518444517&correlator=3440255687622521&eid=31076398&output=ldjh&gdfp_req=1&vrg=202308310101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1693929205859&lmt=1644382753&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=m063oztbs73p&oid=2&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=179722300.1693929206&ga_sid=1693929206&ga_hid=1221992837&ga_fc=false&dlt=1693929205463&idt=326&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
923e76d3f3b8825dc55d96a9524750bb114a7180465316755f562f562479b1eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
235
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame A8F7
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308310101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4cc2dea1792192c12d29d0936122cfa8e5827b9216c28a95a3769e7eb78799e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11756
x-xss-protection
0
container.html
0c88d885d498c7483d95dcd3213fbff4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D60B
6 KB
3 KB
Document
General
Full URL
https://0c88d885d498c7483d95dcd3213fbff4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:25 GMT
expires
Wed, 04 Sep 2024 15:53:25 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6359
17 KB
7 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 15:53:25 GMT
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/
254 B
775 B
Image
General
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Tue, 05 Sep 2023 15:53:25 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
5163
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230122-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1693929206.896220,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
97
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
3149
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/ Frame B5FC
384 KB
130 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
337625c76e5d14f76145c31cda5644a650b43407c1ee7ed3ecefffbbbadabd2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133294
x-xss-protection
0
server
cafe
etag
8277969249713582361
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A8F7
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 15:53:26 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D4C7
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
15833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:29:33 GMT
expires
Wed, 04 Sep 2024 11:29:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 38FB
829 B
1 KB
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1008dc8a3d9789fc1a035d16145b2595cc56b41933bbf4ac6f0fa040c8137a29
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0L2T7wkvnthv2Ery2e11mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
534
content-security-policy
script-src 'report-sample' 'nonce-0L2T7wkvnthv2Ery2e11mg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:26 GMT
expires
Tue, 05 Sep 2023 15:53:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame D4C7
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 15:47:22 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame D75A
379 B
596 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fd9f808a4229edd544b7718c2fe92bfad5ce537168d3d4825d7aa53ded8bd130
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
244
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3F99
87 KB
32 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5e4751a5435dc69526d2e6235a0db31e3c81313cdeacab900c9aaf19942478a3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
32771
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame D75A
15 KB
11 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1cdf8ee05afe5f66007e7d15fae98173a1e18c4b8613dfc61d0e986d8cfce62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11731
x-xss-protection
0
collect
t.clarity.ms/
0
290 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 15:53:26 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07C6
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
15833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:29:33 GMT
expires
Wed, 04 Sep 2024 11:29:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1B66
829 B
763 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
1a918809db37ea00ff8746ae061554015d5a2f0700ed3eeaa83329e384ff6713
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-A11ChaBrnI5TriqeJGdymA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
535
content-security-policy
script-src 'report-sample' 'nonce-A11ChaBrnI5TriqeJGdymA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:26 GMT
expires
Tue, 05 Sep 2023 15:53:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar
pagead2.googlesyndication.com/pagead/ Frame 38FB
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=2185991937045608&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 07C6
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 15:47:22 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame D75A
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 15:53:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1B66
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308310101&jk=2614511518444517&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cookie.js
partner.googleadservices.com/gampad/ Frame B5FC
12 B
53 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame CB0E
91 KB
33 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5ca3fe9f244847981b851beb861bd6d968e47c4ed3a02a470915af957d2b609
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
33404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:26 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame B5FC
15 KB
12 KB
XHR
General
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230830&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3b2bfd66561266bbac0152ff142378268d096faac6981f3116dbaab0a5d6f1d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11830
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame D4C7
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?fzHmow
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1B4C
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
15833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:29:33 GMT
expires
Wed, 04 Sep 2024 11:29:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 803D
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
69a18d2585536369ce97bedeb5edd74afd71de7c93963b73df19a0f9d6c50f29
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ZxqzbmIa1ctuPMF5BM9JWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-ZxqzbmIa1ctuPMF5BM9JWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:26 GMT
expires
Tue, 05 Sep 2023 15:53:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B5FC
17 KB
6 KB
Script
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 05 Sep 2023 15:53:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 803D
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=2805183193328812&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 1B4C
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 15:47:22 GMT
generate_204
tpc.googlesyndication.com/ Frame 07C6
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?Tnu5Aw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3DC3
13 KB
5 KB
Document
General
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
15833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:29:33 GMT
expires
Wed, 04 Sep 2024 11:29:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame E306
829 B
559 B
Document
General
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
9c4520ea7aff08690fff632460ce747f14d8591d9333a536b8065b4196d1dbd8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ujaGY3IS70SrlfF-TDV9cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
537
content-security-policy
script-src 'report-sample' 'nonce-ujaGY3IS70SrlfF-TDV9cQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 15:53:26 GMT
expires
Tue, 05 Sep 2023 15:53:26 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 3DC3
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86764
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 15:47:22 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame E306
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230830&jk=2040814525307947&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

generate_204
tpc.googlesyndication.com/ Frame 1B4C
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?8KJp8A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 3DC3
0
10 B
Image
General
Full URL
https://tpc.googlesyndication.com/generate_204?xsrQqQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
js
www.googletagmanager.com/gtag/
266 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
97470cb7124788f03093b5ae2ca9f7ee625d3003da68f48c37d1b71f481590bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90566
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 15:53:26 GMT
js
www.googletagmanager.com/gtag/
266 KB
88 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
53f7dfa1ee89cab281f1e0f0d5dbb60463a942eca94bf75d4449efa2089a0d56
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
90534
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 05 Sep 2023 15:53:26 GMT
73e548e3-db54-4055-b48c-0a74915cce8d
https://www.bg3.co/
1 KB
0
Media
General
Full URL
blob:https://www.bg3.co/73e548e3-db54-4055-b48c-0a74915cce8d
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
f369f026-13c2-40a4-9083-4572abd3eaff
https://www.bg3.co/
1 KB
0
Media
General
Full URL
blob:https://www.bg3.co/f369f026-13c2-40a4-9083-4572abd3eaff
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/
380 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
177 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
351 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/
242 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
player_logo.svg
cdn.unibotscdn.com/ubplayer/logo/
2 KB
1 KB
Image
General
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/player_logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::864:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-864 /
Resource Hash
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
cdn-edgestorageid
860
cdn-storageserver
DE-677
cdn-cachedat
08/17/2023 06:30:53
cdn-pullzone
873945
last-modified
Thu, 17 Aug 2023 06:20:20 GMT
server
BunnyCDN-DE1-864
cdn-fileserver
655
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
df4861624f4b56fec9ab98ca5550e253
cdn-requestcountrycode
CH
cdn-status
200
cdn-requestpullsuccess
True
bridge3.587.0_en.html
imasdk.googleapis.com/js/core/ Frame D8A1
720 KB
231 KB
Document
General
Full URL
https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
72704
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
236429
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Mon, 04 Sep 2023 19:41:42 GMT
expires
Tue, 03 Sep 2024 19:41:42 GMT
last-modified
Wed, 30 Aug 2023 15:21:00 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/
44 KB
17 KB
Script
General
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 05 Sep 2023 15:53:26 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B24F
40 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:15:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2272
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 05 Sep 2023 16:15:34 GMT
playlist.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/
171 B
836 B
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/playlist.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
cdn-edgestorageid
1055
cdn-storageserver
DE-661
cdn-cachedat
08/18/2023 10:37:57
cdn-pullzone
829957
last-modified
Fri, 18 Aug 2023 08:18:43 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
637
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
d4746550a42b4afcffcd3c34a6de6d62
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
75e45cc6-0d4a-4607-ba8c-b839cead031c
https://www.bg3.co/
5 KB
0
Other
General
Full URL
blob:https://www.bg3.co/75e45cc6-0d4a-4607-ba8c-b839cead031c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
4896
Content-Type
application/javascript
3bceb196-7766-442c-9d2d-23dbc2da5f8f
https://www.bg3.co/
76 KB
0
Other
General
Full URL
blob:https://www.bg3.co/3bceb196-7766-442c-9d2d-23dbc2da5f8f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
b5867199-5809-4a45-a323-84108e25bd87
https://www.bg3.co/
76 KB
0
Other
General
Full URL
blob:https://www.bg3.co/b5867199-5809-4a45-a323-84108e25bd87
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
77931
Content-Type
application/javascript
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-700YDXWXPV&gtm=45je38u0&_p=7195&cid=315367280.1693929206&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1693929206&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-700YDXWXPV&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/
4 KB
4 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
sodar
pagead2.googlesyndication.com/pagead/ Frame 6359
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=2185991937045608&bg=!MjGlMX7NAAYHwnCgJ8I7ADQBe5WfOCle4m6ROeIXDa-gCm4z0B6Sdr98YyOFIG6VaAx3OQL9PFAJbr5_HuOKrtWMknxqAgAAALNSAAAACWgBB5kC2zwA8oJMxeuuV6056ktWHB6IvAADVqmbwutEfI9NmDlzDEoEE0lwCKW8zF0u1M8VE5BsT6_xSS3oT1UzRBdBbnyDvvOFH82FCut-C4VofTSPvWqgWfxX-q0TT3i6pLOArt63AX6cwkt_SOqEBtaMuni9ccckKjhOLENafp2whccNaNLt12dlJzEmYlDwLetybAB2GkPQyRIgYFT663hGY5J8OvgHrvzAhPBgLYDUNsupvovr-969wFccvWTbaGpQt39-lq8nQvKGiYpVViOd5GHRcY_HupjpMaVSGbmu8EflCxlJpxVPkBZxt_zekxi0fvI4BzLS_phgrYvR5WTL-iuTrwspo0U0she8G15Nsw4y8Rmr-skQQBt6L9JrYhYjPX9ENv5pnCHHUgUWbhDtRbO8MdwBh-x6ocf797VuGCD1waCKl90TtkrRbiWFZtPSWeDmsohTQuKd0qZnwHnA_QLd_G_INZpDPoWNVGYYarM745NYMlS2niKOB5LzoJw228PpCxHKYnTRENG5fC0BONV7xR2UvFA89AdCaprJDgN-Dg6yTcN3JiUm50KhkBgVOWPFOr4cvNrKV-sXWevMGFW3aNONw83iS1l0LDZLS4IygAbI8H2z6WWsMftAF5RANlBUEF4ldFaZFbsPsGpR_TcpPgagLith__xhJksJUqavhbI8pz_hxlmM0Sm25fuv2OO5xDha5HsnAcf7c6FEws--LKIP4O87PH4-UGJZIf9FG2jDwfjV4bIRsX9YRftgc79abbltmkYdxRvDwul5ei_tWaWwMYt3OMKKItAR7du7sjGRm0Cj82o1qUZ4NtZvsJwdEI2I4Zee6BTkwK8EfWLlyTqwgoYOugAysFQTIwR2QgkF3rwIaR9kd6geCdUJ5nx1hGtq78VI9Ai0u3bGSZI3vgA5oo7DOwLb2VOocm1R6ssiudn3-sj6Lj6F1EwxqvRUCZ_W-9tFA5pG
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ads
pubads.g.doubleclick.net/gampad/ Frame D8A1
156 B
676 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1360327349020912&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=DE696007-536F-489B-919D-08E09B0FC491&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dt=1693929206857&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&scor=4496067247663217&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame A8F7
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308310101&jk=2614511518444517&bg=!MDOlM3zNAAYHwnCgJ8I7ADQBe5WfOEgCaRJej8CJg2S9GNeMPSEjiVZ7k55KCrZXOZ42E9As12OjrmMXvJumg7xnwaxpAgAAAI1SAAAACGgBBwoAsiSiRSWI6NVt75g78ivmWl9nBkYvlr3uNOF22xhNA2EM-ghDgiJh7vTuptDqeUqkJK-R4966WDvy2gvttKnbnma40aKUl8Y7Jif7bz33jdVo1RuapmNllV_Q0J600UrUUTF3CjuXp1iYLmL9Zpz2SExF398UUq-zzh-wpKyRn7n9h_mY-ELEbC-V0opofHczjc4ZKaWvCWfSpMQ5jFAcGWEnpo33QsX3yhNvHedLInjtyXSZAsJleklY5X_MdVUeYt3h4ssrdxxwn_pOsAE2k0FfBL5qXpFdKekUU9rauJQBfV8yFWNw0UzKh0jGO0jZ8HuZTleGrKvSJvCgo-nD5rD-vD33Zxy6ix3vekc87_8edMcAywiJ2ZKd3zkCvXQ_wUKOHwMNjxQsDsl5lT1iyOjMzvknQW-Y4YDK-oDTRE_5bnhJ0bcY2mOsAhPwI1PqOOhTeG1phO4_QLZX7GKgKWZD4PSEiV-5qIBA6dAiggdP6CC_DiN7q81ETUcWsA_B6dzhCjxa5wnrPoYxPwYqSX5Jw0M9t1H9JC66xp5zqNOWI4-tmIaQ8Zr4tsssrgUHOkNrmHQ-H0J69jYoXKeXV7wTAfLtmUc3dQweM2T3SxuxgL4BKv1ybq2Sibcdpl5XW9SvqTFLGVVTv7rngBlr3sLNiOkc7-jeyFRvvrmh_PF13opi4sx-tyGEAiOG0IV-KPrt9np2YurlPQS4FVEV82Z5bsQ9HLRZfHjQeAQlHJvAYxxi9dW9X58otldoj_Lvk4qkmonzfShV9D7cLZTWUYMKhqBeT5LD_yR3lNAuvLAdNV_7_BNpHV9HiVzRFZyn8s3f009dIVQAjSd33OfkIos3V5QfQitmUf69o_XXUyitO6UKIn9f0kJ3OufWLRSkcKmBjmMaaCDuEuAmdMpF-8TjbGzoNw5G3kf1e0dxpB3V9J5NdLccZNk8ttdF1P3OxNklp5A5xVEwgkr5Z1NVfvFuNUkOCMxhDGB1hfYWauEe9O_fVT2U497hjHvk57wRuqE_zWPvPjfpM9K_NbIRY0NAFZngg4Od6JTjwM1giwGjWKJabPuBHKLBwRn0wxzOuPAf2T4VNASWUbUcQoaTENvdXFROmqeH8tGkrbRpgicThFhdrlxXsWgrd92lp2Wp_ADhMoxlnspdh596WqE6rMPPW7iBgDPj
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame D75A
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=2805183193328812&bg=!FhWlFVrNAAYHwnCgJ8I7ADQBe5WfODqMOZIaymCl1GtqwdqJXrg5nfn4fmQdREb9Wp5XAxtY8tgsSJfY9BMobpv2x1cFAgAAAHBSAAAAB2gBBwoAiyydOzpgF0-2d52bSAKhEb-8iAxOnKygerShJAQRYW9KU8TdxKt0Cyzqj7cFTGb8gJyQ8GofNAiPI3eVO7HJVWvime7xzrGTzrBstJuX8MZ0RS1ojIbWbc7VGV9p2c5kyOxEyK7MiAsNcCOQNKuw6LpF4q30LjyUhBaqH8uWcoTMtU4j-jaLH46MtBeZAr7YT6L2LeEPqWCa7_-r-3wpN5mLioeUk1RilDXqdd9Wi5UPoULW6VJD7gzffNYD-7NkGtr9shn41Jyf2a4fwkmwhhxL4NTHUUPKdo-p3Pjww3QGImeo4v_c2aVbqSgd6Fa15wGKPhJZDNfA9_CQ6kBcbDRAFbAlsqmMPmgOkJeR1AbB25ODNHujsEmzLj4bezcUR1C7XtEhNj-pr2vTmyO7fV7NuDe6MQ_9GMDOojoQxWk1uAqgE7my-6a7Lyi-dQmNpnFQ4PsW1egl5nrnY7_QJJQYCAG9cSdtXza7jfKlVQ9Lvb-kmXtUjSym_RJHnIv44JiRu07__XHf1qcV9y0OwoGWEt_dTtOzOepGcwxHF0mjxkdzYlpDaITrEMFRb2GWEZl8DBkOgxmk3ry7MqBrPl1tUpUTVN0Yu_X8m85PDhwmf8u79zUsX3rpGuyS6pc2N-NXPa3CJyiqHJYPYrgSD4xG6NT7LckQ2afoydyyLZJrV4lssvonY3i5eKJnEnTRVNqzJTvqUs_Lq4Vu1NGPrzlcrvWu5mxqOHcWXrYs_VySCnXJUFd6450aC3I6nsYR_qgrPkrKC0kP8ae6uUr7GKUSdBbqq7iDU4nkXxUIa__Ztq50P_aOVviiAdxXvLVrx36aXrLB-bTbXbo891DpezcA3B7IE7UxmZT0hqtQ4wHvMuyq-FWQzVYyHe-8qxW_MJycbOpJhdNO0TUYHhqeId9AsGV6SnGQbiVLspRh3tFaZKPKaPXpBIMh1ETzj6bincEu9hOvBUWBitlCI15LdW8gh0Hkm6aOyXMNnDonXR-iVeP8BgTAp7NZyW6bDr_F2jqayL7JMyZacB0CZX9azoPmBs-Drnnl_QlzZrlKDazaa9jCpNTEvpnqrnT2EBVveuSLEOC1eKW6Pk7BupQAKB970mmaoeM9bqk2ixg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

sodar
pagead2.googlesyndication.com/pagead/ Frame B5FC
0
0
Image
General
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230830&jk=2040814525307947&bg=!_v2l_bLNAAYHwnCgJ8I7ADQBe5WfOJSj6cm4ISQZCQ7arkZBb2mxSGnYpilUhiD4dWkP4NUKJ7jlzv4vCRE_hHkn8rnRAgAAAFRSAAAABGgBB5kCwBEoW67JKZ2ZjK4RGzFroIOsVBbZn8_UiPWuEbL2cW9FZ1ML8E05aeoBP5djJY3gzmOBiY4a-ik-c1iJRxCrVuJ4xa6p8w4Le0KBPF73SoFFPLcuTTmhI4QpNYLnw-OcaOdfp3jJV-Ul_DIzYPQwER0gL3aIGp92KJ163WFSnCQsQtVcextJbYEafd6X51g0o_Cfv8RDRZbyj59CO8VUxyjFOcodu3vTsWxVOcdFH0E9LhPS6UOywXs99u17i5sENRlYQ4PmgATPZiB4yrMFSCmKGotlYKwmzI5eswdOyezskUMPkGYfTrntFAhAIbM50GM_vDWWqrCCN_YSWi4Th0cVEGPCkFaGslxhEn_MG5C3s5M0UD27b0p2v0v_dbLj6TjOYc8jsgigKsD9Leq92-52VPqVD1MlCDSglRpcreacdlGnHCR4aZVf_1RSjzIg08SYO-ebLM6kvCrajL4Y1hzXrPuBfpki--7vVbDU7IFW6na9oXDiBZhm1ZeGwZsAYMk4fkYSuUIB6_ONq2kqlzT9ULufG9pnzqtd7JXs0NNrCae1d2Tu-GJoKghAOJT3t_K9TscsPYFtVPOJpaEmDDUlJLTjP7at126ZDYqq_8howmHQewtSZDMmt-2V0t9HoR4VMoF4QU5nF6dGrdqhTieSAtd4H6MdvLYa3pR313mYEVxPzCoylUwacis3fVxonCWyb6YhUe7S2vUyj9h6IBF4VCsAjAf9OepfVJ1JFvKLPE8jg9I6GGhF0tRLD5HLV8iniriKeFzOMdDc-YK3MewRVGe8tj4QdU20LPb0UgyWe85VBZzn3N8Kw_CwvsH7txY1wVN-1RA23v5iXR519vkoWEF0U-jPS-bk1Kfno_TEPrJ3wIWsRzvZf0p9GB3GXi5b_A30vrtCmgZB2cjzXr9sGTlR1z9Xbag-UM2G86nc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

css
fonts.googleapis.com/ Frame 3F99
6 KB
802 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 14:00:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 15:53:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3F99
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:54:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame 3F99
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:54:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3F99
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
15838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 11:29:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame 3F99
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:54:13 GMT
l
www.google.com/ads/measurement/ Frame 3F99
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXFEAs3gXoN-wYtqqFcIBP9KtkVjMwbNGHhNmXmE1b8Zg1SXVr5NJ_MwKbIn-F1G8dEE0EIAQDgjIa7r7V7yMwSMcWKg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3F99
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:27 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame 3F99
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
css
fonts.googleapis.com/ Frame CB0E
6 KB
779 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 05 Sep 2023 15:34:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 05 Sep 2023 15:53:27 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame CB0E
2 KB
892 B
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
865
x-xss-protection
0
server
cafe
etag
5051423035144352294
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:54:13 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/ Frame CB0E
23 KB
9 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9067
x-xss-protection
0
server
cafe
etag
16184311534176170479
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:54:13 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame CB0E
3 KB
1 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 11:29:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
15838
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 11:29:29 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/ Frame CB0E
20 KB
8 KB
Script
General
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230830/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 13:54:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
7154
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8273
x-xss-protection
0
server
cafe
etag
16365778639179992903
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Sep 2023 13:54:13 GMT
l
www.google.com/ads/measurement/ Frame CB0E
0
0
Image
General
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRB54kDvBvA7vyRbeezv4YMYh0IJ_REeXGSfDF2S3ZurlxCjxyRKUFC8OVwjQ9BHBUCKXTqT5hYNC-R0BZK0dKiZHwXCg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CB0E
181 KB
57 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57780
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1693394992224923"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 05 Sep 2023 15:53:27 GMT
3c1ec1505caf618a1f8c049839112e9c.js
www.gstatic.com/mysidia/ Frame CB0E
36 KB
15 KB
Script
General
Full URL
https://www.gstatic.com/mysidia/3c1ec1505caf618a1f8c049839112e9c.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 02:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395058
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15058
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 21:27:39 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 30 Nov 2023 02:09:09 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1075
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
16768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 06 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
video.m3u8
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
5 KB
1 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video.m3u8
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
cdn-edgestorageid
1055
cdn-storageserver
DE-664
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
646
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
a91364812c5b6f12d73ee9485e23f185
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 7836
1 KB
643 B
Document
General
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
16768
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Sep 2023 11:13:59 GMT
etag
48472445140208031
expires
Wed, 06 Sep 2023 11:13:59 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2076313506083323656
tpc.googlesyndication.com/simgad/16239459064928912468/ Frame 3F99
42 KB
42 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/16239459064928912468/2076313506083323656
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88211f1be0b9c592df15da542b4cedc1acf3b32caf4922bb4e9a18e74870311e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 03 Sep 2023 13:49:33 GMT
x-content-type-options
nosniff
age
180234
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43206
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 06:57:48 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 02 Sep 2024 13:49:33 GMT
truncated
/ Frame 3F99
218 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
edb5ffc156c3276bc935d69a50882ea4e0c2ff7f8533531f06390c5c5687ecf3

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
14763004658117789537
tpc.googlesyndication.com/simgad/1266882484344292805/ Frame CB0E
25 KB
25 KB
Image
General
Full URL
https://tpc.googlesyndication.com/simgad/1266882484344292805/14763004658117789537?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c6395d9162f7f95af0cf8d2bc4628712236b92bf85a33db9dc4cad670d66133
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 15:40:17 GMT
x-content-type-options
nosniff
age
259990
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25321
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 06:00:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 01 Sep 2024 15:40:17 GMT
truncated
/ Frame CB0E
209 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 3F99
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5491545feecabbedf0c2a6f375d0f9e103731a316835347cf4081c0cba842d19

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
video0.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
310 KB
311 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video0.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
1076
cdn-storageserver
DE-677
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
317720
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
636
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
4792a5dec4c6d545d846a2637ba34180
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEKHeMv5MYzN3AM8tGfwIrC4&google_cver=1&google_push=AXcoOmT2nZgNE6TVR3n2XNt2XiXGPSq_Uyw32ztFZe6TNaLIxhThM5tlwN45UzrT4kZ8IzuuSB5qxtLJmnG2qP4Fy-pCyT5VMh8
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT2nZgNE6TVR3n2XNt2XiXGPSq_Uyw32ztFZe6TNaLIxhThM5tlwN45UzrT4kZ8IzuuSB5qxtLJmnG2qP4Fy-pCyT5VMh8&google_hm=UjMzNjQ1XzEwODg5N...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT2nZgNE6TVR3n2XNt2XiXGPSq_Uyw32ztFZe6TNaLIxhThM5tlwN45UzrT4kZ8IzuuSB5qxtLJmnG2qP4Fy-pCyT5VMh8&google_hm=UjMzNjQ1XzEwODg5NUIwNF83RDQzMzk0NA%3D%3D
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AXcoOmT2nZgNE6TVR3n2XNt2XiXGPSq_Uyw32ztFZe6TNaLIxhThM5tlwN45UzrT4kZ8IzuuSB5qxtLJmnG2qP4Fy-pCyT5VMh8&google_hm=UjMzNjQ1XzEwODg5NUIwNF83RDQzMzk0NA%3D%3D
Date
Tue, 05 Sep 2023 15:53:26 GMT
Cache-Control
private
Strict-Transport-Security
max-age=-376933984; includeSubDomains
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
345
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEFtLVJHAz_ijsZ0g8PWyMlY&google_cver=1&google_push=AXcoOmTWVXqygmNbVtmh8ViFWNsfwGkBWZ1fjMfx3KvlDngZDj-CKFyaPz6ObPs_0Pxc6lgdq3CTO...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTWVXqygmNbVtmh8ViFWNsfwGkBWZ1fjMfx3KvlDngZDj-CKFyaPz6ObPs_0Pxc6lgdq3CTOkTZ59DL2a_D9BVU267sAys
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTWVXqygmNbVtmh8ViFWNsfwGkBWZ1fjMfx3KvlDngZDj-CKFyaPz6ObPs_0Pxc6lgdq3CTOkTZ59DL2a_D9BVU267sAys
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 05 Sep 2023 15:53:27 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 3FC0C82F7383457DA8C6FB7D54BBD8B5 Ref B: ZRHEDGE1208 Ref C: 2023-09-05T15:53:27Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AXcoOmTWVXqygmNbVtmh8ViFWNsfwGkBWZ1fjMfx3KvlDngZDj-CKFyaPz6ObPs_0Pxc6lgdq3CTOkTZ59DL2a_D9BVU267sAys
x-li-proto
http/2
content-length
0
x-li-uuid
AAYEnqCseR8fVb9BVIroPw==
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEJMnQ5GOj78gpBpXHW-9F-Y&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJjZjZhZmItZTA2OC00OWFjLWIzYjYtMmNhYjIyNzc3NmNj&google_gid=CAESEJMnQ5GOj78gpBpXHW-9F-Y&google_cver=1&google_push=AXcoOmT3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJjZjZhZmItZTA2OC00OWFjLWIzYjYtMmNhYjIyNzc3NmNj&google_gid=CAESEJMnQ5GOj78gpBpXHW-9F-Y&google_cver=1&google_push=AXcoOmT3Dt2tbSbSQLZhraRhB5rgw_QxfZ4hA41X29sMD1shlmnd6mfab5mlU8CGoxb4ocFUmdS1Zdnh64G99fEnXkEe7d9DzFc
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=NzJjZjZhZmItZTA2OC00OWFjLWIzYjYtMmNhYjIyNzc3NmNj&google_gid=CAESEJMnQ5GOj78gpBpXHW-9F-Y&google_cver=1&google_push=AXcoOmT3Dt2tbSbSQLZhraRhB5rgw_QxfZ4hA41X29sMD1shlmnd6mfab5mlU8CGoxb4ocFUmdS1Zdnh64G99fEnXkEe7d9DzFc
date
Tue, 05 Sep 2023 15:53:27 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEOqm-6fLy7aNarx79NZ9GhM&google_cver=1&google_push=AXcoOmRnFZqpi8CTa5tP77Qo52bcgyP4N-Rfo4PgYvydUOnDm_IQQTnY_uCCM0o7MCbTVwdtINagLx70KYUij6YylxCf3sSDjQ
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NWE1ZTliOGM4OTU0NDY2YThkNDE2ZGNiMzlmZTYwMTE%3D&UIDF=CAESEOqm-6fLy7aNarx79NZ9GhM&google_cver=1&google_push=AXcoOmRnFZqpi8CTa5tP77Qo52bc...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NWE1ZTliOGM4OTU0NDY2YThkNDE2ZGNiMzlmZTYwMTE%3D&UIDF=CAESEOqm-6fLy7aNarx79NZ9GhM&google_cver=1&google_push=AXcoOmRnFZqpi8CTa5tP77Qo52bcgyP4N-Rfo4PgYvydUOnDm_IQQTnY_uCCM0o7MCbTVwdtINagLx70KYUij6YylxCf3sSDjQ
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=NWE1ZTliOGM4OTU0NDY2YThkNDE2ZGNiMzlmZTYwMTE%3D&UIDF=CAESEOqm-6fLy7aNarx79NZ9GhM&google_cver=1&google_push=AXcoOmRnFZqpi8CTa5tP77Qo52bcgyP4N-Rfo4PgYvydUOnDm_IQQTnY_uCCM0o7MCbTVwdtINagLx70KYUij6YylxCf3sSDjQ
date
Tue, 05 Sep 2023 15:53:27 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKuHh9rzoc1ODoaafHdf34Y&google_cver=1&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5J...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmTG6K39TsHgx0rREvNrgsflsU5AHO_X8J46jxCrTpQSI_gEXB5JkBi_okhNfhVUPWS9d-tCVZOoC82r2xO7FMf_D05j2AE
date
Tue, 05 Sep 2023 15:53:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN-1kH1QLEApBtJE9s-xY7U&google_cver=1&google_push=AXcoOmQBa9Qi_6-N-fqwgpeVDvqPnkYZtzB236AhV1GHEsju2lPqBsqDbowFARUG2gYQnlgQ9eo7dt...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQBa9Qi_6-N-fqwgpeVDvqPnkYZtzB236AhV1GHEsju2lPqBsqDbowFARUG2gYQnlgQ9eo7dtbQr4ChygjCd6mKBHS6Qw&google_hm=Njg4ODY2NTc3...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQBa9Qi_6-N-fqwgpeVDvqPnkYZtzB236AhV1GHEsju2lPqBsqDbowFARUG2gYQnlgQ9eo7dtbQr4ChygjCd6mKBHS6Qw&google_hm=Njg4ODY2NTc3NDE2NTQ2NTU1Nw%3D%3D
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmQBa9Qi_6-N-fqwgpeVDvqPnkYZtzB236AhV1GHEsju2lPqBsqDbowFARUG2gYQnlgQ9eo7dtbQr4ChygjCd6mKBHS6Qw&google_hm=Njg4ODY2NTc3NDE2NTQ2NTU1Nw%3D%3D
date
Tue, 05 Sep 2023 15:53:26 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1075
Redirect Chain
  • https://ius.ctnsnet.com/int/cm?exc=1&acc=crimtan_holdings_limited&google_gid=CAESELqszEge82RT6nKQ1hy6bQk&google_cver=1&google_push=AXcoOmQsMTKcwe06ILTTLeWKx90i2QR9FRAc4pOd56tkMXahH5b7qeIDy_6Npnuvd4...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQsMTKcwe06ILTTLeWKx90i2QR9FRAc4pOd56tkMXahH5b7qeIDy_6Npnuvd4qmH7qEirnjb3iu_3549SUbt5J89RHfFee2&google_hm=jTF...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQsMTKcwe06ILTTLeWKx90i2QR9FRAc4pOd56tkMXahH5b7qeIDy_6Npnuvd4qmH7qEirnjb3iu_3549SUbt5J89RHfFee2&google_hm=jTFhGAjfS9K737eKvEiSeII
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:26 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_holdings_limited&google_push=AXcoOmQsMTKcwe06ILTTLeWKx90i2QR9FRAc4pOd56tkMXahH5b7qeIDy_6Npnuvd4qmH7qEirnjb3iu_3549SUbt5J89RHfFee2&google_hm=jTFhGAjfS9K737eKvEiSeII
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 1075
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I2uvLifvZNQt0Hum23YWaOYQdavufRZDbi9ISkzSHdMIk6COXoaTf-ynninNvPdneqRT6xqw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame CB0E
215 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0382ebb29ff8a7ed6b486bd47762c0e90a64b9ea1be4b3d3ec469e1f51dbe441

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
noop
px.owneriq.net/ Frame 7836
Redirect Chain
  • https://px.owneriq.net/ecmg?google_gid=CAESEIdKIH9Gkd2Sm9c4CL7qeyg&google_cver=1&google_push=AXcoOmRk81LamaKjb6PscFrQt4c2Jkx4HCNefBBxVsSARSZjiVVMzmBZ3cVhg2Cpz_tsuHgG1wA5TQ7enWCOe5eIoxiWUThTCtsaS8HS...
  • https://px.owneriq.net/noop?ct=image%2Fgif
0
287 B
Image
General
Full URL
https://px.owneriq.net/noop?ct=image%2Fgif
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
HTTP/1.1
Server
104.86.61.128 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-86-61-128.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) / PHP/7.3.33
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Date
Tue, 05 Sep 2023 15:53:27 GMT
Server
Apache/2.4.6 (CentOS)
Connection
keep-alive
X-Powered-By
PHP/7.3.33
Content-Length
0
Content-Type
image/gif

Redirect headers

Location
https://px.owneriq.net/noop?ct=image%2Fgif
Date
Tue, 05 Sep 2023 15:53:27 GMT
Server
AkamaiGHost
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 7836
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RJ00qQeIQ6CtCJVTVPIlkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RJ00qQeIQ6CtCJVTVPIlkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTISdaIiLZMPQj-igqbfcX9y4lNUUZCydGnidW59tU3ozrwdSs3h7h6y9Xz1n50JkQJBxX4hYoRwyAwA2y0Phv_RJDGc-ICFTNDBatdhdv3FoXG5-uKW6iPqMmLVZVZG2N84SCEIyV5cynS-O_Tw6Ga
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=RJ00qQeIQ6CtCJVTVPIlkg%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AXcoOmTISdaIiLZMPQj-igqbfcX9y4lNUUZCydGnidW59tU3ozrwdSs3h7h6y9Xz1n50JkQJBxX4hYoRwyAwA2y0Phv_RJDGc-ICFTNDBatdhdv3FoXG5-uKW6iPqMmLVZVZG2N84SCEIyV5cynS-O_Tw6Ga
date
Tue, 05 Sep 2023 15:53:27 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 7836
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKuHh9rzoc1ODoaafHdf34Y&google_cver=1&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2Ypb...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2YpbP...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2YpbPnF-ZiNFOLFLxOW26uUy83ZEK25xomEi8m7GvSBBAuOHlKpkNPRmcmu5S3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDM3ODkxNDc1OTc5Njk3OTAzNDgyMQ%3D%3D&google_push=AXcoOmT0riyisb8HNEzWaLnnJ0t0kRc3G_FklJ5X--YyD_ejplf-1EW4twMp845P2k7bxnpYkqHY9GF2feY1EEHiP85MUg2YpbPnF-ZiNFOLFLxOW26uUy83ZEK25xomEi8m7GvSBBAuOHlKpkNPRmcmu5S3
date
Tue, 05 Sep 2023 15:53:27 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
cm.g.doubleclick.net/ Frame 7836
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN-1kH1QLEApBtJE9s-xY7U&google_cver=1&google_push=AXcoOmSQIv8JjqQ1pvoFp1kr6SauozmRrWpyIoz4_7SQMtSAHACtJMpiiuFdGxY-d756_0Iwk4X3Ia...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSQIv8JjqQ1pvoFp1kr6SauozmRrWpyIoz4_7SQMtSAHACtJMpiiuFdGxY-d756_0Iwk4X3IaO8dUaymk0OXjMPHjEWiG9TMtpw1N21u10PE1Git3RAL...
170 B
188 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSQIv8JjqQ1pvoFp1kr6SauozmRrWpyIoz4_7SQMtSAHACtJMpiiuFdGxY-d756_0Iwk4X3IaO8dUaymk0OXjMPHjEWiG9TMtpw1N21u10PE1Git3RALyXga1TE8U3AGlb86bCMn4tDU9OEb8aIeEM&google_hm=MzUyNjA1Mjk1OTQ4ODQ0ODc3OQ%3D%3D
Protocol
H3
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AXcoOmSQIv8JjqQ1pvoFp1kr6SauozmRrWpyIoz4_7SQMtSAHACtJMpiiuFdGxY-d756_0Iwk4X3IaO8dUaymk0OXjMPHjEWiG9TMtpw1N21u10PE1Git3RALyXga1TE8U3AGlb86bCMn4tDU9OEb8aIeEM&google_hm=MzUyNjA1Mjk1OTQ4ODQ0ODc3OQ%3D%3D
date
Tue, 05 Sep 2023 15:53:26 GMT
content-length
0
sync
rtb2-useast.e-volution.ai/ Frame 7836
42 B
233 B
Image
General
Full URL
https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEB0kCO60y1DIgS9_mVDY8fU&google_cver=1&google_push=AXcoOmQJ6gh8HbaZveJkYA_aJCXigInXtKD_f71Xuxi3Ey3ugc-UWx62tDdE-SgPFLonRy9bOKsbPpSZq30gbgGDrwhKLiyBFWe2zcu0DKT9YrE0l_UgeFYzBgiGc-ssIL3q20AM30KYHBJhmSckdUgrUCk3xA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 05 Sep 2023 15:53:27 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
v1
match.sharethrough.com/E4rooAtA/ Frame 7836
0
35 B
Image
General
Full URL
https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEHkMp7asu9BB9lussJ4pZFI&google_cver=1&google_push=AXcoOmTPZs2xe9vA3og-sHVvSlvKmftBWISoGat61HXI1Ixn3jB1MwcaGU_efJVCGw9shGbHNx2LYpHh6WjACsXHky3uX9QiYoJjagtV8SnL0M6L625g1Nbihxg8uqt4J9MEmXwQYb3LFJuBYHJ4vS67i2vtdQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.139.48 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-139-48.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
0.gif
id5-sync.com/i/495/ Frame 7836
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEDFgIqYiuh_XleeCR7eg0SM&google_cver=1&google_push=AXcoOmSOh37nAWDSAIy82-MIiHXBHb1T_lOMUKuBRcl10qEwVrDMFuIqPpuCy0JS3LXqFAhO_GX4p9up-oXYFcktCN4qwnrrbZ7aUlGb...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSOh37nAWDSAIy82-MIiHXBHb1T_lOMUKuBRcl10qEw...
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSOh37nAWDSAIy82-MIiHXBHb1T_lOMUKuBRcl10qEwVrDMFuIqPpuCy0JS3LXqFAhO_GX4p9up-oXYFcktCN4qwnrrbZ7aUlGbQ_GkewG8fHl0k0e7x6U2-04Azfhr8YRucumcbCmAhUqVuzFgMaJ2pA
Protocol
HTTP/1.1
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Tue, 05 Sep 2023 15:53:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"

Redirect headers

date
Tue, 05 Sep 2023 15:53:27 GMT
content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; includeSubDomains
x-permitted-cross-domain-policies
none
referrer-policy
no-referrer
expect-ct
max-age=0
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
location
https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAXcoOmSOh37nAWDSAIy82-MIiHXBHb1T_lOMUKuBRcl10qEwVrDMFuIqPpuCy0JS3LXqFAhO_GX4p9up-oXYFcktCN4qwnrrbZ7aUlGbQ_GkewG8fHl0k0e7x6U2-04Azfhr8YRucumcbCmAhUqVuzFgMaJ2pA
x-download-options
noopen
vary
Accept
content-length
329
x-xss-protection
0
attr
cm.g.doubleclick.net/pixel/ Frame 7836
0
12 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J6qm4BmloCwWYcvjKzmFe0n1Xq2rVfFGWObFQ1f3S399T787ww9HPvClFCJm1i1bZG80DZA34S
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s50-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F99
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
387995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F99
15 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 13:37:19 GMT
x-content-type-options
nosniff
age
267368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 13:37:19 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 3F99
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
347432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 15:22:55 GMT
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 98CE
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301107&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205581&bpp=177&bdt=788&idt=465&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&correlator=8050865201313&frm=23&ife=1&pv=2&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1619564351&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=3149719298&scr_x=0&scr_y=0&eid=44759926%2C44798878%2C44759837%2C44759875%2C31077327%2C31077526%2C44797663&oid=2&pvsid=2805183193328812&tmod=1136192274&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.xq36ybv0xcsx&fsb=1&dtd=484
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 15:47:22 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB0E
16 KB
16 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 02 Sep 2023 02:35:09 GMT
x-content-type-options
nosniff
age
307098
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 01 Sep 2024 02:35:09 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB0E
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 15:22:55 GMT
x-content-type-options
nosniff
age
347432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 15:22:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CB0E
15 KB
15 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 01 Sep 2023 04:06:52 GMT
x-content-type-options
nosniff
age
387995
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 31 Aug 2024 04:06:52 GMT
video1.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
396 KB
397 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video1.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
1079
cdn-storageserver
DE-677
cdn-cachedat
08/18/2023 10:37:58
cdn-pullzone
829957
content-length
405516
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
637
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ccd7f9d8541190f81de255c3a448e636
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
www.google-analytics.com/
35 B
119 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=2&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-vLezSh7kAX01QrGfbCEnJA&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dr=&sd=24&ul=en-us&de=UTF-8&jid=&plt=4958&dns=16&tcp=753&rrt=0&srt=730&pdt=3&clt=1557&dit=1557&a=7195&z=0.4432071923216758&gtm=45De1110&t=timing
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 04 Sep 2023 19:03:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
74983
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?__read_this=https%3A%2F%2Fbit.ly%2Fofficial-ga4&v=2&tid=G-JLX4K2W8JS&ds=AMP&_p=7195&cid=amp-vLezSh7kAX01QrGfbCEnJA&ul=en-us&sr=1600x1200&_s=3&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dr=&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&_fv=1&_ss=1&__dbg=1&__nuid=&en=performance_timing&sid=1693929205&sct=1&seg=1&_et=0&gcs=&uaa=&uab=&uafvl=%5B%5D&uamb=0&uam=&uap=&uapv=&uaw=0&ep.amp_hostname=www.bg3.co&epn.page_load_time=4958&epn.domain_lookup_time=16&epn.tcp_connect_time=753&epn.redirect_time=0&epn.server_response_time=730&epn.page_download_time=3&epn.content_download_time=1557&epn.dom_interactive_time=1557
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012308181609000/v0/amp-analytics-0.1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=FA1A7D8C449A42CB821CCD7B667882F9&RedC=c.clarity.ms&MXFR=276D5FEB31216F1834704C6835216197
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FA1A7D8C449A42CB821CCD7B667882F9&MUID=0E5E40A6F8DD66372F065325F92C67F1
42 B
444 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FA1A7D8C449A42CB821CCD7B667882F9&MUID=0E5E40A6F8DD66372F065325F92C67F1
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
last-modified
Wed, 30 Aug 2023 19:01:41 GMT
server
Microsoft-IIS/10.0
etag
"8d59566974dbd91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 76C6FA106D7848C99D3EF8E26EC4958F Ref B: ZRHEDGE0822 Ref C: 2023-09-05T15:53:27Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=FA1A7D8C449A42CB821CCD7B667882F9&MUID=0E5E40A6F8DD66372F065325F92C67F1
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
pagead2.googlesyndication.com/bg/ Frame 4674
37 KB
14 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/bg/y--OXqz7ADyygIpSoni6phyCHaVIcLrPPWSypIROD28.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301106&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1693922006&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1693929205655&bpp=246&bdt=848&idt=531&shv=r20230830&mjsv=m202308290101&ptt=5&saldr=sd&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&correlator=8050865201313&frm=23&ife=1&pv=1&ga_vid=315367280.1693929206&ga_sid=1693929206&ga_hid=1213094010&ga_fc=1&nhd=1&u_tz=120&u_his=3&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2637&biw=1600&bih=1200&isw=336&ish=280&ifk=3360514817&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31077329%2C31077369%2C31077523%2C31077525%2C44795922%2C44796632&oid=2&pvsid=2040814525307947&tmod=1665742337&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.edslovnyn65v&btvi=1&fsb=1&dtd=566
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 04 Sep 2023 15:47:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
86765
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14793
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 09:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 03 Sep 2024 15:47:22 GMT
video2.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
340 KB
341 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video2.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
756
cdn-storageserver
DE-165
cdn-cachedat
09/05/2023 14:57:30
cdn-pullzone
829957
content-length
348552
last-modified
Fri, 18 Aug 2023 08:17:59 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
647
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9d912fa1238bfb103432bedde8988ce4
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
csi
csi.gstatic.com/ Frame D8A1
0
234 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lm6hpozr&c=8050865201313&slotId=4025432600656.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video3.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
344 KB
345 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video3.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
1053
cdn-storageserver
DE-661
cdn-cachedat
08/28/2023 19:09:50
cdn-pullzone
829957
content-length
352124
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
635
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
d3375d3e4be467cffbe2699bead5fdcd
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video4.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
343 KB
344 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video4.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
864
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:37:59
cdn-pullzone
829957
content-length
351372
last-modified
Fri, 18 Aug 2023 08:18:03 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
647
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
8e325d204ace0b5eed7db94a2bc90019
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video5.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
337 KB
338 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video5.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-383
cdn-cachedat
08/18/2023 10:38:01
cdn-pullzone
829957
content-length
345544
last-modified
Fri, 18 Aug 2023 08:17:58 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
645
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
c2cf2f2e290bc3518bf2f967fe0e2e8e
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video6.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
205 KB
205 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video6.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:38:02
cdn-pullzone
829957
content-length
209432
last-modified
Fri, 18 Aug 2023 08:18:06 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
653
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ff492f773d0d6dfe5e18d0a133c91647
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
228 KB
229 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video7.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:27 GMT
cdn-edgestorageid
722
cdn-storageserver
DE-165
cdn-cachedat
08/18/2023 10:38:03
cdn-pullzone
829957
content-length
233496
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
645
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
6627a4b0b198eefbffcf9ecad8554a97
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
VideoBidRequestHandlerServlet
wf.taboola.com/
2 KB
720 B
XHR
General
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693929207874&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1547&pt=-834870792&tz=120&viewable=true&ddast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Tue, 05 Sep 2023 15:53:27 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1461
x-cache
MISS
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1693929208.885168,VS0,VE36
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
csi
csi.gstatic.com/ Frame D8A1
0
54 B
Ping
General
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lm6hppnq&c=8050865201313&slotId=4025432600656.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44797559%2C44797735
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
t.clarity.ms/
0
290 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 15:53:28 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
ads
pubads.g.doubleclick.net/gampad/ Frame D8A1
156 B
186 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=3512312180813724&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=DE696007-536F-489B-919D-08E09B0FC491&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dlt=1693929204002&idt=2781&dt=1693929208303&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&scor=4355098221655046&ged=ve4_td4_tt1_pd4_la4000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:28 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 3F99
42 B
64 B
Fetch
General
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvD27EyV4B6oF-k1JHCa7IwfTkDLkEr9jHQs3iKkLbz-OIDBk30CGtpusD6NA9g3YJEoUQ_q5fZOaoc0Jjhju2-iHg91NEvCSgU2yLYAMflja5I7zDj9sAOA5v3pHLJGrqrIPXpj5-kFA&sai=AMfl-YQ8ADW5AH35wPT7MhmEy204ls5Qaspx1Wm9GFmmJfIotLlb8KJp9NcrVLcB-hG6wAIynqQ1Bo1d64chTRsDT5y1_aRnyKAknHU&sig=Cg0ArKJSzFl8goU5KeMeEAE&cid=CAQSKQBpAlJWLhFZUpY2amFymt16sTEPFmNufssoFKTKwRsPX68rYS5DqkLOGAE&id=lidar2&mcvt=1014&p=0,0,280,336&mtos=1014,1014,1014,1014,1014&tos=1014,0,0,0,0&v=20230830&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1587687671&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1693929206066&rpt=1256&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
video8.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
267 KB
268 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video8.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:28 GMT
cdn-edgestorageid
1055
cdn-storageserver
DE-51
cdn-cachedat
08/18/2023 10:38:04
cdn-pullzone
829957
content-length
273164
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
657
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ceb735e90374500015b868f5dcb6c32d
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pubads.g.doubleclick.net/gampad/ Frame D8A1
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=2935529596133285&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=DE696007-536F-489B-919D-08E09B0FC491&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dlt=1693929204002&idt=2781&dt=1693929209443&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&scor=960372569001153&ged=ve4_td5_tt2_pd5_la5000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame D8A1
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F22082859479%2C22705832136%2Fbg3_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=4281501011569540&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=DE696007-536F-489B-919D-08E09B0FC491&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dlt=1693929204002&idt=2781&dt=1693929210495&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&scor=3068559154923399&ged=ve4_td6_tt3_pd6_la6000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:30 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/
0
17 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je38u0&_p=7195&cid=315367280.1693929206&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1693929205&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dt=%E5%B7%9D%E6%99%AE%E8%A8%88%E5%8A%83%E5%81%B7%E5%81%B7%E8%A8%AA%E8%8B%B1%EF%BC%9F%E3%80%80%E7%A4%BA%E5%A8%81%E5%9C%98%E9%AB%94%E6%BA%96%E5%82%99%E5%A5%BD%E4%BA%86%EF%BC%9A%E7%9C%9F%E6%98%AF%E8%86%BD%E5%B0%8F%E9%AC%BC%EF%BC%81%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
VideoBidRequestHandlerServlet
am-wf.taboola.com/
2 KB
794 B
XHR
General
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1693929210876&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1547&pt=-834870792&tz=120&viewable=true&ddast=V81kcCLAak7Cs006nT8RJI2VdoplOn4y0AAABgYID-AEnulouJb7FYy1amyVq0W5nWyoXDuBZudiOLYWFz2XarISDJ3XIx8S0Wa9nKNFmLdivTWrlwGNfCzW5kMSxsLttuNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZzaDodPte9Xvf73SU-z1zj9yv8GqPrYXcLXm-p0y10Pdyiv-st-rveMofd51Y-7T635uh0615Ot-j1sLtFT7f06Lq7JS6nW-jwu8VOh98tPbrsbs3R6RY57G7h0-F361xPu9D0NtsBAAAAwIP___9_CAAAAAARAAAAACQAAAAAUAio8G9B4AIAAAAAhv___38NAM8cCMThMfoDAAAAAAgAAAAAEgAI6IclAGKM9078_________8cYoM-8kfH___9_w6AHwIMPgAchAAAAH0PoQ016Jdc2mYgUvBZhBAAAAGDYOU3wyCSdoGJR5f__v98KwBUAgABFMwa19iy6gxJvYQAAAATGLNDD4vebHXaN3-0y__________9m_s_8oxHiYW5OE7TgSqHmFxAAYM0vIAAAG3UDAPBGAE7QIWjFYLA6ATE7AAAAAHf-____9YDYwjmZbSYby3AxcTkcpsnM5VoMRoPVwuUwbpYT7_lsC4fJAIe86LMhLLPfd1BQTk-P2WWQsVwmg_igYVhOBsH8TNhitJpMNsvhbLmYDIaj4Wi0PwK4HKCJGCyXk8lisluNVqPNcDeaDRZIIAYTRNGiwWQ1Gk0Wk-FqNFnNlovdboMoWrWajTaD4Wo2me12q-FguByN0IQtRqvJZLMczpaLyWA4Go5GQwRjttlittms1hrXZOMWjTyGtcTh8q2VC4_HZFltRiOLaS16fUwXm2Fk2o22SDAgby-Sp0U6US1HC5vDsxpNhqPlxDUc7pabkXMzmYxmjpHLNbKIJZqTRTqRXfa1hXMy20w2luFi4nI4TJOZy7UYjAarhcth3Cwn_ppttphtNqu1xjXZuEUjj2Etcbh8a-XC4zFZVpvRyGJai14f08VmGJl2o31jttwsJ8vJYLRvzJab5WQ5GYz2HTrDd_U5G5VlleRj012di4ft5jQoXAaL96U-nYcFY8F89hydLo_lWdQZ_X6_3-_3-_1-v9-g9RzMBoXvefgLp4_luRzORg9ig0ERSwQX6UTwMLsdppdb4vNs_BaxRGm6SCd6hV9jdD3sbsHrLXW6ha6HW_R3vUV_11vmsPvcyqfd59YcnW7dy-kWvR52t-jplh5dd7fE5XQLHX632Onwu6VHl92tOTrdIofdLXw6_G6d62kXmt5mi1giOF2kE9HLeLqo_-ghlqu5ZDCbKwaruWIzWCUAAAAAAAAAAEswzXQTAAAAACeDGm6Gi9U6HcxkNhnsVssFcBGUpQsYBAAAAAAAoFhjjzXAw-x2mF5uic-z8VsZgARzHrPNPiOItVotawAAAALYAAAAArjpxpvAVCvu____fxwAAAAZOfQAAADo9wFlAQAAAAAA8CPI1WyzfwAqxFqtVrcba7VaAQ1ktNoMRhP4____Dw!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=1&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxLoadDist5-out_vA!dfrc_vA!esv_vA!nonrv_vA!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.2.9/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Tue, 05 Sep 2023 15:53:30 GMT
content-encoding
gzip
server
nginx
machineid
1457
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
video9.ts
stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/
227 KB
228 KB
XHR
General
Full URL
https://stream.unibotscdn.com/e3175399-2133-49da-b331-440243782447/640x360/video9.ts
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
169.150.247.35 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-169-150-247-35.datapacket.com
Software
BunnyCDN-DE1-1078 /
Resource Hash
0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:30 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-167
cdn-cachedat
08/18/2023 21:57:17
cdn-pullzone
829957
content-length
232368
last-modified
Fri, 18 Aug 2023 08:17:57 GMT
server
BunnyCDN-DE1-1078
cdn-fileserver
627
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
39d174eec5ecc4fb57c5582d20942f2b
accept-ranges
bytes
cdn-requestcountrycode
CH
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
t.clarity.ms/
0
290 B
XHR
General
Full URL
https://t.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.10/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.114.189.70 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.bg3.co
Date
Tue, 05 Sep 2023 15:53:31 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
ads
pubads.g.doubleclick.net/gampad/ Frame D8A1
156 B
143 B
XHR
General
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21928950349%2C22705832136%2Fbg3_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=240578933185631&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.587.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&sdki=445&ptt=20&adk=1950853555&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.587.0&sid=DE696007-536F-489B-919D-08E09B0FC491&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782090%2C44782991%2C44788275%2C44797559%2C44797735&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchuan-pu-ji-hua-tou-tou-fang-ying-shi-wei-tuan-ti-zhun-bei-hao-liao-zhen-shi-dan-xiao-gui.html&dlt=1693929204002&idt=2781&dt=1693929211451&cookie=ID%3D5135395bcbc3a301-2273700767de0010%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw&gpic=UID%3D00000c6f320fa322%3AT%3D1693929206%3ART%3D1693929206%3AS%3DALNI_MZk37H2AOC0252HLIocG_w2ztpKgg&scor=1903378352925469&ged=ve4_td7_tt4_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.587.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 05 Sep 2023 15:53:31 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
visible
trc.taboola.com/palmate-bg3co/log/3/
0
92 B
XHR
General
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi48=11593&tvi50=9563&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230904-6-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
67
date
Tue, 05 Sep 2023 15:53:31 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
66873
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230122-FRA
pragma
no-cache
server
nginx
x-timer
S1693929212.567230,VS0,VE67
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0e9216dbd70730b24c0b36fcc512cbdf.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/8dd5b9ad2d6a7c8183a6f3828fcf8f86.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ffa7d0e643062e13dae40ba712d353f8.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/dfdc81e8f6245326e25d79d51cfa5a28.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/5a742c50cfa96cb95eeb62c3f2c68ded.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/e458c0057c32ed3caabbe5a1b0cdbb75.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/e48fb5a3998a7aae17d497dd33a36e70.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/ca9ff807cc8ae7d76e2f5a437228442d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/90e36d97c217db41ffe5c3f0e7abe599.jpg
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/4ee135783b056abf873c5f7650bf9986.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/a3857f55afff17574d6326e5bfcba9ed.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/65a0f38790c59ef75273f39816af6234.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/39f7ace128fa1f81bd33ba7055a39ee4.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/935b114128c56bef5044e5fb96b3c8a7.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/879a27b9c3897591d7c03a80b22bce62.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f5fdcba36b0abd1bacb5e9dff0faa6ea.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/f1691c4596ff883060992218c756e54d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/a617baab6c24eed234eb877369b3a05c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/0d494a8bcdb73062c7ba354fb4ff2711.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/95abfefa67fa7f81ce25d9d2d0646d54.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/ee5b959904055ec1b1e32e88bbac6c09.jpg?w=150&h=100&q=100

Verdicts & Comments Add Verdict or Comment

194 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| documentPictureInPicture object| _taboola object| adpushup object| ucfad_async object| unibots object| AMP function| _typeof object| TRC object| _tblConsole undefined| msg function| setImmediate function| clearImmediate object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id undefined| $ undefined| jQuery string| currentState object| adpGlobals object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| googlefc function| __d3lUW8vwsKlB__ number| ampAdSlotIdCounter object| regeneratorRuntime function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| checkPlayerShouldRun function| runCMD function| unibotsLog function| unibotsCustomGA function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| __AMP_EXPERIMENT_BRANCHES string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator function| quantserve function| __qc object| ezt object| _qoptions function| __an6na521li18__ object| NmI2NmEyN2Y1NDFlYzE1ZWxvYWRlcl9qcw== string| NmI2NmEyN2Y1NDFlYzE1ZWNhY2hlZF9qcw== object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| ggeac object| google_tag_data object| google_js_reporting_queue object| adRecover undefined| jqAlias undefined| google_measure_js_timing string| nam object| placementData object| ucf object| request string| paramsString object| cmTag function| checkFrameandInitStartFun function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun function| clientJsFunction object| s1 function| clarity object| _cm_wfCounters string| lastWfUrl object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| goog function| startCMTagMain string| category boolean| noPreviewPage object| vttjs function| WebVTT function| videojs function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer function| videojsPlaylist function| videojsContribAds object| $jscomp object| canAutoplay function| videojsIma object| dataLayer function| gtag object| google_reactive_ads_global_state object| google_tag_manager function| onYouTubeIframeAPIReady object| google_ad_modifications object| google_prev_clients function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| focusFunc object| closure_lm_883477 object| closure_lm_735675 function| prepareAdRequest

44 Cookies

Domain/Path Name / Value
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Df6616335-c52c-4dc0-bae7-9accd2534db4-tuctbf0d474
.quantserve.com/ Name: mc
Value: 64f74ef4-cddf5-ca211-4780b
.bg3.co/ Name: __qca
Value: P0-2060918979-1693929204536
www.clarity.ms/ Name: CLID
Value: 10e6d84bb2ce47c9a9a86986af0eb651.20230905.20240904
.bg3.co/ Name: _clck
Value: rnrh1s|2|fer|0|1343
.aralego.com/ Name: sspid
Value: d113ab74-8d0b-38ac-957a-7d347521fe17
.rubiconproject.com/ Name: khaos
Value: LM6HPO5A-1F-F90V
.aralego.com/ Name: euconsent-v2
Value:
.bg3.co/ Name: _ga
Value: GA1.1.315367280.1693929206
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1693929205.1.0.1693929205.0.0.0
.bg3.co/ Name: _clsk
Value: r6f3gy|1693929205888|1|1|t.clarity.ms/collect
.doubleclick.net/ Name: IDE
Value: AHWqTUk2QUZZzFjeV6zj4WiIrR13dJcEWEiLaMOzjAUR288LWltwmIC4ld1-Gsu8ce8
.yahoo.com/ Name: A3
Value: d=AQABBPVO92QCEN3rm8nAS2MN9LdpKYm9JCwFEgEBAQGg-GQBZQAAAAAA_eMAAA&S=AQAAAlxpZr1XbP6EbjaasvAc0rM
.rubiconproject.com/ Name: audit
Value: 1|fC4O4KVja7jTqt458mEfHoagcGe1vK8+raBsiKzupHoJc2SRyOdHk7UX7YlM1j/O2OcGHShnIRTqFTrNE4+z9kqVaHlG5SlgpmvllXEtYN4=
.linkedin.com/ Name: bcookie
Value: "v=2&7e5d0439-2dcc-405f-8aeb-87fc604a8928"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTM5MjkyMDU7MjswMjGr0oVUyDYSi6yBubrKgPBjANlJ4Dx4dMWBZ2DCEKQXHw==
.linkedin.com/ Name: lidc
Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2707:u=1:x=1:i=1693929205:t=1694015605:v=2:sig=AQHAkjzQud932SlBHiWsel8ePoYRuSA2"
.bg3.co/ Name: __gads
Value: ID=5135395bcbc3a301-2273700767de0010:T=1693929206:RT=1693929206:S=ALNI_Mao72BMY3YrLTDvSvC9Kt3SfIclQw
.bg3.co/ Name: __gpi
Value: UID=00000c6f320fa322:T=1693929206:RT=1693929206:S=ALNI_MZk37H2AOC0252HLIocG_w2ztpKgg
.bg3.co/ Name: _ga_700YDXWXPV
Value: GS1.1.1693929206.1.0.1693929206.0.0.0
.ctnsnet.com/ Name: gid_CAESELqszEge82RT6nKQ1hy6bQk
Value: 1
.ctnsnet.com/ Name: cid_8d31611808df4bd2bbdfb78abc489278
Value: 1
.3lift.com/ Name: tluid
Value: 4378914759796979034821
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 449D34A9-0788-43A0-AD08-955354F22592
.smartadserver.com/ Name: pid
Value: 6888665774165465557
.mxptint.net/ Name: mxpim
Value: R33645_108895B04_7D433944.1.64F74EF7
.inmobi.com/ Name: idsp_c
Value: 72cf6afb-e068-49ac-b3b6-2cab227776cc
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.bing.com/ Name: MUID
Value: 0E5E40A6F8DD66372F065325F92C67F1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 0E5E40A6F8DD66372F065325F92C67F1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 0E5E40A6F8DD66372F065325F92C67F1
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.tremorhub.com/ Name: tvid
Value: 5a5e9b8c8954466a8d416dcb39fe6011
.tremorhub.com/ Name: tv_UIDF
Value: CAESEOqm-6fLy7aNarx79NZ9GhM
.tremorhub.com/ Name: tvssa
Value: 1693929207746

24 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/e48fb5a3998a7aae17d497dd33a36e70.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/ca9ff807cc8ae7d76e2f5a437228442d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/dfdc81e8f6245326e25d79d51cfa5a28.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/8dd5b9ad2d6a7c8183a6f3828fcf8f86.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/e458c0057c32ed3caabbe5a1b0cdbb75.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0e9216dbd70730b24c0b36fcc512cbdf.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/5a742c50cfa96cb95eeb62c3f2c68ded.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ffa7d0e643062e13dae40ba712d353f8.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/90e36d97c217db41ffe5c3f0e7abe599.jpg
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/4ee135783b056abf873c5f7650bf9986.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/65a0f38790c59ef75273f39816af6234.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/a617baab6c24eed234eb877369b3a05c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/39f7ace128fa1f81bd33ba7055a39ee4.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/879a27b9c3897591d7c03a80b22bce62.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/935b114128c56bef5044e5fb96b3c8a7.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/a3857f55afff17574d6326e5bfcba9ed.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f1691c4596ff883060992218c756e54d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/ee5b959904055ec1b1e32e88bbac6c09.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/0d494a8bcdb73062c7ba354fb4ff2711.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/95abfefa67fa7f81ce25d9d2d0646d54.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/f5fdcba36b0abd1bacb5e9dff0faa6ea.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://cdn.adpushup.com/42753/L2EvY2h1YW4tcHUtamktaHVhLXRvdS10b3UtZmFuZy15aW5nLXNoaS13ZWktdHVhbi10aS16aHVuLWJlaS1oYW8tbGlhby16aGVuLXNoaS1kYW4teGlhby1ndWkuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 482)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0c88d885d498c7483d95dcd3213fbff4.safeframe.googlesyndication.com
3e3cee70c05ed1736f82af86df621de4.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
ads.aralego.com
aep.mxptint.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
amp.analytics-debugger.com
c.bing.com
c.clarity.ms
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.taboola.com
cdn.unibotscdn.com
cm.g.doubleclick.net
code.jquery.com
csi.gstatic.com
d-3020712156855592794.ampproject.net
delivery.adrecover.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
google.partners.tremorhub.com
googleads.g.doubleclick.net
gum.criteo.com
id5-sync.com
il-trc-events.taboola.com
image6.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
ius.ctnsnet.com
match.adsrvr.org
match.sharethrough.com
mweb.ck.inmobi.com
newsbot.unibots.in
pagead2.googlesyndication.com
partner.googleadservices.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
pubads.g.doubleclick.net
px.ads.linkedin.com
px.owneriq.net
region1.google-analytics.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.quantserve.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.bg3.co
stats.g.doubleclick.net
stream.unibotscdn.com
sync.aralego.com
sync.inmobi.com
t.clarity.ms
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
vidstat.taboola.com
vidstatb.taboola.com
wf.taboola.com
www.bg3.co
www.clarity.ms
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
static.bg3.co
103.231.174.251
104.86.61.128
13.248.245.213
141.226.228.48
142.250.185.130
151.101.1.44
152.199.21.70
162.19.138.117
169.150.247.35
172.105.43.230
174.137.133.49
185.106.33.48
185.64.190.78
185.86.138.151
192.96.203.13
20.114.189.70
20.127.253.7
20.85.134.6
2001:4860:4802:32::3
2001:4860:4802:32::36
2001:4de0:ac18::1:a:3a
23.201.255.110
23.97.225.52
2400:52e0:1e00::864:1
2600:1f18:612b:4232:333c:fbab:e531:2e93
2600:9000:223c:9000:6:44e3:f8c0:93a1
2606:4700:20::681a:467
2606:4700:e6::ac40:ca0d
2620:116:800d:21:e365:4988:e8a7:3270
2620:1ec:21::14
2620:1ec:bdf::45
2620:1ec:c11::200
2a00:1450:4001:80b::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:811::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9d
2a02:2638:d::d
2a02:26f0:ab00::b819:32a9
2a05:d018:d29:3601:7665:e1fe:4dc7:2c74
3.33.220.150
35.157.139.48
35.186.193.173
38.98.69.175
52.46.151.131
52.94.222.140
68.219.88.97
69.173.144.139
69.173.144.165
69.173.151.100
95.101.149.233
02580960f786252394390d58499ffa747e062d66b36adc81d06090cd9a58b187
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
02fec1882cfd529e6bfc9b4bd4b0192757053f863837f2a174d7ca37ebe15cb4
0382ebb29ff8a7ed6b486bd47762c0e90a64b9ea1be4b3d3ec469e1f51dbe441
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
04ca16cb8689e125ba1b2da9f1cbb75c07693045569adbf250c717279b91c932
0523c9f4c6e8ba75215efcb5a0dd935a921f2f7ab3fb4704ce76e1581b138f8f
08343513bdf048d9de4f537b2c227c74cd295b18ec28bdf9a21c2becceafb3ed
08d502e7f6319b0015d0ea006b216f287353f60e0cd84462a5a43d6294bfea7a
0907e75ab7f4aa03bcbc01778262abd0671f8742abaca30e9816cc90a6b28935
09db039251766d76dd3ec8b446813be70778c66e060c306b63ceb96aa200b4af
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9bd9b5591994cc9ee339949b213d6b636909d874601730b81674da5701f597
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
1008dc8a3d9789fc1a035d16145b2595cc56b41933bbf4ac6f0fa040c8137a29
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
14d46daf0295dde85657ab55cf28a3117f43551ac7290dedf0ba5d44fc497da2
15f112ee1b4466cde8bf5d2e814a427ab4325cfe558da55131bdffb07d5e4e88
16c56af26101715bb14f3afe53bf3f2c60a1413cbe8e58a1d2c6d8296908f665
179b7e1951da161ed13c7877025515b1691a3b7576df631bccb401368c7be9cb
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1a918809db37ea00ff8746ae061554015d5a2f0700ed3eeaa83329e384ff6713
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1df629c9e3d7999c38bfa18b45032197fd4da30e8e893bf07f5083e1fa9b4390
1e229e795661d9b3f0e7534df3b8af346ca934a563664581f9b978133c48e281
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
21ae83bd23677cdebc8138a1dc65b1479d03466c9200e943acfcf4a9adc33702
222e0e5bf0bbddf72c71f586407ca51f60f52643453c3bcce27438eb654b482e
25d2d2d08f72ff6fb277f8a16ccf6204380e718197aa5ab8fe91c82222698aab
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26ebac8b8d1247e5aa00ec53cd97a110c0b1edd887362c6d25ddab4570bb79f8
2733f4c9d329a470c14450dd885bf02219a19ee63d30c67439a250ebbabc107c
29b110ded380d57fd0b65e05023807dd1ed2d7a50d293f8b1dffc415929df8e1
2aec7a278e6dcbc6fe1215aa393f819226b5ce4c8e0490f7ff1e263f29b07f89
2b2d647ddb6fc50140af3f0bd31e594fa49eea51d4a499c96b3ea241f677724a
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2d1d38e921b2af298d6913929f27f091a9e80788ececa370657e2bae396c0e6b
2dad5ac646a269db9be6741f1c5973a4d0f242d176413662178a5710613934b3
2e1c308b644d5be0cb3ca8d1ed6ca9caf2f559a2db097ce23040bb7e6f352d6e
2f7fd1d6651e37c961b69957f5037d3237ea523fd55d5d3a60ddc3fc2b61ecaf
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
337625c76e5d14f76145c31cda5644a650b43407c1ee7ed3ecefffbbbadabd2d
355eb73ef3ddead38f9ac663bb3cde3cf51a4dfb446937f5aca3e716c3c99e73
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36d1268298a6da877a354aa0afefa709bc3c35e373d547d04ea67943b6aba853
36e0d542a26e9291d9a13b1686f8acf7f4499e4b386a7e9387e5e04ad46e4210
387693ae9129954676f66cc2f2d2352e94457c2ff461f778551af1594585d90c
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3aae61f075cc64d2d2a1918694af9db5df06c7a638c6162f5840c5618f59bd03
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3b2bfd66561266bbac0152ff142378268d096faac6981f3116dbaab0a5d6f1d4
3beb2de5fb80f445b960aab6e9512abccf586954809300721a9e64a8de45af25
3f18968d0dacf1850dfce645f211ad6244443b9af0415f380ea27f0e835cb58f
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48e73bfa7149bb6f8a43bdcdf9362c23e496576431d5851f54c332f595c35fd0
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4c81fdea7c18bbcfa19c107195f178531a1894893820fa4f813e8a2d4626e7ee
4d4d48407b223dc62ee2fe4b345a00363ff732efc5fab2307c823624e04b36c1
4f6a107a3fdb1536c81826561e818486e2a0ae0b230df8b15f908af89b0071e0
4fcde06d3963713e552d9d46936109ce6d3d389318c4c053217dd0a8b12e7b85
53202a3c73552b3385ff4cc5598c6cdabfa4d37acc87cd2fd8c0577494143285
53294044ef54aa72d219a20ecea405f082270bb7774af92c6117b2c7a5ea8013
533138950dd7237eae697a2b822338760afe6553ac2119ab648d1bcfb13b7f16
53f7dfa1ee89cab281f1e0f0d5dbb60463a942eca94bf75d4449efa2089a0d56
5491545feecabbedf0c2a6f375d0f9e103731a316835347cf4081c0cba842d19
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56548adbc9145ce29a21b1ebb0ae03e593c3c9f5160377a5ffcab47322f13a40
58cead55b65f3b0678c4b30ae3d13b6e12567e960e0bb85cdde591943acc9932
5c6395d9162f7f95af0cf8d2bc4628712236b92bf85a33db9dc4cad670d66133
5d95f53a5578a8535d127a7041191865e9651fe932cdb84dd6c2d08b6a8c518f
5e4751a5435dc69526d2e6235a0db31e3c81313cdeacab900c9aaf19942478a3
5ecda44a108d559f69ea5d0687a080fee360eb8ffd118aee7783edc269cd4c5e
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cd427b14819b5ab75c11b9c69501875f73d805802dc95cd835ed3f827863a4
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
69a18d2585536369ce97bedeb5edd74afd71de7c93963b73df19a0f9d6c50f29
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6c00736e58728d82754e3e5ced15af509097d091819b27a9b72129b91d8bff3b
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6df7e050aef92df54cbcbb886ca84342716ffbda435a46fe0325725a38400e92
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
72733561a4030b10d08d15daed28ca2e67708a34c33aad818949c91bf1413787
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
79a366c23bc8bee6302942443d555fa16fbbe53d466ad4d17a6cd9bf595151dc
7abab7a5fed6d1eb8dcfed4e7f6bfcbc1a1a1dfbf95d281b008f04245b26c769
7c8489c6659b9bfa781b3443f22ab54ae37ee8ebc5e4f73cb6252d97ee0ad12d
7c858b03cd6f32628792b68fa1f0f913c4d3cfcdb5f9ab57b8be110972d251be
7d7d8f6b4232ff745a1cd08a00c5c9fca407eecb685bd18ec01b12dbf17d0c98
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
85644dd43bd4cd844ab209f5eb91ee8d46e01b891214145ff2e89a5a3ef5a00d
85a9ec88a119779e7632b1fdb3e841cc9ba8c128040ae142086325b230c12ce5
85de64e42a31530c967098d4c926e786d5f61aec92e064b84533ff1035066bee
88211f1be0b9c592df15da542b4cedc1acf3b32caf4922bb4e9a18e74870311e
89ed9b4a17a685a30f2f8f46a6749bf5ed43a3fde2ee34845be82db018b261e5
8b400aea1da7a9c0092a7fc36a4ce67e74e097110cec15d00d611e8cadbe3161
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
920e61c4d114a96b890545ff904a61109578821e50306b6d9f642cebead0eca3
923690f3c0feaf6346a2755af20e2b8580a048126501966a8ccd0fd31c6b53e3
923e76d3f3b8825dc55d96a9524750bb114a7180465316755f562f562479b1eb
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
97470cb7124788f03093b5ae2ca9f7ee625d3003da68f48c37d1b71f481590bf
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c4520ea7aff08690fff632460ce747f14d8591d9333a536b8065b4196d1dbd8
9c54bf6ab1af08f7f512d67d17c99c32dd9bddc19421c9a7e672b2a22ffe5ed1
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a303bdbfce6897ec74ce030b85480f417f9e17804f7a19b8f2a90feff115b94f
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a5ca3fe9f244847981b851beb861bd6d968e47c4ed3a02a470915af957d2b609
a7c94d5780fa800afb0066d0ceed10b6488d78ec4cb2a85c42e5772b6218cd26
ac158fd98a25872b4a494ed3c5a5da9f92eba989c397cab46bf8c8a7b04bc514
ac52cad3c361c2183207004c3a6c99aa12961ce4970fcd81e15758357baa357b
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
af0d502a9a7d67163adf186df31255bc15e9f08004dd1ef115c3145c3657da04
af4c22461aedf382190d0367cfb759d2faf8fb994a917406557d81d48f63344a
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b13aa7b0ce39ef735521da87d92e1fcc5d1eaaea20d54804d1f644279fb15b58
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b259bb222a39b3d352bd17275abf5799be7aba7c78275743c801ad55b7332531
b83d2a06c78b17a21cbe6d507b1b2c216bc8d31adcb543a2a8dd993b7575a270
b8b237d6b17c68a05bc377ae355cdadc36ecc1cc37a1053bc79c2aa0e307b169
bd09c8a7b93803aa5920748a2f7b9dbfeac2c74bcff72e52f72c7c9abfab7534
be9e17df5fd8251aa8202faac9c0f7d856856ab184a48f4285a6a571ef1ba949
c15f1d59737fd83228622836f14095c34e902c50564a25a3b0efb60464be6ac8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5a151f6d9e09fd60bf6973d09630854a1ea0545ac0cbeb88dec0790b3c04b7b
c6dedbf49578df8b1ec598034daa1324e417fbeef3602a7b7ab570390fb46fd3
c96ae71aaa29dc81173e75f0decbce2c96524acc59f1dc3e99a0292560a2b892
cbef8e5eacfb003cb2808a52a278baa61c821da54870bacf3d64b2a4844e0f6f
cc64f649adfa3906a1b2067dcb6eba81b1b28c474cb1376ffd3d0ab9e6c71842
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1cdf8ee05afe5f66007e7d15fae98173a1e18c4b8613dfc61d0e986d8cfce62
d30b0267d0bf72b081aa7dcc95b79d9cfc1514aa50aead2d7b390abcf77883d4
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
daab4a0a22070d27f04317209828f0a92f28df472a58883c44809e98d12b1e7f
db94893653c53b70e0c63bd0b7c24b0cbf802b844f6613001062c7c0725d5b65
dc31161647f64487d66d26d3a1cdb0a3ab087bca9736d279509a715f9d14d30e
dd59516db2adfd91bcc2bb8080517c21e49ffd845852ac32181d8f0c4e509e4d
de5c1f3576f96ed27dac11c157dec943be3ab80435fe3bd5e5c743c02374a60d
e22158808f2f86a0356dd020a0a86bdfded121d34ecc9055830973870e674115
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4612453ee1173a62d2c517be3b9a8f79de7f91e219909cc72b4f165bf2e1e96
e46b5d12f9a0cb106588c0b3329424174c9cbd7a071ef2bf070bff82129394ba
e4cc2dea1792192c12d29d0936122cfa8e5827b9216c28a95a3769e7eb78799e
e6b5ab2cb1baaa8127abcb8930d998aa1f12f0e2af1491dad2a6c7b32a9529b3
e80ab41aa28c4b4ed16b6aa5c8a00ec1b094b866fdc0f72147feaa324829a393
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
edb5ffc156c3276bc935d69a50882ea4e0c2ff7f8533531f06390c5c5687ecf3
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
f36d0f06662e7f486c754ae4b945c541325432a8076926b5585a6c8a0704e596
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f777d45fd8e1e5312828563d8ed65665d1055abefcf95d60599fbf94b54c8b8f
fd9f808a4229edd544b7718c2fe92bfad5ce537168d3d4825d7aa53ded8bd130
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e