urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
103.231.174.251  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Submission: On November 17 via manual from US — Scanned from CH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 128 IPs in 16 countries across 128 domains to perform 626 HTTP transactions. The main IP is 103.231.174.251, located in New York, United States and belongs to XLC-AS-AP XLC GLOBAL, HK. The main domain is www.bg3.co.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G4 on May 22nd 2023. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 103.231.174.251 9744 (XLC-AS-AP...)
4 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 104.20.218.77 13335 (CLOUDFLAR...)
7 152.199.21.70 15133 (EDGECAST)
42 151.101.129.44 54113 (FASTLY)
1 2 192.96.203.13 30633 (LEASEWEB-...)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a04:4e42:400... 54113 (FASTLY)
6 2600:1f18:24e... 14618 (AMAZON-AES)
9 23.97.225.52 8075 (MICROSOFT...)
3 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
2 4 2620:116:800d... 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 8 172.64.151.101 13335 (CLOUDFLAR...)
1 3.76.107.155 16509 (AMAZON-02)
1 23.211.8.12 16625 (AKAMAI-AS)
3 35.186.253.211 15169 (GOOGLE)
18 52.212.105.38 16509 (AMAZON-02)
2 4 145.40.97.67 54825 (PACKET)
1 34.120.63.153 396982 (GOOGLE-CL...)
1 2 52.49.253.230 16509 (AMAZON-02)
15 104.22.68.131 13335 (CLOUDFLAR...)
3 35 51.89.9.254 16276 (OVH)
1 3.123.91.65 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 2602:803:c004... 26667 (RUBICONPR...)
1 2a02:2638:3::7 44788 (ASN-CRITE...)
7 14 185.89.210.212 29990 (ASN-APPNEX)
1 3 162.210.196.208 30633 (LEASEWEB-...)
24 185.165.240.175 49981 (WORLDSTREAM)
5 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
3 2a02:2638:3::c 44788 (ASN-CRITE...)
12 141.226.228.48 200478 (TABOOLA-AS)
4 2a00:1450:400... 15169 (GOOGLE)
1 1 137.74.6.209 16276 (OVH)
13 16 18.196.230.223 16509 (AMAZON-02)
1 1 3.73.183.236 16509 (AMAZON-02)
1 212.8.250.83 49981 (WORLDSTREAM)
3 2a00:1450:400... 15169 (GOOGLE)
5 184.30.17.67 16625 (AKAMAI-AS)
28 2a00:1450:400... 15169 (GOOGLE)
1 6 185.29.134.248 30419 (MEDIAMATH...)
1 1 69.173.144.139 26667 (RUBICONPR...)
9 9 2607:ae80:192... 26558 (FREEWHEEL)
10 19 69.173.144.138 26667 (RUBICONPR...)
13 30 142.250.74.194 15169 (GOOGLE)
5 10 185.86.139.102 201081 (SMARTADSE...)
3 10 35.244.174.68 396982 (GOOGLE-CL...)
2 7 52.46.151.131 16509 (AMAZON-02)
12 21 185.64.190.79 62713 (AS-PUBMATIC)
16 21 185.64.191.210 62713 (AS-PUBMATIC)
8 9 3.75.62.37 16509 (AMAZON-02)
20 3.33.220.150 16509 (AMAZON-02)
3 3 3.127.72.135 16509 (AMAZON-02)
1 2 212.8.250.228 49981 (WORLDSTREAM)
20 2a00:1450:400... 15169 (GOOGLE)
3 3 23.56.202.187 16625 (AKAMAI-AS)
10 95.101.149.233 16625 (AKAMAI-AS)
1 167.235.184.171 24940 (HETZNER-AS)
4 213.227.153.220 60781 (LEASEWEB-...)
1 2600:1f18:e8a... 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
5 175.110.113.203 49981 (WORLDSTREAM)
6 10 69.173.144.165 26667 (RUBICONPR...)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
44 185.106.33.48 200478 (TABOOLA-AS)
2 5 67.220.228.203 16509 (AMAZON-02)
1 2620:1ec:21::14 8068 (MICROSOFT...)
6 8 2a05:d018:d29... 16509 (AMAZON-02)
7 7 52.213.118.96 16509 (AMAZON-02)
1 23.48.23.8 20940 (AKAMAI-ASN1)
2 2 52.5.145.170 14618 (AMAZON-AES)
1 2600:9000:212... 16509 (AMAZON-02)
1 2 104.18.41.104 13335 (CLOUDFLAR...)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
2 6 216.52.2.48 32475 (SINGLEHOP...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 5 2620:1ec:c11:... 8068 (MICROSOFT...)
1 2620:1ec:46::45 8075 (MICROSOFT...)
1 151.101.1.108 54113 (FASTLY)
1 1 3.126.217.32 16509 (AMAZON-02)
1 7 37.157.5.84 198622 (ADFORM)
1 1 3.127.126.167 16509 (AMAZON-02)
8 9 37.157.3.26 198622 (ADFORM)
1 194.55.244.180 34959 (PROCLOUD ...)
8 2607:f8b0:400... 15169 (GOOGLE)
1 146.75.118.132 54113 (FASTLY)
2 34.95.69.49 396982 (GOOGLE-CL...)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
1 34.160.236.64 396982 (GOOGLE-CL...)
1 185.84.60.20 198622 (ADFORM)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
4 4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 54.72.186.48 16509 (AMAZON-02)
9 9 46.228.174.117 56396 (AMOBEE)
1 213.227.153.224 60781 (LEASEWEB-...)
4 37.157.6.235 198622 (ADFORM)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
1 3 2606:4700::68... 13335 (CLOUDFLAR...)
2 2 85.114.159.93 24961 (MYLOC-AS ...)
2 2 134.122.57.34 14061 (DIGITALOC...)
3 3 54.154.5.229 16509 (AMAZON-02)
2 2 211.120.53.204 4694 (IDCF IDC ...)
2 104.18.38.76 13335 (CLOUDFLAR...)
2 3 13.248.245.213 16509 (AMAZON-02)
1 184.30.20.22 16625 (AKAMAI-AS)
1 184.30.16.183 16625 (AKAMAI-AS)
1 13.32.27.45 16509 (AMAZON-02)
4 8 35.244.159.8 396982 (GOOGLE-CL...)
1 141.226.224.32 200478 (TABOOLA-AS)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 54.171.158.15 16509 (AMAZON-02)
4 23.32.184.192 16625 (AKAMAI-AS)
7 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
2 54.211.177.173 14618 (AMAZON-AES)
2 2 46.228.164.11 56396 (AMOBEE)
4 4 193.0.160.131 54312 (ROCKETFUEL)
1 1 69.166.1.66 27630 (AS-XFERNET)
1 1 50.19.228.115 14618 (AMAZON-AES)
1 80.77.87.162 46636 (NATCOWEB)
2 3.64.136.60 16509 (AMAZON-02)
1 1 2.18.160.23 16625 (AKAMAI-AS)
4 4 44.205.140.116 14618 (AMAZON-AES)
4 4 65.9.95.52 16509 (AMAZON-02)
1 9 104.18.36.155 13335 (CLOUDFLAR...)
1 2 52.31.205.224 16509 (AMAZON-02)
1 1 3.69.181.174 16509 (AMAZON-02)
2 2 3.69.152.80 16509 (AMAZON-02)
1 1 45.137.176.88 60350 (VP)
3 3 35.214.189.64 15169 (GOOGLE)
1 1 34.160.19.107 396982 (GOOGLE-CL...)
3 3 208.93.169.131 46244 (WEBMD-IDC...)
1 1 2600:9000:212... 16509 (AMAZON-02)
3 198.47.127.19 62713 (AS-PUBMATIC)
14 52.210.15.1 16509 (AMAZON-02)
1 1 51.68.39.188 16276 (OVH)
2 2 52.72.41.189 14618 (AMAZON-AES)
1 169.197.150.8 398989 (DEEPINTENT)
4 4 64.202.112.159 23352 (SERVERCEN...)
1 1 8.43.72.97 26667 (RUBICONPR...)
1 54.171.40.33 16509 (AMAZON-02)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
4 34.102.253.54 396982 (GOOGLE-CL...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 1 18.158.152.62 16509 (AMAZON-02)
1 1 82.145.213.8 39832 (NO-OPERA)
1 2 151.101.2.49 54113 (FASTLY)
1 72.251.241.196 32475 (SINGLEHOP...)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 35.186.193.173 15169 (GOOGLE)
1 195.5.165.20 44968 (IPROM-AS)
1 1 141.95.171.142 16276 (OVH)
2 2 141.94.171.212 16276 (OVH)
2 3 54.73.167.29 16509 (AMAZON-02)
1 2 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.50.95.14 16509 (AMAZON-02)
3 198.47.127.20 62713 (AS-PUBMATIC)
2 2 98.98.134.241 21859 (ZEN-ECN)
1 1 37.157.4.28 198622 (ADFORM)
1 23.88.86.2 24940 (HETZNER-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 77.243.51.122 42697 (NETIC-AS)
1 1 141.94.171.213 16276 (OVH)
626 128
1    103.231.174.251 (New York, United States)

ASN9744 (XLC-AS-AP XLC GLOBAL, HK)
www.bg3.co
4    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
15    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    104.20.218.77 (None, )

ASN13335 (CLOUDFLARENET, US)
www.statcounter.com
c.statcounter.com
7    152.199.21.70 (United States)

ASN15133 (EDGECAST, US)
delivery.adrecover.com
cdn.adpushup.com
42    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
vidstat.taboola.com
images.taboola.com
imprammp.taboola.com
wf.taboola.com
pips.taboola.com
vidstatb.taboola.com
2    192.96.203.13 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ads.aralego.com
3    2606:4700:20::ac43:47fe (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    2a04:4e42:400::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
6    2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
http-intake.logs.datadoghq.com
9    23.97.225.52 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com
4    2620:116:800d:21:5ed4:8d5d:fed7:f5ef (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
8    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    3.76.107.155 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-76-107-155.eu-central-1.compute.amazonaws.com
grid.bidswitch.net
1    23.211.8.12 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-211-8-12.deploy.static.akamaitechnologies.com
a.teads.tv
3    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
18    52.212.105.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
ads.servenobid.com
4    145.40.97.67 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com
prebid.media.net
2    52.49.253.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-253-230.eu-west-1.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
15    104.22.68.131 (None, )

ASN13335 (CLOUDFLARENET, US)
prebid.smilewanted.com
csync.smilewanted.com
static.smilewanted.com
35    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    3.123.91.65 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-91-65.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    2a02:2638:3::7 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
14    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
ams3-ib.adnxs.com
secure.adnxs.com
3    162.210.196.208 (Lanham, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
sync.aralego.com
24    185.165.240.175 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 185-165-240-175.hosted-by-worldstream.net
ad.vidverto.io
5    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2600:9000:223c:1c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
3    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
12    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
trc-events.taboola.com
am-match.taboola.com
am-vid-events.taboola.com
sync.taboola.com
am-wf.taboola.com
4    2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    137.74.6.209 (Warsaw, Poland)

ASN16276 (OVH, FR)
PTR: app-ngx-pl-02.adpartner.pro
a4p.adpartner.pro
16    18.196.230.223 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    3.73.183.236 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-183-236.eu-central-1.compute.amazonaws.com
b-eu1.marketperf.com
1    212.8.250.83 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: customer.worldstream.nl
ad.vidver.to
3    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    184.30.17.67 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-67.deploy.static.akamaitechnologies.com
widgets.outbrain.com
28    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    185.29.134.248 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
9    2607:ae80:192:1::173 (United States)

ASN26558 (FREEWHEEL, US)
ads.stickyadstv.com
19    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
30    142.250.74.194 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
10    185.86.139.102 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
sync.smartadserver.com
10    35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
idsync.rlcdn.com
7    52.46.151.131 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
21    185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
21    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
simage2.pubmatic.com
9    3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
20    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
3    3.127.72.135 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-72-135.eu-central-1.compute.amazonaws.com
a.sportradarserving.com
2    212.8.250.228 (Rotterdam, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 212-8-250-228.hosted-by-worldstream.net
ad.mox.tv
20    2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    23.56.202.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
10    95.101.149.233 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-149-233.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    167.235.184.171 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.171.184.235.167.clients.your-server.de
inv-nets.admixer.net
4    213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net
b1t-eudc1.zemanta.com
1    2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
1    2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
5    175.110.113.203 (Naaldwijk, Netherlands)

ASN49981 (WORLDSTREAM, NL)
PTR: 175-110-113-203.hosted-by-worldstream.net
cdn.vidverto.io
10    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
3    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
44    185.106.33.48 (Israel)

ASN200478 (TABOOLA-AS, IL)
il-trc-events.taboola.com
5    67.220.228.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
8    2a05:d018:d29:3601:a431:4595:7531:b100 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
7    52.213.118.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-118-96.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    23.48.23.8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-8.deploy.static.akamaitechnologies.com
hb.yahoo.net
2    52.5.145.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-145-170.compute-1.amazonaws.com
sync.ipredictive.com
1    2600:9000:2127:a000:1a:5235:f980:93a1 (United States)

ASN16509 (AMAZON-02, US)
live.primis.tech
2    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
6    216.52.2.48 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
ap.lijit.com
3    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2606:4700::6812:1791 (United States)

ASN13335 (CLOUDFLARENET, US)
cadmus.script.ac
5    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.bing.com
1    2620:1ec:46::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
adsdk.microsoft.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
cdn.adnxs.com
1    3.126.217.32 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-217-32.eu-central-1.compute.amazonaws.com
ghent-aws-fr.bidswitch.net
7    37.157.5.84 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
1    3.127.126.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-126-167.eu-central-1.compute.amazonaws.com
aws-fr-sync.bidswitch.net
9    37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
dmp.adform.net
1    194.55.244.180 (Moscow, Russian Federation)

ASN34959 (PROCLOUD PROCLOUD MSK, RU)
sync.dmp.otm-r.com
8    2607:f8b0:4002:c05::5e (Atlanta, United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    146.75.118.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
zem.outbrainimg.com
2    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
1    34.160.236.64 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
1    185.84.60.20 (Denmark)

ASN198622 (ADFORM, DK)
adx3.adform.net
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
dclk-match.dotomi.com
pubmatic-match.dotomi.com
1    2600:1f18:612b:4232:2306:ee41:7d49:965e (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
google.partners.tremorhub.com
1    54.72.186.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-186-48.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
9    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    213.227.153.224 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
b1-eudc1.zemanta.com
4    37.157.6.235 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
3    2606:4700::6812:18ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    85.114.159.93 (Loerrach, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    134.122.57.34 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
3    54.154.5.229 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-5-229.eu-west-1.compute.amazonaws.com
match.360yield.com
ice.360yield.com
2    211.120.53.204 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    104.18.38.76 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
3    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    184.30.16.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-16-183.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    13.32.27.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-45.fra56.r.cloudfront.net
public.servenobid.com
8    35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
eu-u.openx.net
u.openx.net
1    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
3    2606:4700::6811:ca6e (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
2    54.171.158.15 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
4    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
7    2600:9000:223f:dc00:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
2    54.211.177.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-177-173.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
4    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    69.166.1.66 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    50.19.228.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-228-115.compute-1.amazonaws.com
ssp.disqus.com
1    80.77.87.162 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
2    3.64.136.60 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-136-60.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com
hbx.media.net
4    44.205.140.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-140-116.compute-1.amazonaws.com
i.liadm.com
4    65.9.95.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-95-52.prg50.r.cloudfront.net
live.rezync.com
9    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
2    52.31.205.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-205-224.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    3.69.181.174 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-174.eu-central-1.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    3.69.152.80 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-152-80.eu-central-1.compute.amazonaws.com
pm.w55c.net
1    45.137.176.88 (France)

ASN60350 (VP, FR)
sync.adotmob.com
3    35.214.189.64 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 64.189.214.35.bc.googleusercontent.com
csync.loopme.me
1    34.160.19.107 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
3    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
1    2600:9000:2127:4600:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
3    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
14    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    51.68.39.188 (France)

ASN16276 (OVH, FR)
PTR: ns3129809.ip-51-68-39.eu
dsp.nrich.ai
2    52.72.41.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-72-41-189.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
4    64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    54.171.40.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-40-33.eu-west-1.compute.amazonaws.com
cs.yellowblue.io
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
4    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    18.158.152.62 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-152-62.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
2    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    141.95.171.142 (Paris, France)

ASN16276 (OVH, FR)
PTR: bixel-8.cloudy.ovh
green.erne.co
2    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
3    54.73.167.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-73-167-29.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
2    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.50.95.14 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-95-14.eu-west-1.compute.amazonaws.com
a.audrte.com
3    198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
2    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
1    37.157.4.28 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    23.88.86.2 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.2.86.88.23.clients.your-server.de
matching.truffle.bid
1    2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    77.243.51.122 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    141.94.171.213 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-5.cloudy.ovh
pixel.onaudience.com
Apex Domain
Subdomains		 Transfer
99 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1136
trc.taboola.com — Cisco Umbrella Rank: 705
trc-events.taboola.com — Cisco Umbrella Rank: 2170
vidstat.taboola.com — Cisco Umbrella Rank: 3029
il-trc-events.taboola.com — Cisco Umbrella Rank: 20251
images.taboola.com — Cisco Umbrella Rank: 1923
imprammp.taboola.com — Cisco Umbrella Rank: 15442
am-match.taboola.com — Cisco Umbrella Rank: 15833
wf.taboola.com — Cisco Umbrella Rank: 3148
am-vid-events.taboola.com — Cisco Umbrella Rank: 15082
sync.taboola.com — Cisco Umbrella Rank: 1322
pips.taboola.com — Cisco Umbrella Rank: 1694
cds.taboola.com — Cisco Umbrella Rank: 1933
am-wf.taboola.com — Cisco Umbrella Rank: 17326
vidstatb.taboola.com — Cisco Umbrella Rank: 5039
1 MB
56 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
461 KB
52 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 662
image2.pubmatic.com — Cisco Umbrella Rank: 924
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
simage2.pubmatic.com — Cisco Umbrella Rank: 843
image4.pubmatic.com — Cisco Umbrella Rank: 1184
simage4.pubmatic.com — Cisco Umbrella Rank: 1289
51 KB
52 googlesyndication.com
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com
680 KB
46 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
fastlane.rubiconproject.com — Cisco Umbrella Rank: 513
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2394
pixel.rubiconproject.com — Cisco Umbrella Rank: 376
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 969
eus.rubiconproject.com — Cisco Umbrella Rank: 602
token.rubiconproject.com — Cisco Umbrella Rank: 458
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1156
94 KB
35 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
51 KB
29 vidverto.io
ad.vidverto.io — Cisco Umbrella Rank: 30159
cdn.vidverto.io — Cisco Umbrella Rank: 40183
505 KB
22 adform.net
track.adform.net — Cisco Umbrella Rank: 4256
c1.adform.net — Cisco Umbrella Rank: 599
adx3.adform.net — Cisco Umbrella Rank: 59130
s1.adform.net — Cisco Umbrella Rank: 9253
dmp.adform.net — Cisco Umbrella Rank: 3509
cm.adform.net — Cisco Umbrella Rank: 1267
85 KB
20 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
3 KB
19 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2437
public.servenobid.com — Cisco Umbrella Rank: 5174
10 KB
19 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1165
x.bidswitch.net — Cisco Umbrella Rank: 351
ghent-aws-fr.bidswitch.net — Cisco Umbrella Rank: 12914
aws-fr-sync.bidswitch.net — Cisco Umbrella Rank: 29766
5 KB
17 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 327
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 492
7 KB
17 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 511
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
11 KB
16 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1591
usersync.gumgum.com — Cisco Umbrella Rank: 2098
rtb.gumgum.com — Cisco Umbrella Rank: 1589
5 KB
16 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 246
cdn.adnxs.com — Cisco Umbrella Rank: 1682
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6903
acdn.adnxs.com — Cisco Umbrella Rank: 609
secure.adnxs.com — Cisco Umbrella Rank: 495
68 KB
15 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
92 KB
15 smilewanted.com
prebid.smilewanted.com — Cisco Umbrella Rank: 5524
csync.smilewanted.com — Cisco Umbrella Rank: 2822
static.smilewanted.com — Cisco Umbrella Rank: 9244
19 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 16569
e3.adpushup.com — Cisco Umbrella Rank: 19508
304 KB
12 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 890
8 KB
11 openx.net
rtb.openx.net — Cisco Umbrella Rank: 695
adpushup-d.openx.net — Cisco Umbrella Rank: 26550
us-u.openx.net — Cisco Umbrella Rank: 522
eu-u.openx.net — Cisco Umbrella Rank: 2753
u.openx.net — Cisco Umbrella Rank: 659
2 KB
10 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 728
idsync.rlcdn.com — Cisco Umbrella Rank: 415
775 B
10 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 733
sync.smartadserver.com — Cisco Umbrella Rank: 1330
4 KB
9 zemanta.com
b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 22764
b1-eudc1.zemanta.com — Cisco Umbrella Rank: 29993
b1sync.zemanta.com — Cisco Umbrella Rank: 580
2 KB
9 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
5 KB
7 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 5267
4 KB
7 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
4 KB
7 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 447
fonts.googleapis.com — Cisco Umbrella Rank: 31
851 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
4 KB
6 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 882
ap.lijit.com — Cisco Umbrella Rank: 683
2 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 1372
3 KB
6 datadoghq.com
http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 8487
1 KB
5 bing.com
www.bing.com — Cisco Umbrella Rank: 66
18 KB
5 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1799
27 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
320 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 454
dis.criteo.com — Cisco Umbrella Rank: 597
976 B
5 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30610
sync.aralego.com — Cisco Umbrella Rank: 3112
2 KB
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2810
3 KB
4 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4089
645 B
4 rezync.com
live.rezync.com — Cisco Umbrella Rank: 1922
3 KB
4 liadm.com
i.liadm.com — Cisco Umbrella Rank: 539
2 KB
4 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 868
4 KB
4 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 3451
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3483
2 KB
4 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 572
eb2.3lift.com — Cisco Umbrella Rank: 417
2 KB
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 751
436 B
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1245
pixel.quantserve.com — Cisco Umbrella Rank: 964
cms.quantserve.com — Cisco Umbrella Rank: 764
10 KB
4 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
89 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
3 onaudience.com
pixel-eu.onaudience.com — Cisco Umbrella Rank: 19303
pixel.onaudience.com — Cisco Umbrella Rank: 3239
2 KB
3 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 592
1 KB
3 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
3 KB
3 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
739 B
3 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2460
cs.yellowblue.io — Cisco Umbrella Rank: 1590
2 KB
3 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8923
44 KB
3 360yield.com
match.360yield.com — Cisco Umbrella Rank: 2249
ice.360yield.com — Cisco Umbrella Rank: 2116
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 860
s.tribalfusion.com — Cisco Umbrella Rank: 2311
2 KB
3 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
2 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 795
1 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 sportradarserving.com
a.sportradarserving.com — Cisco Umbrella Rank: 2529
2 KB
3 media.net
prebid.media.net — Cisco Umbrella Rank: 1335
contextual.media.net — Cisco Umbrella Rank: 691
hbx.media.net — Cisco Umbrella Rank: 1337
11 KB
3 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2462
322 B
3 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 15951
41 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1222
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
938 B
2 weborama.fr
cr.frontend.weborama.fr — Cisco Umbrella Rank: 24983
498 B
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4905
562 B
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 709
766 B
2 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 689
3 KB
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 912
1 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 228
1 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 559
69 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
952 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 674
cdn.indexww.com — Cisco Umbrella Rank: 1531
2 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1208
2 KB
2 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2242
1 KB
2 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1533
1 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
60 KB
2 clean.gg
i.clean.gg — Cisco Umbrella Rank: 894
104 B
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 connatix.com
capi.connatix.com — Cisco Umbrella Rank: 1113
523 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
958 B
2 mox.tv
ad.mox.tv — Cisco Umbrella Rank: 42792
304 B
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 3481
visitor.omnitagjs.com — Cisco Umbrella Rank: 799
909 B
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 762
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 27295
11 KB
2 statcounter.com
www.statcounter.com — Cisco Umbrella Rank: 15116
c.statcounter.com — Cisco Umbrella Rank: 9937
15 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
179 KB
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 3222
439 B
1 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 6588
1 erne.co
green.erne.co — Cisco Umbrella Rank: 31191
412 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6074
277 B
1 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 5723
368 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1392
283 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 1397
553 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 6560
346 B
1 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1055
44 B
1 nrich.ai
dsp.nrich.ai — Cisco Umbrella Rank: 3111
582 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 716
458 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1608
348 B
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1578
680 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3766
595 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1138
176 B
1 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1439
526 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
623 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1545
160 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
598 B
1 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 13708
635 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1324
213 B
1 outbrainimg.com
zem.outbrainimg.com — Cisco Umbrella Rank: 2632
10 KB
1 otm-r.com
sync.dmp.otm-r.com — Cisco Umbrella Rank: 24816
69 B
1 microsoft.com
adsdk.microsoft.com — Cisco Umbrella Rank: 4948
30 KB
1 script.ac
cadmus.script.ac — Cisco Umbrella Rank: 1421
46 KB
1 primis.tech
live.primis.tech — Cisco Umbrella Rank: 1458
525 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 938
315 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 377
650 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 cheqzone.com
obs.cheqzone.com — Cisco Umbrella Rank: 7571
3 KB
1 admixer.net
inv-nets.admixer.net — Cisco Umbrella Rank: 2430
261 B
1 vidver.to
ad.vidver.to — Cisco Umbrella Rank: 53225
155 B
1 marketperf.com
b-eu1.marketperf.com — Cisco Umbrella Rank: 112764
290 B
1 adpartner.pro
a4p.adpartner.pro — Cisco Umbrella Rank: 10367
257 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1212
642 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1462
612 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 335
2 KB
1 bg3.co
www.bg3.co
static.bg3.co Failed
18 KB
0 gammaplatform.com Failed
cm-supply-web.gammaplatform.com Failed
0 mrtnsvr.com Failed
ad.mrtnsvr.com Failed
0 aura-dsp.com Failed
sync-dmp.aura-dsp.com Failed
626 128
Domain Requested by
44 il-trc-events.taboola.com www.bg3.co
35 onetag-sys.com 3 redirects cdn.adpushup.com
ad.vidverto.io
onetag-sys.com
www.bg3.co
public.servenobid.com
ads.pubmatic.com
30 cm.g.doubleclick.net 13 redirects onetag-sys.com
www.bg3.co
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
adpushup-d.openx.net
g2.gumgum.com
28 tpc.googlesyndication.com www.bg3.co
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.gstatic.com
pagead2.googlesyndication.com
24 ad.vidverto.io www.bg3.co
ad.vidverto.io
imasdk.googleapis.com
21 image8.pubmatic.com 12 redirects ads.pubmatic.com
20 pagead2.googlesyndication.com ads.aralego.com
pagead2.googlesyndication.com
imasdk.googleapis.com
securepubads.g.doubleclick.net
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
20 match.adsrvr.org onetag-sys.com
www.bg3.co
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
am-match.taboola.com
imprammp.taboola.com
googleads.g.doubleclick.net
cdn.adpushup.com
adpushup-d.openx.net
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
19 pixel.rubiconproject.com 10 redirects onetag-sys.com
www.bg3.co
18 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
onetag-sys.com
g2.gumgum.com
cs-rtb.minutemedia-prebid.com
eus.rubiconproject.com
cs-server-s2s.yellowblue.io
ads.pubmatic.com
16 x.bidswitch.net 13 redirects imprammp.taboola.com
onetag-sys.com
15 cdn.taboola.com www.bg3.co
cdn.taboola.com
15 securepubads.g.doubleclick.net www.bg3.co
securepubads.g.doubleclick.net
www.googletagservices.com
cdn.aralego.net
14 usersync.gumgum.com g2.gumgum.com
ads.pubmatic.com
14 images.taboola.com www.bg3.co
12 simage2.pubmatic.com 7 redirects ads.pubmatic.com
12 csync.smilewanted.com cdn.adpushup.com
csync.smilewanted.com
ads.pubmatic.com
10 token.rubiconproject.com 6 redirects eus.rubiconproject.com
10 eus.rubiconproject.com ads.aralego.com
eus.rubiconproject.com
am-match.taboola.com
cdn.adpushup.com
public.servenobid.com
g2.gumgum.com
9 ups.analytics.yahoo.com 8 redirects am-match.taboola.com
9 image2.pubmatic.com 9 redirects
9 ads.stickyadstv.com 9 redirects
9 e3.adpushup.com www.bg3.co
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
8 pubads.g.doubleclick.net imasdk.googleapis.com
8 csi.gstatic.com imasdk.googleapis.com
8 c1.adform.net 7 redirects ads.pubmatic.com
8 pr-bh.ybp.yahoo.com 6 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
7 cs-rtb.minutemedia-prebid.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
7 track.adform.net 1 redirects www.bg3.co
s1.adform.net
7 match.prod.bidr.io 7 redirects
7 s.amazon-adsystem.com 2 redirects onetag-sys.com
www.bg3.co
ssum-sec.casalemedia.com
7 ib.adnxs.com 4 redirects cdn.adpushup.com
acdn.adnxs.com
6 sync.1rx.io 6 redirects
6 sync.mathtag.com 1 redirects onetag-sys.com
6 http-intake.logs.datadoghq.com cdn.adpushup.com
5 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
5 idsync.rlcdn.com 3 redirects ssum-sec.casalemedia.com
5 ssum-sec.casalemedia.com 2 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
5 www.bing.com 2 redirects www.bg3.co
5 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
adpushup-d.openx.net
ads.pubmatic.com
5 vidstat.taboola.com cdn.taboola.com
vidstat.taboola.com
5 cdn.vidverto.io www.bg3.co
5 id.rlcdn.com onetag-sys.com
5 widgets.outbrain.com www.bg3.co
widgets.outbrain.com
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
5 www.googletagservices.com securepubads.g.doubleclick.net
www.bg3.co
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 a.audrte.com 3 redirects ads.pubmatic.com
4 ads.playground.xyz ads.pubmatic.com
4 b1sync.zemanta.com 4 redirects
4 live.rezync.com 4 redirects
4 i.liadm.com 4 redirects
4 p.rfihub.com 4 redirects
4 ads.pubmatic.com public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
csync.smilewanted.com
4 s1.adform.net ghent-aws-fr.bidswitch.net
s1.adform.net
www.bg3.co
4 www.gstatic.com googleads.g.doubleclick.net
4 ams3-ib.adnxs.com cdn.adpushup.com
cadmus.script.ac
cdn.adnxs.com
4 b1t-eudc1.zemanta.com a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
widgets.outbrain.com
4 imasdk.googleapis.com ad.vidverto.io
imasdk.googleapis.com
4 prebid.a-mo.net 2 redirects cdn.adpushup.com
4 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
3 sync.crwdcntrl.net 2 redirects ads.pubmatic.com
3 creativecdn.com 3 redirects
3 image6.pubmatic.com ads.pubmatic.com
3 bh.contextweb.com 3 redirects
3 csync.loopme.me 3 redirects
3 secure.adnxs.com 3 redirects
3 us-u.openx.net 1 redirects adpushup-d.openx.net
3 ap.lijit.com public.servenobid.com
cs-rtb.minutemedia-prebid.com
csync.smilewanted.com
3 c.bannerflow.net www.bg3.co
c.bannerflow.net
3 eb2.3lift.com 2 redirects cdn.adpushup.com
3 sync.taboola.com am-match.taboola.com
imprammp.taboola.com
3 sync.targeting.unrulymedia.com 3 redirects
3 um.simpli.fi 2 redirects onetag-sys.com
3 www.google.com a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
tpc.googlesyndication.com
3 ce.lijit.com 2 redirects www.bg3.co
3 fonts.gstatic.com ad.vidverto.io
fonts.googleapis.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
www.bg3.co
3 secure-assets.rubiconproject.com 3 redirects
3 a.sportradarserving.com 3 redirects
3 fonts.googleapis.com a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
cdn.taboola.com
tpc.googlesyndication.com
3 trc-events.taboola.com www.bg3.co
3 trc.taboola.com cdn.taboola.com
3 gum.criteo.com cdn.taboola.com
cdn.adpushup.com
3 sync.aralego.com 1 redirects ads.aralego.com
www.bg3.co
3 rtb.openx.net cdn.adpushup.com
3 htlb.casalemedia.com cdn.adpushup.com
3 a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 region1.google-analytics.com www.googletagmanager.com
3 cdn.aralego.net www.bg3.co
ads.aralego.com
2 uipglob.semasio.net 1 redirects ads.pubmatic.com
2 am-wf.taboola.com vidstat.taboola.com
2 simage4.pubmatic.com ads.pubmatic.com
2 pubmatic-match.dotomi.com 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 cr.frontend.weborama.fr 1 redirects ads.pubmatic.com
2 pixel-eu.onaudience.com 2 redirects
2 d5p.de17a.com 2 redirects
2 sync-tm.everesttech.net 1 redirects ads.pubmatic.com
2 sync.smartadserver.com 2 redirects
2 u.openx.net 2 redirects
2 sync.srv.stackadapt.com 2 redirects
2 pm.w55c.net 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 match.sharethrough.com public.servenobid.com
cs-server-s2s.yellowblue.io
2 ad.turn.com 2 redirects
2 cs-server-s2s.yellowblue.io public.servenobid.com
cs-server-s2s.yellowblue.io
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 adpushup-d.openx.net 1 redirects cdn.adpushup.com
2 tg.socdm.com 2 redirects
2 match.360yield.com 2 redirects
2 match.adsby.bidtheatre.com 2 redirects
2 dsp.adfarm1.adition.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 dclk-match.dotomi.com 2 redirects
2 am-vid-events.taboola.com www.bg3.co
2 wf.taboola.com vidstat.taboola.com
2 am-match.taboola.com vidstat.taboola.com
2 i.clean.gg cadmus.script.ac
2 pixel.tapad.com 1 redirects www.bg3.co
2 capi.connatix.com 1 redirects www.bg3.co
2 sync.ipredictive.com 2 redirects
2 ad.mox.tv 1 redirects onetag-sys.com
2 prebid.smilewanted.com cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 ads.aralego.com 1 redirects ads.aralego.com
2 delivery.adrecover.com www.bg3.co
2 www.googletagmanager.com www.bg3.co
www.googletagmanager.com
1 vidstatb.taboola.com www.bg3.co
1 pixel.onaudience.com 1 redirects
1 mwzeom.zeotap.com ads.pubmatic.com
1 matching.truffle.bid ads.pubmatic.com
1 cm.adform.net 1 redirects
1 ice.360yield.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 dmp.adform.net 1 redirects
1 green.erne.co 1 redirects
1 core.iprom.net ads.pubmatic.com
1 ipac.ctnsnet.com ads.pubmatic.com
1 cm.adgrx.com ads.pubmatic.com
1 t.adx.opera.com 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 cs.yellowblue.io cs-server-s2s.yellowblue.io
1 pixel-us-east.rubiconproject.com 1 redirects
1 rtb.gumgum.com g2.gumgum.com
1 visitor.omnitagjs.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 dsp.nrich.ai 1 redirects
1 s.ad.smaato.net 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 sync.adotmob.com 1 redirects
1 1f2e7.v.fwmrm.net 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 static.smilewanted.com csync.smilewanted.com
1 eu-u.openx.net adpushup-d.openx.net
1 hbx.media.net 1 redirects
1 cs.admanmedia.com public.servenobid.com
1 ssp.disqus.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.adkernel.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 cds.taboola.com cdn.taboola.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 contextual.media.net cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 pips.taboola.com cdn.taboola.com
1 s.tribalfusion.com www.bg3.co
1 b1-eudc1.zemanta.com www.bg3.co
1 ads.yieldmo.com 1 redirects
1 google.partners.tremorhub.com 1 redirects
1 imprammp.taboola.com vidstat.taboola.com
1 adx3.adform.net imasdk.googleapis.com
1 odr.mookie1.com onetag-sys.com
1 zem.outbrainimg.com a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
1 sync.dmp.otm-r.com www.bg3.co
1 aws-fr-sync.bidswitch.net 1 redirects
1 ghent-aws-fr.bidswitch.net 1 redirects
1 164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 cdn.adnxs.com cdn.adpushup.com
1 adsdk.microsoft.com cdn.adpushup.com
1 cadmus.script.ac cdn.adpushup.com
1 live.primis.tech www.bg3.co
1 hb.yahoo.net www.bg3.co
1 px.ads.linkedin.com www.bg3.co
1 s0.2mdn.net imasdk.googleapis.com
1 obs.cheqzone.com a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
1 inv-nets.admixer.net ad.vidverto.io
1 pixel.quantserve.com www.bg3.co
1 ssbsync-global.smartadserver.com 1 redirects
1 pixel-eu.rubiconproject.com 1 redirects
1 ad.vidver.to www.bg3.co
1 b-eu1.marketperf.com 1 redirects
1 a4p.adpartner.pro 1 redirects
1 rules.quantcount.com secure.quantserve.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 prebid-server.rubiconproject.com cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 c.statcounter.com www.statcounter.com
1 www.statcounter.com www.bg3.co
1 www.bg3.co
0 cm-supply-web.gammaplatform.com Failed ads.pubmatic.com
0 ad.mrtnsvr.com Failed ads.pubmatic.com
0 sync-dmp.aura-dsp.com Failed a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
0 static.bg3.co Failed www.bg3.co
626 216
Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G4		 2023-05-22 -
2024-06-22		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
statcounter.com
Sectigo RSA Domain Validation Secure Server CA		 2022-11-24 -
2023-12-24		 a year crt.sh
*.adpushup.com
GeoTrust TLS RSA CA G1		 2023-08-11 -
2024-07-12		 a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2023-07-11 -
2024-07-14		 a year crt.sh
*.logs.datadoghq.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-22 -
2024-03-22		 a year crt.sh
quantserve.com
R3		 2023-10-28 -
2024-01-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
teads.tv
R3		 2023-11-03 -
2024-02-01		 3 months crt.sh
*.openx.net
RapidSSL TLS RSA CA G1		 2023-08-18 -
2024-08-18		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
*.a-mo.net
R3		 2023-11-07 -
2024-02-05		 3 months crt.sh
prebid.media.net
GTS CA 1D4		 2023-10-28 -
2024-01-26		 3 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2023-11-09 -
2024-12-09		 a year crt.sh
ad.vidverto.io
R3		 2023-09-24 -
2023-12-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.mathtag.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-30 -
2024-04-29		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.admixer.net
Sectigo ECC Domain Validation Secure Server CA		 2022-11-21 -
2023-12-22		 a year crt.sh
*.zemanta.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-16 -
2024-09-05		 a year crt.sh
*.cheqzone.com
ZeroSSL ECC Domain Secure Site CA		 2023-10-06 -
2024-01-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
cdn.vidverto.io
R3		 2023-09-23 -
2023-12-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
script.ac
E1		 2023-10-31 -
2024-01-29		 3 months crt.sh
adsdk.microsoft.com
Microsoft Azure TLS Issuing CA 02		 2023-10-11 -
2024-04-08		 6 months crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2023-03-27 -
2024-04-26		 a year crt.sh
*.outbrainimg.com
R3		 2023-09-29 -
2023-12-28		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-11-14 -
2024-02-12		 3 months crt.sh
www.bing.com
Microsoft Azure TLS Issuing CA 01		 2023-10-24 -
2024-04-21		 6 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
track.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-06 -
2024-09-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
ie-ad-exch-prd-one-eks.prd.eks.ie.adexchange.gumgum.com
Amazon RSA 2048 M01		 2023-07-17 -
2024-08-14		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
s.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-03 -
2024-02-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
ads.playground.xyz
GTS CA 1D4		 2023-10-04 -
2024-01-02		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-11 -
2024-09-11		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.ctnsnet.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-13 -
2024-11-10		 a year crt.sh
*.iprom.net
R3		 2023-11-13 -
2024-02-11		 3 months crt.sh
truffle.bid
R3		 2023-10-24 -
2024-01-22		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh

This page contains 108 frames:

Primary Page: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Frame ID: 6CBF520C9DF587BDC3F840458974C22E
Requests: 214 HTTP requests in this frame

Frame: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: EC92B1A5C9566C0F9686A910F5A68997
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu_gDJOBZkOCGy6P7agDfBbS-0oWh4CnKf-Z6KVU6bwJoOO3tEsYkZKz2QZG8j1nGsQ3aWun48PnDUIz4Wf2z0S5fiL2T-dLa6hf_qyaBe4p83mEm03FaRM8A45oeph6fvwEFdL8_QNQZ99JmT8oKpY95xv9EftilhwA6BtJuLhCkOKlt7_oWJsvWF61hRxiG2ijxJFQ4T4PzULFlI91uwhSt7rIsGeP1-1fpoV855c-sigCBs98Ws8ysZLPnw9ZprvLwZfKlvsDhISTxlYODwfHzuyhMRMKPwOSREoqc7DGJg7f4iaHkw3gFkML-3luzuHA&sai=AMfl-YS1JkO7xE5ts5dGIjvTRqFsvaBDHUjq3ADCSdYSl6uN8fvQmReuLDQUydzAFR8H5LW7MnC9-Mqzc1QJGezF8G_fA50fqZqwI4wjrnSWBSwCMpnEw-pX6xoGQg1EeA0k4f4iqUlt1WbrDs-IbWMJWNo&sig=Cg0ArKJSzN8JQ1buHEJNEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 4B907BA5B5B18D99F94DEE08E92B5BA6
Requests: 4 HTTP requests in this frame

Frame: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: C262F0E9DB0D6C9FB3E4FECCA15B9A0F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Frame ID: A9B629DB44B27C0D54C0154079C03754
Requests: 16 HTTP requests in this frame

Frame: https://widgets.outbrain.com/n2d/widget/widget.js
Frame ID: 08BBD36D83E37984D2CDF57201AC47D9
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 6B5213FD458E9AC23C3FA76084519BAC
Requests: 6 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 14C60BFE059D2C7FB7C57C813BCEB5B5
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=adiiix
Frame ID: 6ED4E04F2680D789C65A85F5FCF1E2E1
Requests: 20 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 88F5F4F6CC7D4FDA09F13F3C205A1FE1
Requests: 26 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 55474F2D796727BC33828625EB44F224
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 6B3A148B596D7E0C40CA09C41BA62CCC
Requests: 1 HTTP requests in this frame

Frame: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: FC3FF3CEB7919496300F57F03413D1D8
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 06F5B59FE77CAFDED75B3A75B2183F13
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B536D0E67468532AE20E0EACA176421D
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMQM3iJRsVf8beiD5dv48UgTC4g4fZbWPRLfpDn8bp_jmW3KjfL1fKN8gGe_v5hqXOQWeB5wnl170HPlEMtfgTuy3YAylW-ngFs-gBDZGb_M41THudZF1rFysBBzXlfRXb9A7XvlwS7a5sJncGqd4Y1uz-tAjGWx48NmJfRHCmRuwYy6isWE7rJ4oZzdOBRDzJSS-GNvuaY8o4zjHP4nstPOXBVQlHCZALZ9Li789QJ8FntXKkfWiVDf_TV_3nAC_99rc-cNNmsbKUNRLc_94UjJ9nTdgGFEoG2RNx-VXyGf_mW47lxulrwclWi6JoTAlpGEi0IeQvRwm3rkxFP3unNYnG17L2&sai=AMfl-YQo10rhbdayYXGRpiJrSoxmbElE3lSmbedc8gtj7sgrOiz3x7I-gkzq6bb-glvblQEagpB8TmtqwxL1JqQHPhzL7pPA7DeWik8TYIqCrP1QeUaut9Y0R4KMD75eSvE&sig=Cg0ArKJSzMyd4_VFQ5KxEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 57691057EE30427D9132C403232D1402
Requests: 14 HTTP requests in this frame

Frame: https://cadmus.script.ac/dpjgrnd6i7dk0/script.js
Frame ID: D22ABE33CC232145CAF8222509680DD3
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Frame ID: 27FA7DC347723198AA13B1A518ACBBCC
Requests: 1 HTTP requests in this frame

Frame: https://164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Frame ID: 4DBF15334A469AF154964D4B26697A92
Requests: 1 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0;rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt_HtNOPh3We0jJGV5qwjkiUKzWr_qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV_YxgqFj_MmnWuft-0MibOKb_GQNxwRPY59cv4y_r6hn3aDtuT-ryQOXLN3_XlG5eTbO8_XgkX7hLg9O-fzNIFX41vnnnJkg_7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Frame ID: 4AFF55C78CF1D2F441290CDA8DA5CBF5
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Frame ID: 7AAFBAE611C5173287C5803633FD6D33
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3A41539B829C735CE36F2666EAB19C88
Requests: 9 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=undefined&cb=1700187468930&uv=3358&tms=1700187468930&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a9cc76e-6854-4c60-b2a9-a00f42f2cb75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: 2284EA49A1BCBB8CD9305599BB33F754
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: D9CECA5B619BBAD686E1C27D4E799CDE
Requests: 3 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Frame ID: 59788F24310D52A53FEAF8C60AA5E5CE
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5B1A9E26D07273F5F6A893C2A268E7A5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CEC147B2155968E9EA9534399EE5FAC
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Frame ID: 457E3B62D6E30816072A7F6BBF8A4B9F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
Frame ID: 9FCB86DC78CE3015C22C50A788B51990
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9DE454A936CABE7E409535FA492115B1
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Frame ID: 127B4ADB4FC76710AD82C927E70220C6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Frame ID: 08A7F150CE2A3153114ABF40ACA93D83
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8C92A3CBB5FFEA0A1193A738BF5A43F8
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1A6DC7240E382F870C2A2C8878841E0C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0801B8080723BDAE92A4E17724C61DD1
Requests: 2 HTTP requests in this frame

Frame: https://s1.adform.net/Banners/Elements/Files/2135726/13311272/13311272.js?ADFassetID=13311272&bv=257
Frame ID: 1824C2608A7BAB140CE68BB6D7428CEF
Requests: 5 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: C17686441919BFEA597A7E79D95035B2
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4DFB99CFE8481A8BDB6A2729EC9DF954
Requests: 2 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 81606624D71AFF6C9A43B0A044E44BA9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700187467228
Frame ID: 6FF6AA89DACC3AD5161CB90D3796E87D
Requests: 7 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: E0EC331E79ACC28D0F25F6E82449A63A
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: C8783D1024AD62CC771C04E503BF42EB
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: D85FCC9F0DDACD30EF3AEB8CC80F89BB
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 6F97F0C63FC03C7E8AC69EDF843B921C
Requests: 13 HTTP requests in this frame

Frame: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Frame ID: 4D11AA045EA860942B29B375B05ABC30
Requests: 7 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: D9D020056A078F4EAB9A943B52416CD1
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1700187467537
Frame ID: 6AC04A66D2DFAB3D83FE49FAF126B9C7
Requests: 7 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: A528EFF09077ED73EC1B5E5B275935CB
Requests: 10 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: A3A30890D6686284B57F8B57CAD431E7
Requests: 12 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: FBF337C5730502129649C4172972FCAF
Requests: 8 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 690A7CBE47FC108682858A75DD3AEDC3
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 4526B805E0EE8F13346CFF1A282AE208
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: FAB17160E694345CDD145F539EB38799
Requests: 4 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 9D5B00BB1B623A7AEABC0544D0DE399B
Requests: 20 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: 9F451906A0D37063449B64E380C17268
Requests: 9 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 3F34B2EC03FFE56AE4581444B612A5FC
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: B1FF6039F9C38871B2ACD57585F8B38A
Requests: 5 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=adf&i=8056414443070265019&gdpr=0&gdpr_consent=
Frame ID: 877413DA6ECE7CEF8BE4B2BBAA349FEF
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTQwMDY1NC03NWMxLTQyNWYtYTM0Mi1iYzYzNTkwZmYwYmY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 75E2DA566C971C4515553D35D8994733
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 386E9115DA59000D330D089F843681C4
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 67023287BB933423193E3750738E7C99
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: 67DE18246472DD3FFAC41DE16D575E04
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZVbNTsCo5ucAAKRJxsQAAAAA
Frame ID: 44308A27F66567437D877E0C483B96C0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c&pi=gumgum&tc=1
Frame ID: 9B68C4048E26DF9CBD7CB9DB8FCC211E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: C13733B38DBB166A075DC332C83A62CF
Requests: 4 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/smart/1462351491961293065
Frame ID: 35510065D29129918C74DB6477C37C1A
Requests: 1 HTTP requests in this frame

Frame: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Frame ID: 1C13F5FEEA021DD4607359B02F134335
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 6ABB91F4BC639AE49EDB2E5A4D70148F
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57B59519-9B3E-4DB5-B42D-FDB697822B64&redir=true&gdpr=0&gdpr_consent=
Frame ID: AAACA861152A740B685BF72CA723F6C0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: 8FD0EC1DDB8EB1732D5DED585E7C4875
Requests: 1 HTTP requests in this frame

Frame: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Frame ID: 43D76D336AFB00E507898ED287B51C42
Requests: 1 HTTP requests in this frame

Frame: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Frame ID: 4A061B2FC1D2FA50EFB94ABA40DD6D33
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 29B5FE469F94EEB36073BFBC5018688F
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: C3AF2E2EB74CAC17CDC9E5F520354CD8
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 36E50049F92F0FE63B9A8ECFD007D648
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 948BDB5E7F7EC1884BB24F44BFE5D78B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 56E9654C1A1521AB4EFD09FC84E65EF0
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVbNTwAANlmrtQBU
Frame ID: C4255A09FC572A339E807482A034C844
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: C7D8F81C08DE4E4C880793F52982C3C2
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: B99A9BF79D81557F7F1C70F3CB6391CA
Requests: 1 HTTP requests in this frame

Frame: https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Frame ID: 58E94F924EBB89C51DA3265D59224984
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 76F1657D3A70831F1EA82D7A714576AA
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 21E4984A5A2D96C0CEFEC88961D0F14F
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: D1635B23F32BFD526F51F7EA0B50A4CE
Requests: 1 HTTP requests in this frame

Frame: https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Frame ID: D3B29FB796275B6855FB18EB52E23A64
Requests: 1 HTTP requests in this frame

Frame: https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Frame ID: 0A9C373146B8CB0800F7F7E290B0D63F
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: A675FB4CC7CFF7E9D7BE3B3C045F2913
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Frame ID: 264F6AAEA783E231D5E9E4AE0BECAB1E
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: 640C9A884FEA05CF5AC7055D05369585
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/appnexus/4737946100709174159
Frame ID: 60C40D9E6E9EECD33AA33355D81EA0BF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP1ZPXH6-K-6UH9?gdpr=0
Frame ID: E0289EFC3E1A803160104E8F97587E6C
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Frame ID: 69931728E117A56D2338E4F5A7FF2DE9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/improve/3e2855c3-1a4d-48fe-9339-f98ac41a9459&partner_id=1010
Frame ID: 97EEF6D19FE62E29654470059542F041
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/openx/5be46707-4fa0-0811-11d5-ba94c919655a
Frame ID: C6B6C26A497F11592EA716CD83E3B22F
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: C6D53DF1C29AEED495C0E475A5537AD5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/adform/8056414443070265019
Frame ID: E222E138B495AAF3E04F4E4DD5AF164F
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Frame ID: CCBD79F79832585D9652D01BD8298D87
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c?pi=smilewanted
Frame ID: F66CDC8EBFFDF4449CCDD063E623AC4A
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=
Frame ID: DC44172FDB96777D50AA0391E30B6AC5
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C0DD8E60D1FC38D727574C8C61FC544B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:71E1AB8744644695805E27A511A92768&gdpr=0&gdpr_consent=
Frame ID: B3B41E7AAD981D080078618CB4444F6D
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4268733715
Frame ID: BDA4220111E50790EA4B459209B0499C
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: D5B20FC862C257E7E02FBEEA1C68386D
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: E156DCE038FA7658D2A58F42189728C2
Requests: 4 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: 2EF2A60104A5701F3729E4100420B48C
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: 5C6CB3BED2CFBAE8D055D68BB7833830
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/pubmatic/57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: 71389DA38E21CE69928EB1167584F7DC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=57B59519-9B3E-4DB5-B42D-FDB697822B64
Frame ID: 25E1BCBB1FB347CBFAF45FA4F1A8933C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

紅單炒作惹公部門「動手」? 花敬羣一句話盯上房市 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • statcounter\.com/counter/counter
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

626
Requests

78 %
HTTPS

24 %
IPv6

128
Domains

216
Subdomains

128
IPs

16
Countries

5555 kB
Transfer

19458 kB
Size

210
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Request Chain 89
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23 HTTP 302
  • https://ad.vidverto.io/delivery/v2/sync?userid=f1218a01-61df-46fa-aef4-16131160c7e4&p_id=23
Request Chain 90
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=6456bd6a-ea81-4edc-89d0-e570811b5cf7&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=6456bd6a-ea81-4edc-89d0-e570811b5cf7&gdpr=0&gdpr_consent= HTTP 302
  • https://b-eu1.marketperf.com/bsw_sync?bidswitch_ssp_id=prodoohmox&bsw_custom_parameter=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=436&user_id=16556cd4b50aff100291275&expires=5&user_group=1&gdpr=0&ssp=prodoohmox&bsw_param=c63acbb1-6fc6-4c18-b376-99f785c1f865 HTTP 302
  • https://ad.vidver.to/delivery/v2/sync?userid=c63acbb1-6fc6-4c18-b376-99f785c1f865&p_id=15
Request Chain 100
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=LP1ZPXH6-K-6UH9&gdpr=0
Request Chain 101
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
Request Chain 102
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Request Chain 104
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9sR7g2knHcY-aiXA0aCOopus9PU2v7Q3Q
Request Chain 105
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=1462351491961293065
Request Chain 107
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
Request Chain 108
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTdCNTk1MTktOUIzRS00REI1LUI0MkQtRkRCNjk3ODIyQjY0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Request Chain 109
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESENByJnzYrX48uYvODhKbMVA&google_cver=1
Request Chain 110
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Request Chain 112
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8d1c0658-9ff8-4dc1-b6b7-036b6bfac20e&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
Request Chain 113
  • https://ad.mox.tv/delivery/sync?userid=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE&p_id=5 HTTP 301
  • https://ad.mox.tv/delivery/v2/sync?userid=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE&p_id=5
Request Chain 118
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=adiiix
Request Chain 119
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}& HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 182
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP1ZPXH6-K-6UH9 HTTP 302
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP1ZPXH6-K-6UH9
Request Chain 207
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=P0szZsEhRfKvFal6ZVA3vw&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P0szZsEhRfKvFal6ZVA3vw
Request Chain 208
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJmYzVhZTU5ZWI4MWJiOTNmZTg5OWZjZjVjMzZkYTNmYmNlMjhjMQ
Request Chain 209
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1ZPXH6-K-6UH9
Request Chain 210
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0ILiTcHzRsi-rS6VDcxYEg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0ILiTcHzRsi-rS6VDcxYEg
Request Chain 212
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us HTTP 302
  • https://s.amazon-adsystem.com/ecm3?id=LP1ZPXH6-K-6UH9&ex=d-rubiconproject.com&status=ok
Request Chain 213
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v5kwrR1nhrKe2Mt4xjyFvg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pSXw3qZE2oIaZrREeF8mx0REIdkB3dKmMBrD1g--~A
Request Chain 214
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOTLPaF9oWfOWZHk1C2o1g&google_cver=1
Request Chain 215
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxWlBYSDYtSy02VUg5 HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRw_CbrSigip67dG9vm5xE&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxWlBYSDYtSy02VUg5&google_push=
Request Chain 216
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp HTTP 303
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1 HTTP 303
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABVWE7KrZsAABT_CDLLUg&expires=30
Request Chain 217
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP1ZPXH6-K-6UH9&redir=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP1ZPXH6-K-6UH9&redir=true HTTP 302
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rZFBKUXhWRTJ1RVl6eHlEbEtjVkNHWGNHUEVOTnJBbH5B&ovsid=LP1ZPXH6-K-6UH9&dpid=58160
Request Chain 218
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5627b720-1bf6-48c7-b423-24932b8c0196&expires=30
Request Chain 219
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1ZPXH6-K-6UH9
Request Chain 220
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP1ZPXH6-K-6UH9&pId=11&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://capi.connatix.com/us/pixel?puid=LP1ZPXH6-K-6UH9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Request Chain 221
  • https://token.rubiconproject.com/token?pid=37556&a=1 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP1ZPXH6-K-6UH9 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP1ZPXH6-K-6UH9
Request Chain 222
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn HTTP 302
  • https://ce.lijit.com/merge?pid=80&3pid=LP1ZPXH6-K-6UH9
Request Chain 234
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=86359b83-b8ec-40f8-9679-f9f2c184d462&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=b7112500-1c04-4bc4-a061-5bb153fca9a0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3FDI%3D0%26DIS%3DSB_15000-1-0%3F%26RG%3D12ff6b46532f4bd1837e4f12162d6494%26SNR%3D1%26GV%3D2%26med%3D10&rtype=miFeedbackURL&tagId=22132338&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba_ub&aid=6870987440758399052 HTTP 303
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=12ff6b46532f4bd1837e4f12162d6494&SNR=1&GV=2&med=10
Request Chain 252
  • https://ghent-aws-fr.bidswitch.net/imp/0.23027799999999998/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R68934215_Qrtbwp_R_I_WAUCTION__PRICE_X-gF__8qNFipQl974ntkw9gNkkG8BPrwfhX0_Qrtbdata_R7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X__nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt__HtNOPh3We0jJGV5qwjkiUKzWr__qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV__YxgqFj__MmnWuft-0MibOKb__GQNxwRPY59cv4y__r6hn3aDtuT-ryQOXLN3__XlG5eTbO8__XgkX7hLg9O-fzNIFX41vnnnJkg__7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/QGu-bjini0dU4aB90Yixl_do8MrYBqkRL-pdoj-o7MkSXCHmt9lF0XgO4NF_CftSGJYsiQ8m7LfnTtdtDMJ9l4xCIz83EZNbATYrnH715iHiZkNyolEmfZP2dTiobQN0BRnuUZLEM8cS0Zl1zakIlBvc1qgtnQJqCnVH4esWZb_251F792KlXw7p_cgH0CcpaE2Z6V01F1QuwFc9gtXZRXQKAlDsaWKw2_wdPefGCUfS3T5fzVyH6w8Rsa_YEPPjvfCmYjVAcKUY7Y4YDLjxYkXkTXhruhig19SqR6QzXDbsBiD6wpeCLzAHbnseAYv4n_Kdx26znx7CD7t5b_lD967lqpZKUsEwxT43GkStwPNjS9toCVR-aRGOre1C85YQ5EyNzt0k8NfhLKZcWE1mVG9pr0_aZMdf5AFFQjvIRmQuT1Mtuay98bEmg000ynbfArOQzsh4SJssEbEaCscVqs9xIsmAxJ8SM3I4YnzFUJ0sVJ1OkBVjdxzqTZE0RwXW0O61G-yu6MkFpb6LXAdMl7hzXNRxhvUd4-wSUHcMtHHu-_1uVp2ubCFK_eruPPPCurP7mKu7eo1vme_8e4Higons0SauWszvBUg1htRyKMuNPYdZfl4T32rNG4tdCj0hncUW0j_7o-MPUpuGu0T_c_CxoDNfnXwN84O2HEaLXFU8lBYD2HxJVv92Sizwmvg8lImJhUxA7v_ruKUhC5KA7YrHyaIQlCGRD20pNAIarlrzTVNoZXaj4xa3FY5QaKTZ_9-1mauESo1zGTW5jntuEUg-FxjJjJWFLz9e2Mgy4XMPFQGbQSjCOM6JMeQUMchz3OGAxGzfi01_C5AUSD197w-xhYGgyye2FsazlEWM-6sqZVKuh5P0iF0tGcgqsXlq-N5zrWx9iT9TTJ2NGiObliVZTMQ4zt4kK3iEifgP_2r7kKkSD1FrbyiBYWiwoE2wWkZyHBda8_I3fp239iD7pkVft6LMK5YM3XH80R9Zgmx7iIaJeccOu9v4FVZbctZRvdQNkOfMUxOfRs0VpQoUn3SEA5WW1AKuowCBpm84IM_Dh6OkA93wpUBM26cZU_PN0dc5f62d-gKKi2mr7tNIJq6eroQDF-ouKtK0TtERh3yQ-sn_7DQu1dJbOPIk0fFIEY9X3KkkhUniNNjFQvvtWJAmoZ9pYH0NttQ491qi5TyaayXnEcMLh10g019CmixJUxftoimeqGaeV_x391DrEtd_CeSKFbrouP2kB71GOTvdpVAgcWUkmsntlPau9zGOWT4mjbdjGlyVixsbKSM6DwD3oYIl6Yus6nNddddhxMnCp_j9V8NpvqaeHOggt4iz_FbKtzPboR7nRdRElWs-ZSOWa8drfYvN3IE7U0nj0RC1uMpFY1-V1TqLZsIHMIIo3kGAoBDPec689yUCBVa_j4jl6tw2c7Htr3KCJMnKLE3HdpVQa8HW8Nr_CJf-oRKxc6titUEhUcg-nVDztWFW1fQPpGHxg4oF2klzcCfQluAk4kBUgQyd6unHwcse-cH3lWadMxpp6GiLYRk0pPXGcaDdhxEvWlj0xtp3fBDxhrAFwccmZiLSQebU6LB76CRb5UdGMXydS0Bk4zsLKzBxkFykoo-5lZGwfcv9MlFO5hAoBMXv8TH1mEwqIduBwXMRHQq7EE5r5Gtz5lOaRDSDAdM8whl6Zkt2QNqTDlc-aqQBcG9B_hpAATr3znMUOY25plNM2048ugXqojb8Sbx383RAtSJszeaqz8TjyaR5DfyORQ/$%7BCLICK_URL_ENC%7D HTTP 302
  • https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0;rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt_HtNOPh3We0jJGV5qwjkiUKzWr_qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV_YxgqFj_MmnWuft-0MibOKb_GQNxwRPY59cv4y_r6hn3aDtuT-ryQOXLN3_XlG5eTbO8_XgkX7hLg9O-fzNIFX41vnnnJkg_7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Request Chain 253
  • https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=70&imp=1 HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=otm HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=otm HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6535013672049341254&ssp=otm HTTP 302
  • https://sync.dmp.otm-r.com/match/bidswitch?id=
Request Chain 277
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
Request Chain 278
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Request Chain 281
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0Grv_ZneLi39Y1GuCvPz0QCDe1uGvtQnQFRc_qZDHb0
Request Chain 282
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26uid%3D%23PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ2b7EjwnvdwMt-dMhiTu2Q&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Request Chain 283
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Request Chain 285
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c63acbb1-6fc6-4c18-b376-99f785c1f865&ssp=onetag&gdpr=0&gdpr_consent=
Request Chain 310
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_cver=1&google_push=AXcoOmSLstxmTjBsVzvtwpijB4t9-umWTRJclmgqauSRVlHcw_Q9-dEupfTW6PVDP4Q6mPBvCF-k7VcAaQnrx4jAx2XzXzlsmJFQ HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5126dc4f510f1594&is_secure=true&networkId=14000&version=1&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_cver=1&google_push=AXcoOmSLstxmTjBsVzvtwpijB4t9-umWTRJclmgqauSRVlHcw_Q9-dEupfTW6PVDP4Q6mPBvCF-k7VcAaQnrx4jAx2XzXzlsmJFQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHqouGE6qdSQNqtciSAAAAAAA&expiration=1700273869&google_cver=1&is_secure=true&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_push=AXcoOmSLstxmTjBsVzvtwpijB4t9-umWTRJclmgqauSRVlHcw_Q9-dEupfTW6PVDP4Q6mPBvCF-k7VcAaQnrx4jAx2XzXzlsmJFQ
Request Chain 312
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAU-57cGe4zg-Sgcze2mFpw&google_cver=1&google_push=AXcoOmQ1zL-6mVwDiMoJ09dmFXhcJMQmgexR1mlzs-_HybvV2cQTpTsQL6-08VBmpF1S3prFyEZeYz5tPbqM0YQBAG6vMioy-E1pMQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1zL-6mVwDiMoJ09dmFXhcJMQmgexR1mlzs-_HybvV2cQTpTsQL6-08VBmpF1S3prFyEZeYz5tPbqM0YQBAG6vMioy-E1pMQ&google_hm=eS1mMXRWN2c5RTJwRlF4c1RnLmdfWUJROE16YVNXb3c3TH5B
Request Chain 313
  • https://google.partners.tremorhub.com/sync?UIDF=CAESENbeTeNceC1KxME04j1cjkc&google_cver=1&google_push=AXcoOmQgZHHodbLzmzSRLSFPVUf5JNklJqkK65wvPTmWfj7MTIgcRRZJSkFZs7OeG6DRSgKv6fL-0s7Wsa2A0SBCelJbHOsSX1iQPg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGQ3MDVhMTkxYjExNGYwOGJiOWJiMzViZGJmZGQ5NDI%3D&UIDF=CAESENbeTeNceC1KxME04j1cjkc&google_cver=1&google_push=AXcoOmQgZHHodbLzmzSRLSFPVUf5JNklJqkK65wvPTmWfj7MTIgcRRZJSkFZs7OeG6DRSgKv6fL-0s7Wsa2A0SBCelJbHOsSX1iQPg
Request Chain 314
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELOZ4rx-cP6xxQrxk5CfxJw&google_cver=1&google_push=AXcoOmQaMttx2eZ9KvBASOUHeEDPjEHUHPKhPhSP8WIBsH_diAoUtst9zV7seYvEEWoxg1p065kXL-1BZU-j0gzP6lA45g5njEQEew HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQaMttx2eZ9KvBASOUHeEDPjEHUHPKhPhSP8WIBsH_diAoUtst9zV7seYvEEWoxg1p065kXL-1BZU-j0gzP6lA45g5njEQEew&google_hm=M0ZNeTU3N2RkNDdNUDZMZGswTXo=
Request Chain 315
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF4bjQCYtb4Uuv337GacZU0&google_cver=1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1700187469055 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw%26google_hm%3DA58C5d2CfU3Av_64d_6tBww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw&google_hm=A58C5d2CfU3Av_64d_6tBww
Request Chain 329
  • https://pr-bh.ybp.yahoo.com/sync/taboola/99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
Request Chain 331
  • https://pr-bh.ybp.yahoo.com/sync/taboola/99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
Request Chain 361
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBSrvJsCQQxlf5h3pd5kHNk&google_cver=1&google_push=AXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSrvJsCQQxlf5h3pd5kHNk&google_cver=1&google_push=AXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 363
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE6py4vcRSyDYZfForz9LiE&google_cver=1&google_push=AXcoOmRLBKFGJd3c-6qldzY7MpI37NP0x_1-b9KalwCDbeEU09k2Re0iuhPTluGlxLrfVdk0TTjYlncUdbjQNS3KK9QG8DHTkRMe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI0OTU3NjQzMTc0NTE3MA%3D%3D&google_push=AXcoOmRLBKFGJd3c-6qldzY7MpI37NP0x_1-b9KalwCDbeEU09k2Re0iuhPTluGlxLrfVdk0TTjYlncUdbjQNS3KK9QG8DHTkRMe
Request Chain 364
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEN-sAjTHB2b4t6RZp9shuTw&google_cver=1&google_push=AXcoOmS3ysGYEgBSLeAo9ZZi9WaMw4zZKYtnIMM-OsHBOpAd_Tvhct3UMuC6KwMC0xkKEUs8Hvb70f_vaSudM7WMhYlgZRl2_Kt3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmS3ysGYEgBSLeAo9ZZi9WaMw4zZKYtnIMM-OsHBOpAd_Tvhct3UMuC6KwMC0xkKEUs8Hvb70f_vaSudM7WMhYlgZRl2_Kt3
Request Chain 365
  • https://match.360yield.com/match/ebda?google_gid=CAESEIObhPnpgQvqLSwVfkkan3w&google_cver=1&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJW9dll4SE1yx1 HTTP 302
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIObhPnpgQvqLSwVfkkan3w&google_cver=1&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJW9dll4SE1yx1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PihVwxpNSP6TOfmKxBqUWQ&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJW9dll4SE1yx1
Request Chain 366
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF4bjQCYtb4Uuv337GacZU0&google_cver=1&google_push=AXcoOmRQrBA7LcguECvGsarMYm6oUWfdxb9L6PasPKcc4kYmu_hC55p4tjk-omw65yl-KeIJtoWbLY_JZM82ySxa9dXqnTosQpg HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRQrBA7LcguECvGsarMYm6oUWfdxb9L6PasPKcc4kYmu_hC55p4tjk-omw65yl-KeIJtoWbLY_JZM82ySxa9dXqnTosQpg%26google_hm%3DA58C5d2CfU3Av_64d_6tBww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRQrBA7LcguECvGsarMYm6oUWfdxb9L6PasPKcc4kYmu_hC55p4tjk-omw65yl-KeIJtoWbLY_JZM82ySxa9dXqnTosQpg&google_hm=A58C5d2CfU3Av_64d_6tBww
Request Chain 367
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEBYmp8Ol8Fd6FsO8fil-xRY&google_cver=1&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm0VE1-IWzPUcmHWusJgIhlw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm0VE1-IWzPUcmHWusJgIhlw&google_hm=WlZiTlRzQ281dWNBQUtSSnhzUUFBQUFB
Request Chain 398
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=86359b83-b8ec-40f8-9679-f9f2c184d462&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=b7112500-1c04-4bc4-a061-5bb153fca9a0&rlink=https%3A%2F%2Fwww.bing.com%2Faes%2Fc.gif%3Ftype%3Dmv%26reqver%3D1.0%26rg%3D12ff6b46532f4bd1837e4f12162d6494%26tids%3D15000%26med%3D10&rtype=mvFeedbackURL&tagId=22132338&trafficGroup=knaqe_3c&trafficSubGroup=knaqe_3c_pyvpxpbasvezngvba_ub&aid=6870987440758399052 HTTP 303
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=12ff6b46532f4bd1837e4f12162d6494&tids=15000&med=10
Request Chain 405
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js HTTP 301
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Request Chain 417
  • https://adpushup-d.openx.net/w/1.0/pd HTTP 302
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
Request Chain 426
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
Request Chain 431
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 438
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 443
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=4737946100709174159
Request Chain 444
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=Hq0JtRZHJ0kwAHgrQwiKYQoU
Request Chain 446
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=5850600376 HTTP 302
  • https://sync.1rx.io/usersync/turn/8103032297166246067?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003
Request Chain 447
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5144588527503405045
Request Chain 448
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=0d48f7bf-3768-4ebc-beb6-3de6de9a39c4
Request Chain 449
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 450
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Request Chain 451
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3ce164ce-1168-3b18-bf2f-a6731aec520a&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zY2UxNjRjZS0xMTY4LTNiMTgtYmYyZi1hNjczMWFlYzUyMGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zY2UxNjRjZS0xMTY4LTNiMTgtYmYyZi1hNjczMWFlYzUyMGEyAhgGOAE=&gdpr=&gdpr_consent=
Request Chain 452
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Request Chain 454
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 455
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_uhXjqu5Vtrl6QGN-LlP3KnlU4_lvlTb_rgzmMBU
Request Chain 456
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8056414443070265019
Request Chain 460
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIPicT-OiELIsRv5a6SqLHI&google_cver=1
Request Chain 467
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
Request Chain 472
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b599b6ac249443169ade5b62a36228eb HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1aa1cde8-139b-4784-a480-00eb3f0a0c22 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=835ee9d9-687f-4feb-8f74-7ce8f84a2864%3A1700187471.6447213&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D835ee9d9-687f-4feb-8f74-7ce8f84a2864%253A1700187471.6447213%26_%3D1700187471.6468797&cb=1700187471.6469297 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527503405045&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D835ee9d9-687f-4feb-8f74-7ce8f84a2864%253A1700187471.6447213%26_%3D1700187471.6468797 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=835ee9d9-687f-4feb-8f74-7ce8f84a2864%3A1700187471.6447213&_=1700187471.6468797 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc4MzVlZTlkOS02ODdmLTRmZWItOGY3NC03Y2U4Zjg0YTI4NjQ6MTcwMDE4NzQ3MS42NDQ3MjEzEAAaDQjPmtuqBhIFCOgHEABCAEoA HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
Request Chain 473
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVbNTlVsUjeTdTa5zO2UGQAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGAVNNpe8nK6LmI_A8rUg7s&google_cver=1
Request Chain 474
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71E1AB8744644695805E27A511A92768
Request Chain 475
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
Request Chain 476
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8056414443070265019&expiration=1701397070
Request Chain 477
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4737946100709174159
Request Chain 479
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNYngN2i_XuRJGJB0WPZLU&google_cver=1
Request Chain 480
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1aa1cde8139b4784a48000eb3f0a0c22 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1aa1cde8-139b-4784-a480-00eb3f0a0c22 HTTP 302
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=05bdbb83-c425-4452-ab6f-e97636264e93%3A1700187471.6460516&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D05bdbb83-c425-4452-ab6f-e97636264e93%253A1700187471.6460516%26_%3D1700187471.648279&cb=1700187471.648311 HTTP 302
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527503405045&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D05bdbb83-c425-4452-ab6f-e97636264e93%253A1700187471.6460516%26_%3D1700187471.648279 HTTP 302
  • https://idsync.rlcdn.com/501709.gif?partner_uid=05bdbb83-c425-4452-ab6f-e97636264e93%3A1700187471.6460516&_=1700187471.648279 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
Request Chain 482
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a22d91ba4e30f9aaf86fe39e8716c80&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d&34673=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1972_7302251787229313097&gdpr=0&gdpr_consent= HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://ads.stickyadstv.com/user-registering?userId=AABVWE7KrZsAABT_CDLLUg&dataProviderId=817&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Request Chain 483
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=asMivCp31R3Oqy5
Request Chain 484
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATION%5D&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Request Chain 485
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01e3c4b5-cb8a-4b70-8d0a-a5a51be442e1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 486
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7153318e-ef13-f12c-983a08a1
Request Chain 491
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=d8c60c00-3f15-4955-a2e9-6affd0a8638a&gdpr_consent=null&gdpr=0
Request Chain 492
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tEUeJrCRJv6f&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 493
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8056414443070265019&gdpr=0&gdpr_consent=
Request Chain 494
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=089dd50ff1
Request Chain 497
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8d1c0658-9ff8-4dc1-b6b7-036b6bfac20e&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
Request Chain 498
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Request Chain 506
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=4737946100709174159
Request Chain 507
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_89400654-75c1-425f-a342-bc63590ff0bf&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=f1aa2d0b-5edb-4671-aaa2-1e693a443b8a&expires=1&user_group=5&ssp=gumgum2&bsw_param=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 508
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=099301e1-57d0-0ed9-30db-6d957ff5cc6e
Request Chain 509
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b3d87671-d6b5-5539-606c-6f7f648d5d3c$ip$185.195.71.214
Request Chain 510
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-qlOXKKRE2pemFSzJ21lPfZnRkv3xUblXY3Lc~A
Request Chain 511
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=5627b720-1bf6-48c7-b423-24932b8c0196
Request Chain 513
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_89400654-75c1-425f-a342-bc63590ff0bf&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_89400654-75c1-425f-a342-bc63590ff0bf&s=2&us_privacy=1--- HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=tmjZSQ8uvO2ZnL4dOj3k&gdpr=0&us_privacy=1---
Request Chain 514
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=tYujJOb4LABT&ev=1&pid=558355
Request Chain 515
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=1462351491961293065
Request Chain 517
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%26id%3D%5BBUYER_ID%5D HTTP 307
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b2fc29283591d7929729cb12e15c0169
Request Chain 518
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=67f74795-0057-09db-2f38-648ff7a647cd
Request Chain 519
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Request Chain 520
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4648383420934579754688
Request Chain 522
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
Request Chain 523
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326 HTTP 302
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
Request Chain 527
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb.gumgum.com/usersync?b=adf&i=8056414443070265019&gdpr=0&gdpr_consent=
Request Chain 530
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP1ZPXH6-K-6UH9 HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=LP1ZPXH6-K-6UH9
Request Chain 535
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID HTTP 302
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
Request Chain 537
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.yellowblue.io/cs?aid=11601&id=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Request Chain 539
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVbNTsCo5ucAAKRJxsQAAAAA
Request Chain 540
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c&pi=gumgum&tc=1
Request Chain 541
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 542
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid] HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1462351491961293065
Request Chain 543
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ba86556-cd4f-4200-8b0e-8fe705485e4b&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 546
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yIRxg53VcNfThSeAztVp0Z-JdYLT0nLWyNRFPvrx HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Request Chain 547
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4737946100709174159&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 548
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302249576431745170&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 549
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s9h2cda1VTlgbG9_ZI1dPLnDR9Y&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 550
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a8aedc7e-c331-4b0b-afa7-3daa19cf927d&bsw_param=c63acbb1-6fc6-4c18-b376-99f785c1f865&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 551
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVldFN0tyWnNBQUJUX0NETExVZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABVWE7KrZsAABT_CDLLUg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1462351491961293065&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AABVWE7KrZsAABT_CDLLUg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1462351491961293065%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1462351491961293065&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABVWE7KrZsAABT_CDLLUg&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVWE7KrZsAABT_CDLLUg&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 552
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2f96dddf554d41b3a60c75381a33c525 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 553
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 554
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVbNTwAANlmrtQBU
Request Chain 556
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 557
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527503405045 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Request Chain 558
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3368826976765405468 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 564
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6eb7c9e34844e193/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DH1I2i050UnhTjRnYWSWWnbRY%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=45ba5fd87d0bacc1c844126b3cd53c8d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DH1I2i050UnhTjRnYWSWWnbRY%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UnhTjRnYWSWWnbRY&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 566
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V7WVGZs-TbW0Lf22l4IrZA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 567
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=&ct=y
Request Chain 568
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1348151878
Request Chain 569
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWk4UGJpLUg0dEhUU09mR1JscG5LeDZNZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=8056414443070265019&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 570
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8056414443070265019
Request Chain 572
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9mPEZeJE2uUKcXhhy2.691EMBAqeh3Q-~A&gdpr=0
Request Chain 574
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7a3481c2-8c4c-450b-88dc-baf27b3924a1-6556cd4f-4348&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 575
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2cd6387bc6551594&is_secure=true&networkId=17100&version=1&nuid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI2Tx43FFO5ANtPlSIAAAAAAA&expiration=1700273871&nuid=57B59519-9B3E-4DB5-B42D-FDB697822B64&is_secure=true&gdpr_consent=&gdpr=0 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Request Chain 576
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8247147485242101939&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 577
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:580f256b-7549-4866-a3ff-f5f33824c571&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 578
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/4737946100709174159
Request Chain 580
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP1ZPXH6-K-6UH9?gdpr=0
Request Chain 582
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/improve/3e2855c3-1a4d-48fe-9339-f98ac41a9459&partner_id=1010
Request Chain 584
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/openx/5be46707-4fa0-0811-11d5-ba94c919655a
Request Chain 588
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID HTTP 303
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8056414443070265019
Request Chain 590
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__ HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Request Chain 591
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP1ZPXH6-K-6UH9 HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=LP1ZPXH6-K-6UH9
Request Chain 592
  • https://creativecdn.com/cm-notify?pi=smilewanted HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c?pi=smilewanted
Request Chain 609
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:71E1AB8744644695805E27A511A92768&gdpr=0&gdpr_consent=
Request Chain 610
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4268733715
Request Chain 613
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=57B59519-9B3E-4DB5-B42D-FDB697822B64&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=57B59519-9B3E-4DB5-B42D-FDB697822B64&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 614
  • https://pixel.onaudience.com/?partner=214&mapped=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 624
  • https://pr-bh.ybp.yahoo.com/sync/taboola/99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb?gdpr=1&us_privacy=1--- HTTP 302
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A

626 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
www.bg3.co/a/ 		59 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.231.174.251 New York, United States, ASN9744 (XLC-AS-AP XLC GLOBAL, HK),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
6bd1e6977824b2917cae5408415a4b68b9b6bb70f500c1c60036aee516f7766e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:45 GMT
etag
"ed46-snLAZQZViGneNOV4Vo2qNyPzE+Y"
expires
Fri, 17 Nov 2023 02:18:45 GMT
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		278 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 02:17:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73200
x-xss-protection
0
server
sffe
etag
"b209cac081bc437c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 02:17:46 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 02:17:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9651
x-xss-protection
0
server
sffe
etag
"e5d8e2e1a4e85f74"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 17 Nov 2023 02:17:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		101 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cb4427aa8c5e07464eaa4de61c31861acf89a5daa39d5a2665ae975bd51be013
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31447
x-xss-protection
0
server
cafe
etag
801 / 19678 / m202311090101 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:46 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b2b646e49650b10b0a0c09abcbed644e0fd130ae1926a0d0e8ad2be3c2675e55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91451
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 02:17:46 GMT
counter.js
www.statcounter.com/counter/ 		40 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.statcounter.com/counter/counter.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2023 15:29:57 GMT
user-cache-control
max-age=43200
server
cloudflare
age
35647
etag
W/"a1eb-60a46b13af7c8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cache-control
max-age=43200
cf-ray
82747aafdebfbaa5-MXP
expires
Fri, 17 Nov 2023 04:23:38 GMT
adRecover.js
delivery.adrecover.com/43519/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C54) /
Resource Hash
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
age
21758
x-cache
HIT
x-client-device
desktop
content-length
10744
x-ap-device
DESKTOP
last-modified
Thu, 16 Nov 2023 07:59:26 GMT
server
ECAcc (mil/6C54)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 17 Nov 2023 03:17:46 GMT
adpushup.js
cdn.adpushup.com/42753/ 		750 KB
155 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C73) /
Resource Hash
24bb3b133c1dcd54db877830ddf33443cd6fb3bfbb1ce015f335e69ca5ea87d0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
age
21758
x-cache
HIT
x-client-device
desktop
content-length
158303
x-ap-device
DESKTOP
last-modified
Thu, 16 Nov 2023 11:42:26 GMT
server
ECAcc (mil/6C73)
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-ap-geo
CH
accept-ranges
bytes
expires
Fri, 17 Nov 2023 03:17:46 GMT
loader.js
cdn.taboola.com/libtrc/palmate-bg3co/ 		683 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f32ec7a452af020a426f77bb326ece4e42276a194b650aedd1287ee054fda884

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KUWczeTzdo6sr4mnjSRd0RN7yEgLl3Bu
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:46 GMT
x-amz-request-id
E48C8KD31YPXEYFX
age
0
x-amz-server-side-encryption
AES256
x-cache
MISS
x-amz-replication-status
FAILED
content-length
56768
x-amz-id-2
9NMmCYvNAa1oK3YgPn+xzV7twfiEmUgKS93bT/Mcz5nfbo0f/46JerKFRpds/0mZu19v4JeRzPY=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 11:45:45 GMT
server
AmazonS3
x-timer
S1700187466.220135,VS0,VE676
etag
"9723a2eed02dc84d9d9896aba7dd77f7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
0
sdk
cdn.aralego.net/ucfad/sdk/us-east/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/us-east/sdk
39 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4535
alt-svc
h3=":443"; ma=86400
content-length
40188
last-modified
Mon, 28 Aug 2023 06:02:11 GMT
server
cloudflare
etag
"64ec3863-9cfc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sxh7rZI8Usk%2B1%2FlzvuqgfLqGMeM5Au7Pn2HeFdm8ZieVl4wQHJdNxLeaNlZxcb1U0djCr%2Bkt%2Ff5yy667F3pK%2FbLpCLaSBkjjFFHvejWSXdzvX2RKjSQkHLmubjkL0A0tFkwKXpBAEgE3hmFmkw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
82747ab2cc70bad6-MXP

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/us-east/sdk
Connection
close
Content-length
0
t.php
c.statcounter.com/ 		192 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.statcounter.com/t.php?sc_project=12918656&u1=006FA9EFE3994F829578C467E1907286&java=1&security=dd738f34&sc_snum=1&sess=de22c1&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&t=%E7%B4%85%E5%96%AE%E7%82%92%E4%BD%9C%E6%83%B9%E5%85%AC%E9%83%A8%E9%96%80%E3%80%8C%E5%8B%95%E6%89%8B%E3%80%8D%EF%BC%9F%E3%80%80%E8%8A%B1%E6%95%AC%E7%BE%A3%E4%B8%80%E5%8F%A5%E8%A9%B1%E7%9B%AF%E4%B8%8A%E6%88%BF%E5%B8%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&invisible=1&sc_rum_e_s=2707&sc_rum_e_e=2711&sc_rum_f_s=0&sc_rum_f_e=2704&get_config=true
Requested by
Host: www.statcounter.com
URL: https://www.statcounter.com/counter/counter.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
access-control-allow-credentials
true
cf-ray
82747ab02ecebaa5-MXP
expires
Mon, 26 Jul 1997 05:00:00 GMT
72127d3848c5b730e96a246f9d1ffbad.jpg
static.bg3.co/imgs/202105/ 		0
0
1223c8e7e04bea10ed82caaebedf2b5a.jpg
static.bg3.co/imgs/202105/ 		0
0
162a294ba78bc6c443074bd85d9b5379.jpg
static.bg3.co/imgs/202105/ 		0
0
bc0a3307423e02729eb20893164cf42c.jpg
static.bg3.co/imgs/202105/ 		0
0
97009ff4aa72b04ce3a59c01cde1caee.jpg
static.bg3.co/imgs/202106/ 		0
0
cd3ff2dd8d5425660d1375ac32f6e891.jpg
static.bg3.co/imgs/202309/ 		0
0
d777f1591012235d692ec9e08b82f782.jpg
static.bg3.co/imgs/202105/ 		0
0
c191f79fd3538b0a0cbd6d1c17252297.jpg
static.bg3.co/imgs/202105/ 		0
0
a0bc8d5a2a492cbaae154ada703a692d.jpg
static.bg3.co/imgs/202309/ 		0
0
12742af32890f00202a660015e257e68.jpg
static.bg3.co/imgs/202310/ 		0
0
14fd4fd3b958f0fc66f375186fac00cb.jpg
static.bg3.co/imgs/202105/ 		0
0
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 21:40:31 GMT
age
189435
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2975
x-xss-protection
0
server
sffe
etag
"ebb1be4e47c7faed"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 21:40:31 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012310301456000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 15:59:38 GMT
age
209888
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"3c281510b2fc8bce"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 15:59:38 GMT
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
5386835
x-cache
HIT, HIT
content-length
29880
x-served-by
cache-lga21979-LGA, cache-mxp6920-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700187466.372236,VS0,VE0
etag
W/"28feccc0-14e98"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
49, 11085
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
4949366
x-cache
HIT, HIT
content-length
30875
x-served-by
cache-lga21931-LGA, cache-mxp6920-MXP
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
server
nginx
x-timer
S1700187466.372350,VS0,VE0
etag
W/"28feccc0-15d9d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=604800
accept-ranges
bytes
x-cache-hits
13, 853406
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		429 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 10:54:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
55420
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137535
x-xss-protection
0
server
cafe
etag
18342593356503948095
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 10:54:06 GMT
block.jpg
delivery.adrecover.com/ 		631 B
771 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1700187466409
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C71) /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 16 Nov 2024 02:17:46 GMT
date
Fri, 17 Nov 2023 02:17:46 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
ECAcc (mil/6C71)
age
7917108
etag
"60d2d6c2-277"
x-cache
HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-client-device
desktop
content-length
631
x-client-geo
CH
pb.42753.1698934930219.js
cdn.adpushup.com/prebid/ 		437 KB
127 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BB6) /
Resource Hash
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
age
1236381
x-cache
HIT
x-client-device
desktop
content-length
130160
last-modified
Thu, 02 Nov 2023 14:21:48 GMT
server
ECAcc (mil/6BB6)
etag
W/"6543b07c-6d3da"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 02:17:46 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
310 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6BBC) /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
age
8450224
x-cache
HIT
x-client-device
desktop
content-length
211
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
ECAcc (mil/6BBC)
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 02:17:46 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
253 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
linkPreview.js
cdn.adpushup.com/42753/ 		75 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (mil/6C88) /
Resource Hash
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-client-geo
CH
date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
age
5431323
x-cache
HIT
x-client-device
desktop
content-length
18371
last-modified
Tue, 13 Dec 2022 07:20:55 GMT
server
ECAcc (mil/6C88)
etag
W/"639827d7-12dc3"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 02:17:46 GMT
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAxODc0NjY0NzAsInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvbmctZGFuLWNoYW8tenVvLXJlLWdvbmctYnUtbWVuLWRvbmctc2hvdS1odWEtamluZy1xdW4teWktanUtaHVhLWNoZW5nLXNoYW5nLWZhbmctc2hpLmh0bWwiLCJtb2RlIjo0LCJlcnJvckNvZGUiOjAsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwiY291bnRyeSI6IkNIIn0%3D&c_b=2934.699996948242
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
nginx/1.18.0 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid not set due to GDPR
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
collect
region1.google-analytics.com/g/ 		0
251 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-JLX4K2W8JS&gtm=45je3b81v9102959953&_p=1700187466162&gcd=11l1l1l1l1&dma=0&cid=1707958932.1700187467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700187466&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=%E7%B4%85%E5%96%AE%E7%82%92%E4%BD%9C%E6%83%B9%E5%85%AC%E9%83%A8%E9%96%80%E3%80%8C%E5%8B%95%E6%89%8B%E3%80%8D%EF%BC%9F%E3%80%80%E8%8A%B1%E6%95%AC%E7%BE%A3%E4%B8%80%E5%8F%A5%E8%A9%B1%E7%9B%AF%E4%B8%8A%E6%88%BF%E5%B8%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3072
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAxODc0NjY2MjksInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvbmctZGFuLWNoYW8tenVvLXJlLWdvbmctYnUtbWVuLWRvbmctc2hvdS1odWEtamluZy1xdW4teWktanUtaHVhLWNoZW5nLXNoYW5nLWZhbmctc2hpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VjdGlvbk5hbWUiOiJBUF9MX0RfQVJUSUNMRV83MjhYMjUwXzc3YTljIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IkFEUF80Mjc1M183MjhYMjUwXzc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlcnZpY2VzIjpbMSwzXSwiYWRVbml0VHlwZSI6MX1dLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3093.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAxODc0NjY2MzYsInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvbmctZGFuLWNoYW8tenVvLXJlLWdvbmctYnUtbWVuLWRvbmctc2hvdS1odWEtamluZy1xdW4teWktanUtaHVhLWNoZW5nLXNoYW5nLWZhbmctc2hpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfQVJUSUNMRV83MjhYOTBfZDFjMTAiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M183MjhYOTBfZDFjMTBhNzItMjdiNC00OTMxLThjZTctOTlhMThlYmJkYmFlIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3100.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE3MDAxODc0NjY2MzcsInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvbmctZGFuLWNoYW8tenVvLXJlLWdvbmctYnUtbWVuLWRvbmctc2hvdS1odWEtamluZy1xdW4teWktanUtaHVhLWNoZW5nLXNoYW5nLWZhbmctc2hpLmh0bWwiLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6W3sic2VjdGlvbklkIjoiODYxZTBmNWUtMTRmMC00ZmUwLWIxZjYtMzVhMjhmMzNkMjI4Iiwic2VjdGlvbk5hbWUiOiJBUF9JX0RfMzM2WDI4MF84NjFlMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfMzM2WDI4MF84NjFlMGY1ZS0xNGYwLTRmZTAtYjFmNi0zNWEyOGYzM2QyMjgiLCJzZXJ2aWNlcyI6WzVdLCJhZFVuaXRUeXBlIjo4fV0sInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=3101.400001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE3MDAxODc0NjY2MjksInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2hvbmctZGFuLWNoYW8tenVvLXJlLWdvbmctYnUtbWVuLWRvbmctc2hvdS1odWEtamluZy1xdW4teWktanUtaHVhLWNoZW5nLXNoYW5nLWZhbmctc2hpLmh0bWwiLCJtb2RlIjo1LCJlcnJvckNvZGUiOjEsInJlZmVycmVyIjoiIiwicGxhdGZvcm0iOiJERVNLVE9QIiwiaXNHZW5pZWUiOmZhbHNlLCJzZWN0aW9ucyI6bnVsbCwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiY291bnRyeSI6IkNIIn0%3D&c_b=3109.300003051758
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
securepubads.g.doubleclick.net/gampad/ 		29 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2667122267959739&correlator=3425617590285972&eid=31079666%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=22574853003%2CADU-BG3-VIDEO&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700187466729&lmt=1700187466&adxs=220&adys=498&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&vis=1&psz=760x225&msz=760x0&fws=4&ohw=1600&ga_vid=1707958932.1700187467&ga_sid=1700187467&ga_hid=823845442&ga_fc=true&dlt=1700187466138&idt=534&adks=2226185566&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7434a3ce1818dc5b8361f2a1c79c56340e452273c3e0437561e5573f25ec3bdd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12874
x-xss-protection
0
google-lineitem-id
6344488284
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440076868
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		70 KB
21 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2667122267959739&correlator=1599247041137218&eid=31079666%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22967173653&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&sfv=1-0-40&ists=1&fas=8&eri=1&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1700187466738&lmt=1700187466&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&vis=1&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1707958932.1700187467&ga_sid=1700187467&ga_hid=823845442&ga_fc=true&dlt=1700187466138&idt=534&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D0%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_18_0_pv%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0_pv%26ap_refresh_type%3DAV_8%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_3%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_3%26adro%3Dv8_c%26faid%3Dfalse&adks=3412779558&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b16b368d431ac44238fc2d93fe086a857ca9450bf8970169fa57fd2aa533bca2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21471
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame EC92 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:46 GMT
expires
Sat, 16 Nov 2024 02:17:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_page_level_ads.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl_page_level_ads.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:12:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
43521
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13750
x-xss-protection
0
server
cafe
etag
15254217830347453119
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 14:12:25 GMT
quant.js
secure.quantserve.com/ 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
etag
"e23JaXq4HVtlOmThpFhluQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 24 Nov 2023 02:17:46 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20231117
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4452a656d8e30f51db5e00d47fc827013467f6c77d0eb2de0b086e752ebf9262
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
37013
x-jsd-version
1.0.1876
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230103-FRA, cache-mxp6932-MXP
x-jsd-version-type
version
server
cloudflare
etag
W/"63b-x6r4vBjPDeNqG5LT7S05uqZKQHo"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akOeyrUAhtDYlUbnTT%2BswZxdfeBtEiHSUnqiSho76Inbq36Q1x9S%2F4%2FY%2Fbf3N2sFLNz5HdLv8kiXEF4EAuXIjSOIfRqbyG5hpYQ4abR%2FRZMI7%2FcYtGaO2R0S%2FMy%2FvvbSCvQqhQLUlwwpy6szbnY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
82747ab3ab312355-ZRH
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f63f9bc958e44b18ddbb089cc01dfe2df5d967fdb97f194301870ac520d2e2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eRxIlOrItS8n12Ep%2BXf9kcWhXqGGSnr60zqfP%2BufEVEniBVo1XJrzHDXmmbQ4oC0fV1T%2BHHuXwxwzhDqHiQynIaSTK98GgCASNfg7E2usoYbSEBOLIv6Xg2Y8mgArF%2BBXaMQ%2FrF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82747ab3dade021d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f63f9bc958e44b18ddbb089cc01dfe2df5d967fdb97f194301870ac520d2e2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nIIEt2E8oJ%2Bcj4pRybUGixPtsvEHETqyayKQYtuImCIjHcpPH2RTIQ4t%2BdVS7e34ht53GL%2F8VmBSWMYbnuZIPAHH%2BWbtHANqnec2qRcYoUhS0SP6yxafhg1XTBHXhob8zRPrqFUc"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82747ab3dae1021d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
307 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=693656
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29f63f9bc958e44b18ddbb089cc01dfe2df5d967fdb97f194301870ac520d2e2

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3cG89JXqwuOHGLaXV8cwlH6n9b4Y7T4YiYVW5nuPUGM6QwC6BlkKZbGNjKn6LzzRJJ6KiVLcVGTurQsdMeEDzCrKZt9P6m%2BchBmzgudLcQwtnUdLqkTDIfOW7GzmpfdPIBjtZrF"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
82747ab3dadf021d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.76.107.155 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-76-107-155.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash
fe92eff8e341af9f3f431a7535dcdb0b554b22bed30a27879e0044fa4cb4a080

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 17 Nov 2023 02:17:47 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
bid-request
a.teads.tv/hb/ 		16 B
612 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.8.12 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-211-8-12.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Fri, 17 Nov 2023 02:17:46 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
924c7424b5c7c96052a804e964c0caf54c9ec24a7b78ca8f300045e587d17a4a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
924c7424b5c7c96052a804e964c0caf54c9ec24a7b78ca8f300045e587d17a4a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
prebidjs
rtb.openx.net/openrtbb/ 		53 B
229 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
924c7424b5c7c96052a804e964c0caf54c9ec24a7b78ca8f300045e587d17a4a

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
adreq
ads.servenobid.com/ 		592 B
657 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9093
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
51df5c4d53ae195b2d8bfbe1275fc7ffca77b164e538271917cee50a189af9c1

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		0
273 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 02:17:45 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
prebid
prebid.media.net/rtb/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
153.63.120.34.bc.googleusercontent.com
Software
envoy /
Resource Hash
43f645cf2a0f5e977e145efbaa578af6f7ee6231d23f097159141fcd9e27728d

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
via
1.1 google
accept-ch
Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server
envoy
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
104
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 02:17:46 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&PageUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&PageReferrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.253.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-253-230.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
8
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
/
prebid.smilewanted.com/ 		0
35 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82747ab409e6bb20-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
/
prebid.smilewanted.com/ 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, private
access-control-allow-credentials
true
cf-ray
82747ab409e8bb20-MXP
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
prebid-request
onetag-sys.com/ 		42 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
9e89277953a75f8445730d8e8c1244ddd8a8f13d07c209a8f1bfa5df287d88ca
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
23613
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
tlx.3lift.com/header/ 		19 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=7.48.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tmax=2500
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.123.91.65 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-123-91-65.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:46 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width
x-auction-status
29, 29, 29, 29, 29, 29, 29, 29, 29, 29, 29
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
9ea5f56cefd5c8bcd5319d2e26aa905028992c93a1c41423ef727382a805a922

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.3.0
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
Expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		5 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%2C55&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=91cdfd6d-c689-4032-abe9-6dedb1815694%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&kw=%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E%EF%BC%8C%E7%B4%85%E5%96%AE%E7%82%92%E4%BD%9C%E6%83%B9%E5%85%AC%E9%83%A8%E9%96%80%E3%80%8C%E5%8B%95%E6%89%8B%E3%80%8D%EF%BC%9F%E8%8A%B1%E6%95%AC%E7%BE%A3%E4%B8%80%E5%8F%A5%E8%A9%B1%E7%9B%AF%E4%B8%8A%E6%88%BF%E5%B8%82&tg_i.domain=bg3.co&tg_i.page=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tk_flint=pbjs_lite_v7.48.0&x_source.tid=fd0c17b9-fe68-4301-8773-f074d5c304a9%3B15aa27fd-c11c-43ab-aa92-c884d0d01e95&l_pb_bid_id=67113ae90b7cb73%3B686afaa00ac8d6d&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=fd0c17b9-fe68-4301-8773-f074d5c304a9%3B15aa27fd-c11c-43ab-aa92-c884d0d01e95&rp_maxbids=1&slots=2&rand=0.47774503260033785
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
e27203ff5e492787d73c5e4276efd1bd4f622afc92eedf751026cd807f105242

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
cdb
bidder.criteo.com/ 		0
189 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=35&wv=7.48.0&cb=70953310859&lsavail=0
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::7 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 02:17:46 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
prebid
ib.adnxs.com/ut/v3/ 		31 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
aa36d0c8f1314f40d836be68fec53070e2a59ad8c2bdeb08796302aedd842339
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
an-x-request-uuid
fe6052bf-5fc4-400f-8088-919a2d2509f2
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
637 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13057
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4ZHOHzgWek01I8PkXa4%2FKLRNF%2FtsH%2B3W4F59%2FRpJkyKjlL1464sHvkPBNg0XpoS%2BVATV5YpTZOkfnZ9o4fKD4PKWY07h9X0YCx2ZbBB7MKWiUMLKZe%2BXcTZmhUT5XhmMdEPiku390lebP42Q%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
82747ab3dcf1bad6-MXP
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
dbc8859a126031bd25cbe36951c6c34913de0336c1d729570287dc0179318e31

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
connection
close
content-length
46
ad_request
ads.aralego.com/ 		564 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&adid=ad-34BA6B783D78883D133AD3AD3D6293B9&w=&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.8059563904902469&gdpr=%24%7BGDPR%7D&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=300%2C250%3B336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&uaMobile=%3F0
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.96.203.13 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:47 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
564
view
securepubads.g.doubleclick.net/pcs/ Frame 4B90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvu_gDJOBZkOCGy6P7agDfBbS-0oWh4CnKf-Z6KVU6bwJoOO3tEsYkZKz2QZG8j1nGsQ3aWun48PnDUIz4Wf2z0S5fiL2T-dLa6hf_qyaBe4p83mEm03FaRM8A45oeph6fvwEFdL8_QNQZ99JmT8oKpY95xv9EftilhwA6BtJuLhCkOKlt7_oWJsvWF61hRxiG2ijxJFQ4T4PzULFlI91uwhSt7rIsGeP1-1fpoV855c-sigCBs98Ws8ysZLPnw9ZprvLwZfKlvsDhISTxlYODwfHzuyhMRMKPwOSREoqc7DGJg7f4iaHkw3gFkML-3luzuHA&sai=AMfl-YS1JkO7xE5ts5dGIjvTRqFsvaBDHUjq3ADCSdYSl6uN8fvQmReuLDQUydzAFR8H5LW7MnC9-Mqzc1QJGezF8G_fA50fqZqwI4wjrnSWBSwCMpnEw-pX6xoGQg1EeA0k4f4iqUlt1WbrDs-IbWMJWNo&sig=Cg0ArKJSzN8JQ1buHEJNEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:17:46 GMT
invocation.js
ad.vidverto.io/vidverto/js/aries/v1/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:10:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6555dc90-66a0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:46 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 4B90 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:46 GMT
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:1c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:14:32 GMT
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
195
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
MksdYn2MVetwJdSCxuLqYyeHag2t5W59baIYlWoSpqar4IHuh3Xerg==
impl.20231116-8-RELEASE.js
cdn.taboola.com/libtrc/ 		819 KB
170 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
_kI5ttVDhCqEeGHhZcRo5bvH1ylz9ugV
content-encoding
br
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:46 GMT
x-amz-request-id
50C1N11A7YSEXQ70
age
27197
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
173608
x-amz-id-2
NzzkzVUivSd4PFbdDWQUi8rWoerf/NG/i9HesMhEds+Ea6B+vGicxy1xLE4ZVUHNlnUcB4yOJbc=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:36 GMT
server
AmazonS3-br
x-timer
S1700187467.969707,VS0,VE0
etag
"1197218d03012ab8adb967e77a22c1b6"
vary
Accept-Encoding
content-type
application/javascript
abp
3
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
35969
impress
ad.vidverto.io/delivery/ 		56 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/impress?ctype=div&width=720&height=405&tld=www.bg3.co&pzoneid=9799&in_iframe=&position=atf&screen_width=1600&screen_height=1200&top_domain=www.bg3.co&top_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&domain=www.bg3.co&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&referrer=&async=1&uid=3642444198&gdpr=0&gdpr_consent=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
39108a26208871b2998efb4e634b30a9a55725098608bed8fde4c9b131043d89

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
application/json; charset=utf-8
truncated
/ Frame 4B90 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3da1286d21d6190bf7f7fdfe05879abe3f25f7d477e25832470d99cfcbc66886

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4B90 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstrtVC2TNPb1fuxPyJG_hPbKeABSIDf31CEapfmMxWhdD_UfcbQDUGDPEPC2SXCwF1I83ZpCihDAzALNUyub7puFxg2Wf3zSzuDG37p5QdcV1Cre70GQoD7-BI_YadMYoatgOb7YD3gzvz6HkSQtWFKSlSDiN_FGNhpUi-rVZUcnCbC4CJfp_VVthjdQKl5TQ490n2Dj7xrEZJyNYMxS7ZXVuJOwdExctfIfWhbScW4opfX45-bBHWrBVmXQmu42794gDk-BLtGPbvhqxe0_fP5ncV-k12GAhNFsDJTO1ZhO6bIOGB0wpuk5N5KPQdVSZAXNdDZ&sai=AMfl-YSNvzAt6lS_KAlPBYqhkd04DmzTWhVDun545SfsbysbtsnFLGbkYYjmfcYPdnx7KJwpDqaIPyxplOSOqaia3IuoahGfMh-9AywoYKq1JD35XpZmwcYOWrnkAgw8RHpID1bmKk9mMn7vaf6bF9OuxNE&sig=Cg0ArKJSzJ1x5MRyVvO5EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:17:47 GMT
container.html
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C262 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:46 GMT
expires
Sat, 16 Nov 2024 02:17:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sync
gum.criteo.com/ 		1 B
56 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
-1
cache-control
private, max-age=0
content-type
text/html
json
trc.taboola.com/palmate-bg3co/trc/3/ 		73 KB
17 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/trc/3/json?tim=03%3A17%3A47.133&lti=deflated&data=%7B%22id%22%3A3%2C%22ii%22%3A%22%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1700135136150%2C%22vi%22%3A1700187467129%2C%22cv%22%3A%2220231116-8-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html%22%2C%22vpi%22%3A%22%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3104%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22alternating-thumbnails-a%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Feed%22%2C%22orig_uip%22%3A%22Below%20Article%20Feed%22%2C%22cd%22%3A2287.09375%2C%22mw%22%3A760%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html%2CBelow%20Article%20Feed%3Dalternating-thumbnails-a%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
2e123b239fa9b7b0726fa621510953db60d2c5b2c8dafff82b95e17437e881cf

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
481
date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.28270833333333334
x-fastly-to-nlb-rtt
80483
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6947-MXP
x-log-content-encoding
gzip
server
nginx
x-timer
S1700187467.157514,VS0,VE481
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
debug
trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.124&type=info&msg=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&llvl=2&id=6000&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24081
debug
trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.126&type=info&msg=%7B%22mode%22%3A%22alternating-thumbnails-a%22%2C%22container%22%3A%22taboola-below-article-feed%22%2C%22placement%22%3A%22Below%20Article%20Feed%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9105&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24081
debug
trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.131&type=info&msg=Below%20Article%20Feed%20alternating-thumbnails-a&llvl=2&id=8412&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24081
/
onetag-sys.com/usync/ Frame A9B6 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
46af9c547fb80d2fc63363010cf0da7d2be1501e822d9336afa0f013a3d9fa03
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1438
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		365 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128095
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:17:47 GMT
inview.min.js
ad.vidverto.io/js/ima2/2/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/inview.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5ee0f3c3-1389"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:47 GMT
vast-client.min.js
ad.vidverto.io/js/ima2/2/ 		60 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/vast-client.min.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Tue, 03 Oct 2023 13:43:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"651c1a89-ee50"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:47 GMT
ima.min.js
ad.vidverto.io/js/ima2/2/ 		88 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/ima2/2/ima.min.js?correlator=014c5c39987adb8c121409403556206f
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Wed, 15 Nov 2023 11:21:43 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6554a9c7-161f9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:47 GMT
vidvertoplayer.js
ad.vidverto.io/vidverto/player/ 		130 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Wed, 01 Nov 2023 15:40:22 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"65427166-20687"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:47 GMT
prebid.js
ad.vidverto.io/js/achernar/ 		293 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/js/achernar/prebid.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Tue, 24 Oct 2023 15:09:23 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"6537de23-49456"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:47 GMT
invocation.min.css
ad.vidverto.io/vidverto/ 		3 KB
850 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/invocation.min.css
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/js/aries/v1/invocation.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Wed, 11 Nov 2020 16:53:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"5fac1711-a0a"
vary
Accept-Encoding
content-type
text/css
sync
ad.vidverto.io/delivery/v2/
Redirect Chain
  • https://a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2Fad.vidverto.io%2Fdelivery%2Fv2%2Fsync%3Fuserid%3D%7Buser_id%7D%26p_id%3D23
  • https://ad.vidverto.io/delivery/v2/sync?userid=f1218a01-61df-46fa-aef4-16131160c7e4&p_id=23
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/sync?userid=f1218a01-61df-46fa-aef4-16131160c7e4&p_id=23
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.vidverto.io/delivery/v2/sync?userid=f1218a01-61df-46fa-aef4-16131160c7e4&p_id=23
date
Fri, 17 Nov 2023 02:17:47 GMT
cache-control
no-store no-transform
server
nginx
content-length
161
content-type
text/html; charset=utf-8
sync
ad.vidver.to/delivery/v2/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=prodoohmox&user_id=6456bd6a-ea81-4edc-89d0-e570811b5cf7&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=prodoohmox&user_id=6456bd6a-ea81-4edc-89d0-e570811b5cf7&gdpr=0&gdpr_consent=
  • https://b-eu1.marketperf.com/bsw_sync?bidswitch_ssp_id=prodoohmox&bsw_custom_parameter=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=436&user_id=16556cd4b50aff100291275&expires=5&user_group=1&gdpr=0&ssp=prodoohmox&bsw_param=c63acbb1-6fc6-4c18-b376-99f785c1f865
  • https://ad.vidver.to/delivery/v2/sync?userid=c63acbb1-6fc6-4c18-b376-99f785c1f865&p_id=15
0
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidver.to/delivery/v2/sync?userid=c63acbb1-6fc6-4c18-b376-99f785c1f865&p_id=15
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
212.8.250.83 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
customer.worldstream.nl
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
//ad.vidver.to/delivery/v2/sync?userid=c63acbb1-6fc6-4c18-b376-99f785c1f865&p_id=15
date
Fri, 17 Nov 2023 02:17:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
favicon-16px.png
ad.vidverto.io/images/ 		900 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/images/favicon-16px.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
last-modified
Wed, 10 Jun 2020 14:52:51 GMT
server
nginx/1.14.0 (Ubuntu)
etag
"5ee0f3c3-384"
content-type
image/png
cache-control
max-age=604800, public, max-age=604800
accept-ranges
bytes
content-length
900
expires
Fri, 24 Nov 2023 02:17:47 GMT
css2
fonts.googleapis.com/ Frame C262 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 00:49:57 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 02:17:47 GMT
widget.js
widgets.outbrain.com/n2d/widget/ Frame 08BB 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 17 Nov 2023 06:17:47 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 08BB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44074
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 08BB 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10849
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 08BB 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10849
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 08BB 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:47 GMT
interstitial_ad_frame_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/ Frame C262 		21 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 03:59:33 GMT
content-encoding
br
x-content-type-options
nosniff
age
80294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8781
x-xss-protection
0
server
cafe
etag
9666818975682992898
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 03:59:33 GMT
img
sync.mathtag.com/sync/ Frame A9B6 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x29 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:47 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x29 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 17 Nov 2023 02:17:46 GMT
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=LP1ZPXH6-K-6UH9&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=2&uid=LP1ZPXH6-K-6UH9&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://onetag-sys.com/match/?int_id=2&uid=LP1ZPXH6-K-6UH9&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
ba134c4441b6cdf8ef9f5e0539a8ef3e
Expires
0
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
an-x-request-uuid
05db17ce-2192-44df-931f-8fdc8650f0b0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:47 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187467223073-389
tap.php
pixel.rubiconproject.com/ Frame A9B6 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame A9B6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9sR7g2knHcY-aiXA0aCOopus9PU2v7Q3Q
170 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9sR7g2knHcY-aiXA0aCOopus9PU2v7Q3Q
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABi9sR7g2knHcY-aiXA0aCOopus9PU2v7Q3Q
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=1462351491961293065
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=107&uid=1462351491961293065
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=107&uid=1462351491961293065
date
Fri, 17 Nov 2023 02:17:47 GMT
content-length
0
711916.gif
id.rlcdn.com/ Frame A9B6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame A9B6
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:47 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PSJEVMZG87B673M9AY3E
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTdCNTk1MTktOUIzRS00REI1LUI0MkQtRkRCNjk3ODIyQjY0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
date
Fri, 17 Nov 2023 02:17:47 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
157
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESENByJnzYrX48uYvODhKbMVA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENByJnzYrX48uYvODhKbMVA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESENByJnzYrX48uYvODhKbMVA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=&verify=true
  • https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
date
Fri, 17 Nov 2023 02:17:47 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame A9B6 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame A9B6
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8d1c0658-9ff8-4dc1-b6b7-036b6bfac20e&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 17 Nov 2023 02:17:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
sync
ad.mox.tv/delivery/v2/ Frame A9B6
Redirect Chain
  • https://ad.mox.tv/delivery/sync?userid=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE&p_id=5
  • https://ad.mox.tv/delivery/v2/sync?userid=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE&p_id=5
0
158 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.mox.tv/delivery/v2/sync?userid=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE&p_id=5
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=46218987a9da2b5&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
212.8.250.228 Rotterdam, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
212-8-250-228.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-length
0
server
nginx/1.14.0 (Ubuntu)

Redirect headers

location
https://ad.mox.tv/delivery/v2/sync?userid=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE&p_id=5
date
Fri, 17 Nov 2023 02:17:47 GMT
server
nginx/1.14.0 (Ubuntu)
content-length
194
content-type
text/html
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 6B52 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7f66d59ff92c0971d1f27511dbed019307a1d66d799653c20001a715eb0f7f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10183
x-xss-protection
0
server
cafe
etag
6601296572619086483
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:47 GMT
pixel;r=220426093;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html;uh=e51ed67dfb8d91dc24b15e2ace...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=220426093;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1089899889-1700187466901;pbc=91cdfd6d-c689-4032-abe9-6dedb1815694;ns=0;ce=1;qjs=1;qv=6076e8c2-20231114150359;cm=;gdpr=0;ref=;d=bg3.co;dst=1;et=1700187467290;tzo=-60;ogl=;ses=7d2fc17a-5385-481e-888a-69d5471696b4;mdl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5ed4:8d5d:fed7:f5ef , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
auctionData
e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb/auctionData?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nb25nLWJ1LW1lbi1kb25nLXNob3UtaHVhLWppbmctcXVuLXlpLWp1LWh1YS1jaGVuZy1zaGFuZy1mYW5nLXNoaS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwicGxhY2VtZW50IjoxLCJyZWZyZXNoQ291bnQiOjAsInByZWJpZEF1Y3Rpb25JZCI6Ijk2Y2JiNGU2LTlhOGMtNDExZi1iNmUzLTdlYjA5YzhhZGE1MiIsInRpbWVPZkF1Y3Rpb24iOjE3MDAxODc0NjY3ODcsImJpZHMiOlt7ImNwbSI6MC4wMTI1ODYsImFkSWQiOiI3NzFlMzQwZGNkNzE2ZmYiLCJvcmlnaW5hbENwbSI6MC4wMTI1ODYsImJpZGRlciI6ImFwcG5leHVzIiwicmV2ZW51ZSI6MC4wMDAwMTI1ODYsImZvcm1hdFR5cGUiOiJuYXRpdmUiLCJyZXNwb25zZVRpbWUiOjM4NiwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAxODc0NjcyMjV9LHsiY3BtIjowLjAwODIxNjcxOTY0OTk5OTk5OSwiYWRJZCI6IjgxYzJjMDA4NTA4N2RlIiwib3JpZ2luYWxDcG0iOjAuMDA4MjE2NzE5NjQ5OTk5OTk5LCJiaWRkZXIiOiJvbmV0YWciLCJyZXZlbnVlIjowLjAwMDAwODIxNjcxOTY1LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MDAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMTg3NDY3MjI3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6ImFwcG5leHVzIiwicHJlYmlkV2lubmVyQWRVbml0SWQiOiI3NzFlMzQwZGNkNzE2ZmYiLCJwcmViaWRXaW5uZXJDcG0iOjAuMDAwMDEyNTg2fSx7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInBsYWNlbWVudCI6MSwicmVmcmVzaENvdW50IjowLCJwcmViaWRBdWN0aW9uSWQiOiI5NmNiYjRlNi05YThjLTQxMWYtYjZlMy03ZWIwOWM4YWRhNTIiLCJ0aW1lT2ZBdWN0aW9uIjoxNzAwMTg3NDY2Nzg3LCJiaWRzIjpbeyJjcG0iOjAuMDEsImFkSWQiOiI3NWUxY2NhZTFkMTM0ZjciLCJvcmlnaW5hbENwbSI6MC4wMSwiYmlkZGVyIjoicnViaWNvbiIsInJldmVudWUiOjAuMDAwMDEsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZXNwb25zZVRpbWUiOjM4MSwidGltZU9mQmlkUmVjZWl2ZWQiOjE3MDAxODc0NjcyMTJ9LHsiY3BtIjowLjAyODk3OCwiYWRJZCI6Ijc2MTk0MDY4NmVjZjIzNyIsIm9yaWdpbmFsQ3BtIjowLjAyODk3OCwiYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDAyODk3OCwiZm9ybWF0VHlwZSI6ImJhbm5lciIsInJlc3BvbnNlVGltZSI6Mzg0LCJ0aW1lT2ZCaWRSZWNlaXZlZCI6MTcwMDE4NzQ2NzIyM30seyJjcG0iOjAuMDU0NjEwNDI3NywiYWRJZCI6IjgwMTRjMWY5YjhkMmUwMyIsIm9yaWdpbmFsQ3BtIjowLjA1NDYxMDQyNzcsImJpZGRlciI6Im9uZXRhZyIsInJldmVudWUiOjAuMDAwMDU0NjEwNDI3Njk5OTk5OTk3LCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVzcG9uc2VUaW1lIjo0MDAsInRpbWVPZkJpZFJlY2VpdmVkIjoxNzAwMTg3NDY3MjI3fV0sInRpbWVkT3V0QmlkZGVycyI6W10sInJlcXVlc3RlZEZvcm1hdHMiOlsiZGlzcGxheSIsInZpZGVvIiwibmF0aXZlIl0sInByZWJpZFdpbm5lciI6Im9uZXRhZyIsInByZWJpZFdpbm5lckFkVW5pdElkIjoiODAxNGMxZjliOGQyZTAzIiwicHJlYmlkV2lubmVyQ3BtIjowLjAwMDA1NDYxMDQyNzY5OTk5OTk5N31dLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=3773.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 14C6 		714 B
780 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:47fe , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
age
10218
alt-svc
h3=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
82747ab6bbda5a07-MXP
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 02:17:47 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hZe1LX0dQaAjKaNqtsb1Y5qhsXDzhnyD4SuvPWj0y0fU3oGBzgwYXBaAfPWrvpIsKWEWedTcrEeTssrWW%2B9dLf3hjhMAJUqPJvD009QrAn8JWxvUQUtlxoaSKGKMcWbU9bndO5Q9sOGCpvTwRA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6ED4
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=adiiix
  • https://eus.rubiconproject.com/usync.html?p=adiiix
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=adiiix
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 02:17:47 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 02:17:47 GMT
location
https://eus.rubiconproject.com/usync.html?p=adiiix
server
AkamaiGHost
generic
match.adsrvr.org/track/cmf/
Redirect Chain
  • https://sync.aralego.com/idsync?euconsent-v2=${GDPR_CONSENT_607}&
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=nwuslum&ttd_tpi=1&gdpr=0&gdpr_consent=
date
Fri, 17 Nov 2023 02:17:47 GMT
connection
close
content-length
111
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		28 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2667122267959739&correlator=932384195363030&eid=31079666%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22477626096&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200&fluid=height&ifi=3&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&arp=1&abxe=1&dt=1700187467330&lmt=1700187467&adxs=236&adys=60&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&vis=1&psz=728x-1&msz=728x-1&fws=4&ohw=728&ga_vid=1707958932.1700187467&ga_sid=1700187467&ga_hid=823845442&ga_fc=true&dlt=1700187466138&idt=534&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D27%26control_reporting%3Dchrome_DESKTOP_18_0%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0%26refresh27Split%3Drefresh_experiment_3_pv%26ap_refresh_type%3DAV_1%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.05%26hb_ap_adid%3D8014c1f9b8d2e03%26hb_ap_bidder%3Donetag%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_3%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_3%26adro%3Dv8_c%26faid%3Dfalse&adks=2102018513&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ceebbe548ee8bb1525985410fedfb698a7d4d80c33895dc65761d07137b1b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12361
x-xss-protection
0
google-lineitem-id
5221339615
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138440838557
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		42 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2667122267959739&correlator=932384195363030&eid=31079666%2C31079527&output=ldjh&gdfp_req=1&vrg=202311090101&ptt=17&impl=fif&iu_parts=103512698%3A22574853003%2C22479095528&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C970x90%7C900x90%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75&fluid=height&ifi=4&sfv=1-0-40&eri=1&sc=1&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&arp=1&abxe=1&dt=1700187467333&lmt=1700187467&adxs=315&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&vis=1&psz=970x-1&msz=970x-1&fws=516&ohw=1600&ga_vid=1707958932.1700187467&ga_sid=1700187467&ga_hid=823845442&ga_fc=true&dlt=1700187466138&idt=534&prev_scp=stopUnfilledRefresh3%3Dd_g0_u0%26adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26vacant_variation%3Dexperiment_bp_0%26vacant_RCA%3DE_0%26refreshcount%3D0%26refreshrate%3D30%26control_reporting%3Dchrome_DESKTOP_18_0%26cluster_reporting%3Dchrome_DESKTOP_18_1_active_0%26ap_refresh_type%3DAV_3%26hb_native_image%3Dhb_native_image%253A771e340dcd716ff%26hb_native_linkurl%3Dhb_native_linkurl%253A771e340dcd716ff%26hb_native_body%3Dhb_native_body%253A771e340dcd716ff%26hb_native_title%3Dhb_native_title%253A771e340dcd716ff%26hb_ap_format%3Dnative%26hb_ap_pb%3D0.01%26hb_ap_adid%3D771e340dcd716ff%26hb_ap_bidder%3Dappnexus%26hb_native_linkurl_ap%3Dhb_native_linkurl%253A771e340dcd716ff%26hb_native_image_appn%3Dhb_native_image%253A771e340dcd716ff%26hb_native_body_appne%3Dhb_native_body%253A771e340dcd716ff%26hb_native_title_appn%3Dhb_native_title%253A771e340dcd716ff%26fcEnabled%3D0&cust_params=da%3Dadx%26outbrain%3Dtrue%26ap_product%3Dadpushup%26pubmatic_eb_disable%3Dfalse%26ap_fp_engine_ran%3D0%26fp_engine_ran%3D0_3%26ap_fp_engine_type%3Dnone%26ap_fp_engine_temp%3Dnone_3%26adro%3Dv8_c%26faid%3Dfalse&adks=3374688892&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f168efc3db293247e9eba46211e6bfa0004ec276bb14478c9082e9eb9a1290c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17944
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 14C6 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce4763a7ea859b68590b08a100e26435e5615bb20bfcbeb8577072901b7c817e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30308
x-xss-protection
0
server
cafe
etag
254 / 19678 / 31079658 / config-hash: 16204867678510254442
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:47 GMT
adxprebid.1.2.aspx
inv-nets.admixer.net/ 		0
261 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://inv-nets.admixer.net/adxprebid.1.2.aspx
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
167.235.184.171 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.171.184.235.167.clients.your-server.de
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

access-control-allow-origin
https://www.bg3.co
date
Fri, 17 Nov 2023 02:17:47 GMT
access-control-allow-credentials
true
server
nginx
keep-alive
timeout=25
x-xss-protection
0
p3p
CP="NID DSP ALL COR"
prebid-request
onetag-sys.com/ 		15 B
546 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
content-type
application/json
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
creative__300x600_previous_gen_widget.css
widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/ Frame 08BB 		482 B
810 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/100063/customCss/LEGACY/creative__300x600_previous_gen_widget.css
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Fri, 17 Nov 2023 06:17:47 GMT
date
Fri, 17 Nov 2023 02:17:47 GMT
last-modified
Tue, 22 Aug 2023 10:30:49 GMT
server
AkamaiNetStorage
etag
"9d8b870db69e4f578fee693ff233fc33:1692700772.366871"
access-control-allow-methods
GET,POST
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
482
access-control-request-headers
X-OB-STG,X-OB-PRD
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 08BB 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 17 Dec 2023 02:17:47 GMT
date
Fri, 17 Nov 2023 02:17:47 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/EXGC25SE43ILAVY4EJPGBFIA25SRZBEV534VRIDROX27ZSVRTDJNPOVUSQBMPJQWBHSASOGLV2F7WEIP33P27SHJA7L7WFKQME5QXIF4FPUHLFR3JC4BTYLBE2IJN7XFACF4TRCMIRZ5GBAIX56NNXVTSZ6HOV... Frame 08BB 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/EXGC25SE43ILAVY4EJPGBFIA25SRZBEV534VRIDROX27ZSVRTDJNPOVUSQBMPJQWBHSASOGLV2F7WEIP33P27SHJA7L7WFKQME5QXIF4FPUHLFR3JC4BTYLBE2IJN7XFACF4TRCMIRZ5GBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NLBY2HE725AVQK7RDHTFPBY7FXG7MM3YVWNOMZYLCILD3UBBTTLNB6QZG37HQY45Q5OFMFWSUMDDNBUCWI2B7HT7X5VXKPBIHAPWDCIS2DKNSIX4DF4Y5E52KR6WTMP3GUFVTCUOVCI5GSO2DSKWBFQTA2HJBLPNYJNQII52HQQYOLDCQZ577B773MJ3ILPZ3YLKZUGYOIC6VQAENYLSIYOCNOW/?
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:47 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
show_pla
obs.cheqzone.com/ Frame 08BB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/show_pla?id=93700&ch=%7B%22tag_id%22%3A%223412779558%22%2C%22page_url%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html%22%2C%22z_pub_id%22%3A%22www.bg3.co%22%2C%22z_ad_id%22%3A151239959%2C%22ob_publ_id%22%3A{obsectionid}%2C%22ob_ad_id%22%3A0%2C%22ssp%22%3A%22googleadx_display%22%7D
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
1972
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 6B52 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3949cd3e0a4ca16cbb507c9e2906bb772c7bb2341d568cfb0614d051d8d9ca40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52817
x-xss-protection
0
server
cafe
etag
10511820293402452993
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:47 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/ Frame 14C6 		430 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:10:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
25665
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138013
x-xss-protection
0
server
cafe
etag
17202369310903786887
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Fri, 15 Nov 2024 19:10:02 GMT
usync.js
eus.rubiconproject.com/ Frame 6ED4 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=adiiix
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=adiiix
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38317
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:24 GMT
video_playlist.js
ad.vidverto.io/vidverto/player/ui/js/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/js/video_playlist.js?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Mon, 30 Oct 2023 17:37:37 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"653fe9e1-1bee3"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public, max-age=3600
expires
Fri, 17 Nov 2023 03:17:47 GMT
video_playlist.css
ad.vidverto.io/vidverto/player/ui/css/ 		61 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/vidvertoplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
last-modified
Sun, 28 Feb 2021 22:32:40 GMT
server
nginx/1.14.0 (Ubuntu)
etag
W/"603c1a08-f52f"
vary
Accept-Encoding
content-type
text/css
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 88F5 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
170585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 17 Nov 2023 02:17:47 GMT
truncated
/ 		71 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5547 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:55:32 GMT
video
ad.vidverto.io/delivery/rtb/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/rtb/video?data=1b7C57BdWeepj8zJqPoWnLqO2JQQRbyR%2Bppi9YVGLpVV6Nw1T1erlmkPsXwQFxX1ErAIO5byyzybNwqfvtmRdlD2MDX9oWZDotSHJS0p55KBsSYokd3gaAgL88YTwxDhyjYzmlKAw1GE7Eeiq%2FV9no4Jt8vgzooZTo%2Ffrpm1ZxzHePokih%2B4ecORAnScflE5fl%2FYnjEAPueX47T2pWKYjQlCsasBopWWmZPQ6omSChCMAgXC9x9Pf%2B0EK4UvCdhWn0Q5kfbleBXbLJl3WRP1qkxmEnJOq%2F%2FXsfpWaPtp0KaVqFjkWpz8DcEP229t2TaX%2FY9JkO3guZ0l%2Bj8VQPixI1CgNv1oPDHzZGz3K2Fi7O5nuEH9jTNRP9WpG3TX8Khk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
480_650.mp4
cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/ 		1 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 02:17:47 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
khaos.json
token.rubiconproject.com/ Frame 6ED4 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Expires
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/ Frame 6B52 		400 KB
135 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
348dad726d7573e10b2ac7ec19cb8b4beb567efd334c27cddaa973fb519431c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138497
x-xss-protection
0
server
cafe
etag
7360419147461310568
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:47 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 6B3A 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
67059
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 07:40:08 GMT
etag
16674218716276178799
expires
Thu, 30 Nov 2023 07:40:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
x-content-type-options
nosniff
age
10849
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18684
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:24:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 15 Nov 2024 23:16:58 GMT
JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v12/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v12/JTURjIg1_i6t8kCHKm45_dJE3gnD_g.woff2
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/vidverto/player/ui/css/video_playlist.css?v=1698683788
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ad.vidverto.io/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 04:52:20 GMT
x-content-type-options
nosniff
age
249927
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18956
x-xss-protection
0
last-modified
Tue, 07 Nov 2017 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 04:52:20 GMT
logo.svg
ad.vidverto.io/vidverto/player/ 		414 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/player/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
last-modified
Wed, 04 May 2022 14:39:21 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"62729019-19e"
content-length
414
content-type
image/svg+xml
container.html
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame FC3F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:46 GMT
expires
Sat, 16 Nov 2024 02:17:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
floating-unit.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/floating-unit.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
993a112fed28aebb10e2297da40f97e06e693040bebdfd6afcd6077e83b558c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
mH3pVv6.G9B8LLY8QAMbOC68v4qmDL3z
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
1TG0RMQWFFBC6G4S
age
55932
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
2493
x-amz-id-2
DibbDpUSXKRBrl7t5XZM0ejH8GIzLlgI11wiTMOC/dNIWDD7g+Q5LOa/j1E9k5qf2nM+inzqjk4=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:54 GMT
server
AmazonS3
x-timer
S1700187468.804693,VS0,VE0
etag
"2305f087a0c9d2ee2d24d0285d8191d4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
17
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
4138
taboola-vignette-new-scanning.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/taboola-vignette-new-scanning.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b98e49c162c8631d0e2798d2664e4d82671939ee4f231e644af185f5770195c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7eu5PykIh9mAQTEh.T8f_OeLmprFn.mz
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
RTW05TBFMT55EEYN
age
55895
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
8019
x-amz-id-2
UHlFdG/xqCmNA+re9MSbROlvfX1Utcy8Z0l8Rb15ygXWvOw+351+3beuxz6rvnb+yw7ilc9vNgY=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:34 GMT
server
AmazonS3
x-timer
S1700187468.804926,VS0,VE0
etag
"2b51cbae4d4dc51af812ae527452faa2"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
56
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
2492
distance-from-article.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/distance-from-article.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
U1od7zFn.E3CrGutJ0uTEJm7AoMMR7dZ
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
X3TETCDKYQE02T97
age
55941
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1132
x-amz-id-2
3QqZJphN7oL/zoxqgr8nhoCaY/JXYT0WNjq+3JgzuMT3AowfSdpxc/LUWx1k+wCOw+C8fhc4tDc=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:44:04 GMT
server
AmazonS3
x-timer
S1700187468.818498,VS0,VE0
etag
"efa6760390ae7acf98dc5d392f96a63a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
20
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
59454
article-detection.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/article-detection.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
w.KPU407iD4toCcejeuMXCyx6pJjTU8_
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
X3TEHFP9AZBK9FNK
age
55941
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1291
x-amz-id-2
EFKOts2D8uJmk3kDurR5CL6wehO//lqZ5wCFJlqLWE8PamCoMn7wSs37VUTQKV1ireQOKx3GgIw=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:44:12 GMT
server
AmazonS3
x-timer
S1700187468.818760,VS0,VE0
etag
"e8a34824a44d39e9d49b93d0c2e34a81"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
6
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
59434
UnitFeedManagerDesktop.min.js
vidstat.taboola.com/lite-unit/4.5.7/ 		130 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
via
1.1 3bbd9c639a192694d597e09ea3006bce.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP53-P3
age
235153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront, HIT
content-length
35262
x-served-by
cache-mxp6923-MXP
last-modified
Tue, 14 Nov 2023 08:52:22 GMT
server
AmazonS3
x-timer
S1700187468.890074,VS0,VE0
etag
"acbf4feb7c49eb33282548b433b4476b"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
0VkBdLMKhOQ8eiPenscq4xWZt1XFkMe3sQ-CLtUsEF_8s52v9vxiNw==
x-cache-hits
19203
feed-card-placeholder.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/feed-card-placeholder.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
dWmQPNr6R4sqfxHfo.2ROmBoVj1CnrRT
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
X3T1MVK32TB8X1GS
age
55941
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1261
x-amz-id-2
1UzAg2TMjEin1HqEgN+XVx5KQJG0rsZQ41pn6LeAv+JOH+/3b+Ubgsr97JskRhfPgku5OMiPkSA=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:59 GMT
server
AmazonS3
x-timer
S1700187468.823250,VS0,VE0
etag
"a106089876c08b590425b51ba81277ff"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
83
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
62214
userx.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
X6PWjf0XKt3BYd3PuYnS8efzykFumCfC
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
RAV95HRNZWYSAYK9
age
55994
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5397
x-amz-id-2
ee7gs6E6yP56jwxX7yO7iUeS09YLdcR/bHP8O4PyaUgxb/9K11vLVtGLM3YpwK0v29NFjAmGVFs=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:31 GMT
server
AmazonS3
x-timer
S1700187468.830823,VS0,VE0
etag
"5ea2b7f5f7ca4d76996fc670b2ebc373"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
15
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
9996
explore-more.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/explore-more.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
IbO7Zx6pA8T1_CyNANAESeFyxJwLLZ4H
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
DBA4GA8C3SBP01K2
age
55941
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
7706
x-amz-id-2
9pKjgAPBEUENg8MpozDxl8kivb2oEe6B4Lf3RJKSdhV9VDeWqFjuPo1a13G1NMm9EHnYgIKGmA0=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:44:01 GMT
server
AmazonS3
x-timer
S1700187468.856158,VS0,VE0
etag
"d7169d870c1ac2f73408c07cf1b991fc"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
76
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
30245
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22event_type%22%3A%22next_up%22%2C%22event_state%22%3A%22RENDERED%22%2C%22event_value%22%3Anull%2C%22event_msg%22%3Anull%7D&tim=03%3A17%3A47.794&id=1823&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-before-load%22%2C%22eventTime%22%3A1700187467795%7D&tim=03%3A17%3A47.795&id=6672&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.802&type=info&msg=Start%20Rendering%20taboola-vignette&llvl=2&id=3374&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84813
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1700187467803%7D&tim=03%3A17%3A47.803&id=4761&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
90 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.808&type=info&msg=Finish%20Rendering%20taboola-vignette&llvl=2&id=2953&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84813
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.815&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Feed%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=5430&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84813
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.817&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%201&llvl=2&id=6279&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.820&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%201&llvl=2&id=4448&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.821&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Feed%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10669677%3APUBLISHED%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=1077&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.822&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%202&llvl=2&id=5112&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.833&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%202&llvl=2&id=5808&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.835&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%203&llvl=2&id=4167&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.837&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%203&llvl=2&id=6323&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.840&type=info&msg=Start%20Rendering%20Below%20Article%20Feed%20%7C%20Card%204&llvl=2&id=1956&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.843&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%204&llvl=2&id=3184&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A17%3A47.844&id=804&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.845&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10671637%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=3752&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.848&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-rec-reel-01-x-delta&llvl=2&id=4842&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.851&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-x-delta&llvl=2&id=3266&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.852&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10671637%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=3671&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.853&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=4555&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.855&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=7568&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.856&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-01-b-em-delta&llvl=2&id=6079&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.857&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=6892&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.858&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=6769&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.860&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=9294&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A47.861&type=error&msg=Exit%20TRCRBox.loadScriptCallback(retry%3D0)%3A%20no%20items%20in%20response%20-%20organic-thumbs-feed-y-em-delta&llvl=2&id=7896&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
idsync
sync.aralego.com/ Frame 6ED4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=adiiix&khaos=LP1ZPXH6-K-6UH9
  • https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP1ZPXH6-K-6UH9
35 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP1ZPXH6-K-6UH9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
162.210.196.208 Lanham, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
connection
close
content-length
35
content-type
image/gif

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://sync.aralego.com/idsync?ucf_nid=dsp-34BA74DB2DB8A36B0867EE4A76799A2&ucf_user_id=LP1ZPXH6-K-6UH9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:47 GMT
x-amz-request-id
2BXJKKX2RZV89N9D
age
81
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1758
x-amz-id-2
WyL2v7Y6tMjGZIwQzTqLEakrV0fvos6RjsnPZZi2oiW+JmOnNuMfVUBcREdsw9/uoKeZa4qMe/Y=
x-served-by
cache-mxp6947-MXP
last-modified
Wed, 07 Feb 2018 11:15:52 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700187468.889854,VS0,VE0
etag
"b8b410e4b18d45aa2f3d9bc09cd335fb"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
image/svg+xml
access-control-allow-origin
*
abp
58
cache-control
private,max-age=31536000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
7
480_650.mp4
cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/ 		88 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 02:17:48 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 06F5 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
170585
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B536 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1335
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:55:32 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
L2EvaG9uZy1kYW4tY2hhby16dW8tcmUtZ29uZy1idS1tZW4tZG9uZy1zaG91LWh1YS1qaW5nLXF1bi15aS1qdS1odWEtY2hlbmctc2hhbmctZmFuZy1zaGkuaHRtbA==.json
cdn.adpushup.com/42753/ 		555 B
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvaG9uZy1kYW4tY2hhby16dW8tcmUtZ29uZy1idS1tZW4tZG9uZy1zaG91LWh1YS1qaW5nLXF1bi15aS1qdS1odWEtY2hlbmctc2hhbmctZmFuZy1zaGkuaHRtbA==.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.70 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sat, 16 Nov 2024 02:17:48 GMT
date
Fri, 17 Nov 2023 02:16:47 GMT
content-encoding
br
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
cache-control
max-age=31536000
x-client-device
desktop
x-client-geo
CH
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.050&type=info&msg=Finish%20Rendering%20taboola-vignette&llvl=2&id=6645&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.052&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%201&llvl=2&id=43&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.053&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%202&llvl=2&id=5214&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.056&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%203&llvl=2&id=9204&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.058&type=info&msg=Finish%20Rendering%20Below%20Article%20Feed%20%7C%20Card%204&llvl=2&id=3028&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.060&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=4331&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.062&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=3183&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
82091
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		148 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
ecb8c212602d52dde3a3d0eb1659c7b3c8c629ed415e97e221e3f04a102e4d75

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
491
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_1125%2Cw_1500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
1929746
edge-cache-tag
563848386788618383252994488150488470583,309722933522290317028078472317422918158,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,309722933522290317028078472317422918158,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, HIT, MISS, MISS, MISS
x-envoy-upstream-service-time
265
expiration
expiry-date="Sun, 29 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bg3.co/
content-length
151832
x-backend-name
US_nlb104
x-served-by
cache-iad-kiad7000170-IAD, cache-iad-kjyo7100040-IAD, cache-lga21937-LGA, cache-iad-kjyo7100030-IAD, cache-mxp6947-MXP
last-modified
Thu, 28 Sep 2023 04:29:01 GMT
server
nginx
surrogate-reporting
width=1500,height=1125,bytes=196648,owidth=615,oheight=460,obytes=91314
x-timer
S1700187468.080550,VS0,VE491
etag
"2b94c87e7bc4df543ef8c7027a3ca68e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 2, 0, 0, 0
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		72 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
27655dcf14e02394ce08b6a2bcf6443cc3b3c3e327deb65abbd00339132c035e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
3559347
edge-cache-tag
563848386788618383252994488150488470583,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,618870499114759607638041997254694977048,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
377
expiration
expiry-date="Sat, 04 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.cittaceleste.it/
content-length
74162
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100175-IAD, cache-iad-kiad7000156-IAD, cache-chi-klot8100106-CHI, cache-iad-kjyo7100114-IAD, cache-mxp6947-MXP
last-modified
Wed, 04 Oct 2023 07:22:21 GMT
server
nginx
surrogate-reporting
width=615,height=307,bytes=49215,owidth=615,oheight=460,obytes=91314
x-timer
S1700187468.186495,VS0,VE2
etag
"d2dd95575000b12e2e96d305c6e2c72e"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 4, 1
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d4ae0d8304ce809a6248f6b21a330a35fc2509826b8e5a957353102880e25a7a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
11
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
823120
edge-cache-tag
321194619511491062242132839077726262353,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
453
req-referer
https://www.news.de/
content-length
12510
x-request-id
3010777af9da9af8b27f63a6cd26bfde
x-backend-name
CH_nlb804
x-served-by
cache-iad-kiad7000131-IAD, cache-iad-kiad7000021-IAD, cache-lga21952-LGA, cache-iad-kiad7000081-IAD, cache-mxp6947-MXP
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=17983,owidth=1999,oheight=1249,obytes=185477
x-timer
S1700187468.186450,VS0,VE11
etag
"82b8eccf14a88c568fbf025c2dda5689"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 32, 1
5a51e092ada8691e95cd9058d7c36e4f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
156cdfacad4b8d6b68ac923782ddbd7c634ef1e93e2e299ae20bfd1c7f735571

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
age
3736870
edge-cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
167
expiration
expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://flytant.com/
content-length
21234
x-backend-name
US_nlb102
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kjyo7100065-IAD, cache-iad-kcgs7200165-IAD, cache-mxp6947-MXP
last-modified
Thu, 17 Aug 2023 12:37:59 GMT
server
nginx
x-timer
S1700187468.186766,VS0,VE1
etag
"e6efd2098c0264a7e0272b99c4d1c82a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6D... 		52 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
62b67fe02b0cba2ac38d051cf168d3a25bf2d3765e5fb7d2fa792c9b74c3a5ee

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_460%2Cw_920%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1727216
edge-cache-tag
332148772397168287270586239145648000460,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,498584393636076703798430334516519001030,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
221
expiration
expiry-date="Sat, 25 Nov 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.gladbachlive.de/
content-length
53184
x-backend-name
CH_nlb801
x-served-by
cache-iad-kjyo7100066-IAD, cache-iad-kcgs7200105-IAD, cache-lga21949-LGA, cache-iad-kcgs7200032-IAD, cache-mxp6947-MXP
last-modified
Wed, 25 Oct 2023 08:16:06 GMT
server
nginx
surrogate-reporting
width=920,height=460,bytes=67252,owidth=940,oheight=529,obytes=98579
x-timer
S1700187468.186712,VS0,VE1
etag
"21a6d0018bfe7775779604a84e3df3fd"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 11, 1
765c5b1a62f712756efc4e3dcef67622.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/765c5b1a62f712756efc4e3dcef67622.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
45bbdc432d78fe4bb27e9204888ef120d4b16207df4f9eaf5dd100563d59057c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/765c5b1a62f712756efc4e3dcef67622.jpg
age
1716948
edge-cache-tag
594854900955948168817700039728111199781,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
cache-tag
594854900955948168817700039728111199781,508964270601867640353762815650541873101,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
49
req-referer
https://www.express.de/
content-length
12674
x-request-id
0fc8928955d7bb7e9f1efae45c13753a
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000170-IAD, cache-iad-kjyo7100028-IAD, cache-iad-kjyo7100085-IAD, cache-mxp6947-MXP
last-modified
Sun, 17 Sep 2023 13:15:36 GMT
server
nginx
surrogate-reporting
width=460,height=256,bytes=17396,owidth=1200,oheight=627,obytes=68739
x-timer
S1700187468.186839,VS0,VE0
etag
"8e3f516a857c98bdb5d3e01f13ae7b61"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 1, 684, 4
144a1ce325fc63c2f930c9ee573283bd.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
1a57affb4d32cc9504c763b8bafc330a25e04c851e30edf9b242ea4545910e63

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_256%2Cw_460%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/144a1ce325fc63c2f930c9ee573283bd.png
age
3617328
edge-cache-tag
604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
604314819661654497399301943478498831743,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
59
expiration
expiry-date="Sat, 21 Oct 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://klewtv.com/
content-length
9550
x-backend-name
US_nlb103
x-served-by
cache-iad-kjyo7100159-IAD, cache-iad-kjyo7100159-IAD, cache-lga21982-LGA, cache-iad-kjyo7100123-IAD, cache-mxp6947-MXP
last-modified
Wed, 20 Sep 2023 10:29:40 GMT
server
nginx
surrogate-reporting
width=624,height=346,bytes=23956,owidth=624,oheight=608,obytes=250856
x-timer
S1700187468.262690,VS0,VE1
etag
"40dc5e530fca754c56989c4f8cb5828c"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 51, 1, 50, 1
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		80 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
befbf95b0f53f4d435b1d095dd8364328e755fa99665df2b0a27363ddda16d10

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
2710484
edge-cache-tag
563848386788618383252994488150488470583,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
287
expiration
expiry-date="Fri, 22 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.bvz.at/
content-length
82182
x-backend-name
LA_nlb202
x-served-by
cache-iad-kcgs7200129-IAD, cache-iad-kcgs7200129-IAD, cache-lax-kwhp1940053-LAX, cache-iad-kiad7000147-IAD, cache-mxp6947-MXP
last-modified
Tue, 22 Aug 2023 06:58:47 GMT
server
nginx
x-timer
S1700187468.263490,VS0,VE2
etag
"a599b677e80328771b63771ec4703ad5"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 70, 1, 10, 1
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6D... 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
398de2685f4d09e875b1de6d1778799533939abb8addedd5a4a378ee028dca6c

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
2
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1968998
edge-cache-tag
332148772397168287270586239145648000460,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, MISS, HIT
x-envoy-upstream-service-time
208
req-referer
https://www.t-online.de/
content-length
83378
x-request-id
c9a4b90b8197cc970fb9758d739b8e6f
x-backend-name
US_nlb101
x-served-by
cache-iad-kiad7000059-IAD, cache-iad-kiad7000147-IAD, cache-iad-kjyo7100164-IAD, cache-mxp6947-MXP
last-modified
Tue, 24 Oct 2023 13:38:36 GMT
server
nginx
surrogate-reporting
width=940,height=522,bytes=79296,owidth=940,oheight=529,obytes=98579
x-timer
S1700187468.266219,VS0,VE2
etag
"5d86a311ee5b6befcb3c39b3ea8fb0ba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 1
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		37 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
0e1ec6a3c61a7364f67590dc873dfd7b1cf684800963b6f5ed0d2dbc0a830a8a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
1257910
edge-cache-tag
321194619511491062242132839077726262353,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, HIT, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
335
req-referer
https://www.t-online.de/
content-length
37920
x-request-id
c793467015b1bdc078af6af94dbb7ac1
x-backend-name
CH_nlb803
x-served-by
cache-iad-kiad7000041-IAD, cache-iad-kjyo7100116-IAD, cache-lga21937-LGA, cache-iad-kjyo7100124-IAD, cache-mxp6947-MXP
last-modified
Thu, 02 Nov 2023 12:52:38 GMT
server
nginx
surrogate-reporting
width=1999,height=1110,bytes=139265,owidth=1999,oheight=1249,obytes=185477
x-timer
S1700187468.266484,VS0,VE1
etag
"23df71d69a6a0c73dd1cd5aec68f4d74"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
1, 0, 1, 3, 1
5a51e092ada8691e95cd9058d7c36e4f.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
93a7c137f40d18142a81f26fa8c5326e4f74b8d5dbed21138e0bba55e1a62141

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5a51e092ada8691e95cd9058d7c36e4f.jpg
age
3736870
edge-cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag
547477969683236898343824969404383427749,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
205
expiration
expiry-date="Sun, 17 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.t-online.de/
content-length
54160
x-backend-name
LA_nlb204
x-served-by
cache-iad-kiad7000097-IAD, cache-iad-kiad7000097-IAD, cache-lax-kwhp1940085-LAX, cache-iad-kjyo7100123-IAD, cache-mxp6947-MXP
last-modified
Thu, 17 Aug 2023 12:37:59 GMT
server
nginx
x-timer
S1700187468.312141,VS0,VE1
etag
"e6efd2098c0264a7e0272b99c4d1c82a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 68, 1, 4, 1
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 6ED4
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=P0szZsEhRfKvFal6ZVA3vw&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P0szZsEhRfKvFal6ZVA3vw
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P0szZsEhRfKvFal6ZVA3vw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
Y37P7JTYE7930BB5YMW4
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=P0szZsEhRfKvFal6ZVA3vw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 6ED4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJmYzVhZTU5ZWI4MWJiOTNmZTg5OWZjZjVjMzZkYTNmYmNlMjhjMQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJmYzVhZTU5ZWI4MWJiOTNmZTg5OWZjZjVjMzZkYTNmYmNlMjhjMQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmJmYzVhZTU5ZWI4MWJiOTNmZTg5OWZjZjVjMzZkYTNmYmNlMjhjMQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
setuid
px.ads.linkedin.com/ Frame 6ED4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1ZPXH6-K-6UH9
0
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1ZPXH6-K-6UH9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 4AB1E6018B944511BD8C136C2A833F34 Ref B: ZRHEDGE1507 Ref C: 2023-11-17T02:17:48Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYKT74eRWrxWDG+1cOR8w==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LP1ZPXH6-K-6UH9
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 6ED4
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=0ILiTcHzRsi-rS6VDcxYEg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0ILiTcHzRsi-rS6VDcxYEg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0ILiTcHzRsi-rS6VDcxYEg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
3KBGMNFW49313242FRQZ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=0ILiTcHzRsi-rS6VDcxYEg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rubicon
match.adsrvr.org/track/cmf/ Frame 6ED4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
ecm3
s.amazon-adsystem.com/ Frame 6ED4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=a9us
  • https://s.amazon-adsystem.com/ecm3?id=LP1ZPXH6-K-6UH9&ex=d-rubiconproject.com&status=ok
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?id=LP1ZPXH6-K-6UH9&ex=d-rubiconproject.com&status=ok
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RBDY89HXK3Y9SK2PZ8A2
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://s.amazon-adsystem.com/ecm3?id=LP1ZPXH6-K-6UH9&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 6ED4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/v5kwrR1nhrKe2Mt4xjyFvg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pSXw3qZE2oIaZrREeF8mx0REIdkB3dKmMBrD1g--~A
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pSXw3qZE2oIaZrREeF8mx0REIdkB3dKmMBrD1g--~A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-pSXw3qZE2oIaZrREeF8mx0REIdkB3dKmMBrD1g--~A
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 6ED4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOTLPaF9oWfOWZHk1C2o1g&google_cver=1
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOTLPaF9oWfOWZHk1C2o1g&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJOTLPaF9oWfOWZHk1C2o1g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 6ED4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TFAxWlBYSDYtSy02VUg5
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEMRw_CbrSigip67dG9vm5xE&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxWlBYSDYtSy02VUg5&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxWlBYSDYtSy02VUg5&google_push=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TFAxWlBYSDYtSy02VUg5&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
tap.php
pixel.rubiconproject.com/ Frame 6ED4
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp
  • https://match.prod.bidr.io/cookie-sync/rp?bee_sync_partners=rp&_bee_ppp=1
  • https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABVWE7KrZsAABT_CDLLUg&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABVWE7KrZsAABT_CDLLUg&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
aca6c52e983509e86b136a052e19be23
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

location
https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABVWE7KrZsAABT_CDLLUg&expires=30
Date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cksync
hb.yahoo.net/ Frame 6ED4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ups.analytics.yahoo.com/ups/58160/sync?_origin=1&uid=LP1ZPXH6-K-6UH9&redir=true
  • https://ups.analytics.yahoo.com/ups/58824/sync?_origin=0&dpid=58160&ovsid=LP1ZPXH6-K-6UH9&redir=true
  • https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rZFBKUXhWRTJ1RVl6eHlEbEtjVkNHWGNHUEVOTnJBbH5B&ovsid=LP1ZPXH6-K-6UH9&dpid=58160
52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rZFBKUXhWRTJ1RVl6eHlEbEtjVkNHWGNHUEVOTnJBbH5B&ovsid=LP1ZPXH6-K-6UH9&dpid=58160
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
23.48.23.8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-8.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Nov 2023 02:17:48 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 02:17:48 GMT

Redirect headers

location
https://hb.yahoo.net/cksync?cs=63&axid_e=eS1rZFBKUXhWRTJ1RVl6eHlEbEtjVkNHWGNHUEVOTnJBbH5B&ovsid=LP1ZPXH6-K-6UH9&dpid=58160
date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 6ED4
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=${ADELPHIC_CUID}&expires=30
  • https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5627b720-1bf6-48c7-b423-24932b8c0196&expires=30
42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5627b720-1bf6-48c7-b423-24932b8c0196&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location
https://pixel.rubiconproject.com/tap.php?v=17149&nid=2861&put=5627b720-1bf6-48c7-b423-24932b8c0196&expires=30
Date
Fri, 17 Nov 2023 02:17:48 GMT
Connection
keep-alive
X-CI-RTID
d88e10fa-7deb-4527-a528-1ebdf8e17889
Content-Length
144
Content-Type
text/html; charset=utf-8
liveCS.php
live.primis.tech/live/ Frame 6ED4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=primis
  • https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1ZPXH6-K-6UH9
0
525 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1ZPXH6-K-6UH9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
2600:9000:2127:a000:1a:5235:f980:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
via
1.1 b5f551be30f63eca57ca04273cb75994.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
PRG50-C1
age
0
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Y9Duc1QmIb2yZlvuj_cavjTNv62YD-8Zgc3lZrbdGp4FzoMkjKIiHQ==

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://live.primis.tech/live/liveCS.php?source=external&advId=100&advUuid=LP1ZPXH6-K-6UH9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
pixel
capi.connatix.com/us/ Frame 6ED4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=19564
  • https://capi.connatix.com/us/pixel?puid=LP1ZPXH6-K-6UH9&pId=11&gdpr=&gdpr_consent=&us_privacy=
  • https://capi.connatix.com/us/pixel?puid=LP1ZPXH6-K-6UH9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
82 B
82 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://capi.connatix.com/us/pixel?puid=LP1ZPXH6-K-6UH9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82747abee80e23f7-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 17 Nov 2023 02:17:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
location
https://capi.connatix.com/us/pixel?puid=LP1ZPXH6-K-6UH9&pId=11&gdpr=&gdpr_consent=&us_privacy=&final=true
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
82747abe6f6e23f7-ZRH
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400
check
pixel.tapad.com/idsync/ex/receive/ Frame 6ED4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=37556&a=1
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=3355&partner_device_id=LP1ZPXH6-K-6UH9
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP1ZPXH6-K-6UH9
95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP1ZPXH6-K-6UH9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3355&partner_device_id=LP1ZPXH6-K-6UH9
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
merge
ce.lijit.com/ Frame 6ED4
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=sovrn
  • https://ce.lijit.com/merge?pid=80&3pid=LP1ZPXH6-K-6UH9
0
311 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=80&3pid=LP1ZPXH6-K-6UH9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Fri, 20 Mar 2009 00:00:00 GMT
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:48 GMT
X-MERGE
GDPR Optout true
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
P3P
CP="CUR ADM OUR NOR STA NID"

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ce.lijit.com/merge?pid=80&3pid=LP1ZPXH6-K-6UH9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
widget.js
widgets.outbrain.com/n2d/widget/ Frame FC3F 		46 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/n2d/widget/widget.js
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers
X-OB-STG,X-OB-PRD
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
content-length
11833
last-modified
Tue, 22 Aug 2023 10:30:48 GMT
server
AkamaiNetStorage
etag
"6a7ff93f96fd30914785c7c30706bf6a:1692700788.526954"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
expires
Fri, 17 Nov 2023 06:17:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FC3F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame FC3F 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
l
www.google.com/ads/measurement/ Frame FC3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSarI30sEdYGKyzxHFxHTc_rrPqrRPKncJOrePcMJnCoMhwWDvMX7gi5i57qM-02m3PVAwBZoqQfLxZZumOG-c-146uww
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame FC3F 		24 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10850
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6402
x-xss-protection
0
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 15 Nov 2024 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame FC3F 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:48 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5769 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvMQM3iJRsVf8beiD5dv48UgTC4g4fZbWPRLfpDn8bp_jmW3KjfL1fKN8gGe_v5hqXOQWeB5wnl170HPlEMtfgTuy3YAylW-ngFs-gBDZGb_M41THudZF1rFysBBzXlfRXb9A7XvlwS7a5sJncGqd4Y1uz-tAjGWx48NmJfRHCmRuwYy6isWE7rJ4oZzdOBRDzJSS-GNvuaY8o4zjHP4nstPOXBVQlHCZALZ9Li789QJ8FntXKkfWiVDf_TV_3nAC_99rc-cNNmsbKUNRLc_94UjJ9nTdgGFEoG2RNx-VXyGf_mW47lxulrwclWi6JoTAlpGEi0IeQvRwm3rkxFP3unNYnG17L2&sai=AMfl-YQo10rhbdayYXGRpiJrSoxmbElE3lSmbedc8gtj7sgrOiz3x7I-gkzq6bb-glvblQEagpB8TmtqwxL1JqQHPhzL7pPA7DeWik8TYIqCrP1QeUaut9Y0R4KMD75eSvE&sig=Cg0ArKJSzMyd4_VFQ5KxEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
BannerAdBannerPlacement.js
onetag-sys.com/static/ Frame 5769 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.25
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
a2072fedb72268b355ebd903f03143bb9696345e74e6c4264232d91f999ad286
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript
cache-control
public, max-age=2628000, immutable
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
11866
expires
Mon, 01 Jan 2046 12:34:56 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
script.js
cadmus.script.ac/dpjgrnd6i7dk0/ Frame D22A 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cadmus.script.ac/dpjgrnd6i7dk0/script.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1791 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99d52f3ded01d93de71b8b026aa5b8fc7bcef7e0ca48f9198cd75db6261261a3

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 21:56:17 GMT
server
cloudflare
age
0
etag
W/"e5784b218d08e328293d4744966611a4df64295a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public,max-age=600,stale-while-revalidate=3600,stale-if-error=86400
cf-ray
82747abcdd012355-ZRH
c.gif
www.bing.com/aes/ Frame D22A
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=86359b83-b8ec-40f8-9679-f9f2c184d462&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=b7112500-1c04-4bc4...
  • https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=12ff6b46532f4bd1837e4f12162d6494&SNR=1&GV=2&med=10
0
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=12ff6b46532f4bd1837e4f12162d6494&SNR=1&GV=2&med=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 072D9577596141CE9F2E6117C2737C95 Ref B: ZRHEDGE1108 Ref C: 2023-11-17T02:17:48Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 17 Nov 2023 02:17:47 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 13BC120C60AF4A3D922A6E23963E906B Ref B: ZRHEDGE1108 Ref C: 2023-11-17T02:17:48Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?DI=0&DIS=SB_15000-1-0?&RG=12ff6b46532f4bd1837e4f12162d6494&SNR=1&GV=2&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
154
expires
0
sdk.js
adsdk.microsoft.com/native-to-display/ Frame D22A 		91 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adsdk.microsoft.com/native-to-display/sdk.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
br
last-modified
Fri, 10 Nov 2023 19:05:36 GMT
x-azure-ref-originshield
03mlWZQAAAAC9NQuCrjMkTrbQwIz4JkajRlJBMjMxMDUwNDE4MDQ1ADk3YzlhOGM2LWZjNzktNGM0NC1iNTU5LTU4YzE2YmNlYTMyMg==
content-md5
MopfqcAbO5EhiiMKa7cg6Q==
etag
0x8DBE22005715E9B
x-azure-ref
0TM1WZQAAAACoAdlxfW7mT6P1/719JSjfWlJIRURHRTEzMTgAOTdjOWE4YzYtZmM3OS00YzQ0LWI1NTktNThjMTZiY2VhMzIy
x-cache
TCP_HIT
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
1176c9b7-c01e-00c3-5366-1893fc000000
cache-control
private, max-age=3600
x-ms-version
2009-09-19
trk.js
cdn.adnxs.com/v/s/240/ Frame D22A 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/240/trk.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires
Thu, 14 Nov 2024 14:07:00 GMT
Date
Fri, 17 Nov 2023 02:17:48 GMT
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Age
130248
X-Cache
HIT, HIT
Connection
keep-alive
Content-Length
27680
X-Served-By
cache-lga21956-LGA, cache-mxp6935-MXP
Last-Modified
Wed, 15 Nov 2023 14:06:46 GMT
Server
AkamaiNetStorage
X-Timer
S1700187468.388294,VS0,VE0
ETag
"ccac3ab7f323b8743d099010fcce15a4:1700057206.383562"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Accept-Ranges
bytes
X-Cache-Hits
16, 124541
it
ams3-ib.adnxs.com/ Frame D22A 		0
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.bg3.co%252Fa%252Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&e=wqT_3QLkCOhkBAAAAwDWAAUBCMqa26oGEMzAzPTF1amtXxgAKjYJ_g5TFRw8nz8R2OcO4U2snT8ZAAAAoJmZyT8h2A0SACkRJNgxAAAAQOF6lD8w8uzGCjj9XEC1XkjjA1C6iYq2AVi5tIoBYABotZGzAXjC9AWAAQGKAQNVU0SSBQbwWJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALQ8FzqAnBodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nARUcYnUtbWVuLWQBDFRzaG91LWh1YS1qaW5nLXF1bi15aS1qCRMwY2hlbmctc2hhbmctZgEFeHNoaS5odG1sgAMAiAMBkAMAmAMXoAMBqgOxAwrHAmguhgDwhmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjcxMTI1MDAtMWMwNC00YmM0LWEwNjEtNWJiMTUzZmNhOWEwJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zOQVcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMjEzMjMzOCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQDwT19weXZweHBiYXN2ZXpuZ3ZiYV91YiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzY4NzA5ODc0NDA3NTgzOTkwNTIiCTM4MTg0NjcxNCoEIWTwnzo4VTJWaGNtTm9RV1FqTnpJNE5ESTVPRGMwTURBM05EWWpNak15TkRZME1qUTFPVFl3T0RZNU5RPT3AA9gEyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE0qAQAsgQQCAAQBBjYBSD6ASgBMAA4ArgEAMAEAMgEANoEAggB4AQB8ARF7FiIBQGYBQCgBcWArbrlhYeBCcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFgpNf-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwvQF0gcNFWUBJgjaBwYBXvB1GADgBwDqBwIIAPAHv4MNighHCkMAAAGL2xHpEF9apqxekyBMAb6g2TMUAxaF8NSVlFShKfachEWyl1D4puupHZS-zN6S6QWqjat_HFbEf-i0qqawKH5FEAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=87ec3c4e1d6d23b18cb6bdab4c797ed65e667c01
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
an-x-request-uuid
8a728fa1-1f68-4dcd-9e78-36023d887774
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5769 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311090101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:48 GMT
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nb25nLWJ1LW1lbi1kb25nLXNob3UtaHVhLWppbmctcXVuLXlpLWp1LWh1YS1jaGVuZy1zaGFuZy1mYW5nLXNoaS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoib25ldGFnIiwicmV2ZW51ZSI6MC4wMDAwNTQ2MTA0Mjc2OTk5OTk5OTcsInJlc3BvbnNlVGltZSI6NDAwLCJuZXR3b3JrUmVsYXRpb24iOjF9XSwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJ3aW5uZXIiOiJvbmV0YWciLCJ3aW5uZXJOZXR3b3JrUmVsYXRpb24iOjEsIndpbm5pbmdSZXZlbnVlIjowLjAwMDA1NDYxMDQyNzY5OTk5OTk5Nywid2lubmVyQWRVbml0SWQiOiI4MDE0YzFmOWI4ZDJlMDMiLCJ0aW1lZE91dEJpZGRlcnMiOltdLCJzZXJ2aWNlcyI6WzEsM10sInNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsImZvcm1hdFR5cGUiOiJiYW5uZXIiLCJyZWZyZXNoQ291bnQiOjAsInBsYWNlbWVudCI6MSwicmVuZGVyZWRBZFNpemUiOiIzMDB4MjUwIiwicHJlYmlkQXVjdGlvbklkIjoiOTZjYmI0ZTYtOWE4Yy00MTFmLWI2ZTMtN2ViMDljOGFkYTUyIiwiaGVhZGVyQmlkZGluZ1R5cGUiOjEsImNvdW50cnkiOiJDSCJ9&c_b=4607.099998474121
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ping
onetag-sys.com/v2/ Frame 5769 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=Ouiu5FKJ8yF1c7NdmgO00DgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iAtKm4trEux5PaaamVLWQCnYR9pZ-6Z9X4iN99rP02vEL_i9tKHU-3dmg3bgk9k4CA1rp9j_Ixmu7wWSGAjAoFQapmwWyO1p0zR2lJn8Kr2EJaCSqjAIDpz1-TKMbETLeTmJk-7dgMVy3NQi-RUSCUB0eRx40WcytbcD-VQsMFJyMPs3zUcpj5lcK_3Qr554wmxuHCjFXuN3fs0AiWSeuVKVhsl5d-4CzmFc78bgjilV3ElRz3JbbAgmrl_3oKufA910jKHgEKeVKXglQcchh-c_wAd8rnM6KC8lbvNq5HmCXUoxGbU9boTiJsXydONO5eOWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEiey43V3aY2CZ8_CKPPKGLyys_4yj0iC_elcwEXBByNvEhc7hCbp7PetDY0h3dII4XbUjNOOQwMl2jUlWJul-K_X3hkQ9n0ukmP3RoJYY69pcEnZ5HZskTzM6iyRcsjCY4oxcNi3AFgUVInOGbRFcXtI_QHNGbR0HdTuxQfHwb3Crlp-9_iPK1DlDSQZSoLt39lvk1TGqkTd9flSereQF4I&event=115&price=&click=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
aphb
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/aphb?data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiJodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nb25nLWJ1LW1lbi1kb25nLXNob3UtaHVhLWppbmctcXVuLXlpLWp1LWh1YS1jaGVuZy1zaGFuZy1mYW5nLXNoaS5odG1sIiwic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInBsYXRmb3JtIjoiREVTS1RPUCIsInBhY2tldElkIjoiMDAwMEE3MDEtZTA0ZDQwZWYtMjQ4MC00YWUyLWJkNzgtYjQ1NGY4MzZjMDNmIiwicGFnZUdyb3VwIjoiQVJUSUNMRSIsInBhZ2VWYXJpYXRpb25JZCI6Ijk2NzUwMTI1LWI5MGMtNDk3YS04Njk5LTczMTcxZjdiNDkzNSIsInBhZ2VWYXJpYXRpb25OYW1lIjoiQWRQdXNodXAiLCJwYWdlVmFyaWF0aW9uVHlwZSI6MSwiYmlkcyI6W3siYmlkZGVyIjoiYXBwbmV4dXMiLCJyZXZlbnVlIjowLjAwMDAyODk3OCwicmVzcG9uc2VUaW1lIjozODQsIm5ldHdvcmtSZWxhdGlvbiI6MX1dLCJtb2RlIjoxLCJlcnJvckNvZGUiOjEsIndpbm5lciI6ImFwcG5leHVzIiwid2lubmVyTmV0d29ya1JlbGF0aW9uIjoxLCJ3aW5uaW5nUmV2ZW51ZSI6MC4wMDAwMjg5NzgsIndpbm5lckFkVW5pdElkIjoiNzYxOTQwNjg2ZWNmMjM3IiwidGltZWRPdXRCaWRkZXJzIjpbXSwic2VydmljZXMiOlsxLDNdLCJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJmb3JtYXRUeXBlIjoiYmFubmVyIiwicmVmcmVzaENvdW50IjowLCJwbGFjZW1lbnQiOjEsInJlbmRlcmVkQWRTaXplIjoiMzAweDI1MCIsInByZWJpZEF1Y3Rpb25JZCI6Ijk2Y2JiNGU2LTlhOGMtNDExZi1iNmUzLTdlYjA5YzhhZGE1MiIsImhlYWRlckJpZGRpbmdUeXBlIjoxLCJjb3VudHJ5IjoiQ0gifQ%3D%3D&c_b=4616.900001525879
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
23.97.225.52 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
server
nginx/1.18.0 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame 27FA 		129 KB
39 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e004df7e605ebd8af8e73d8f15a05204086b74bd06c8b45a4aff63ef6a270c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
39424
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:48 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 14C6 		492 B
263 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=412989719541503&correlator=3843685568975011&eid=31079673%2C31079658&output=ldjh&gdfp_req=1&vrg=202311130101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&sfv=1-0-40&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1700187468251&lmt=1644386353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9k2pmjk2s6ri&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&etu=AA-V4qPBtcjL6QvAJCFYaMF5gAzFg1tE5HGb3DDbmybd890ABVHID04vDsyu8t6hCfakfcER2rbYyR2_mcOo8FprsXSVC0CwT5vdZOqxHO9LMPo19iX36Q813CwdK-nwPtCnqlnuYeSS553G8jImfEMlwlQeLRdxccMUNylA0ZjPWFdK0ecz9HmrvU2zwAnsxX6dfzo&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1568799872.1700187468&ga_sid=1700187468&ga_hid=463699528&ga_fc=false&dlt=1700187467371&idt=624&adks=64515409&frm=24
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
51aecb1d1865fc015b32c793dbc533402c12d623e46e923e2867bc096c7266c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 14C6 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202311130101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
205b8ada8fdce09971bd7688c445e2c3cb42535874ca5a5f8c5d399489413e43
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12370
x-xss-protection
0
container.html
164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4DBF 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:48 GMT
expires
Sat, 16 Nov 2024 02:17:48 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
next-up-widget.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/next-up-widget.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44c41505855cf99a43c8f8be8de705bd5800b802b7ecfda0f2d664fa8b1920ac

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
3NrCsrdFOl.u1W0jyLjXCYbht8t996Vs
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:48 GMT
x-amz-request-id
1TG2CY07EST7ZVWQ
age
55932
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
4623
x-amz-id-2
9VLNeU5ZmSvDjfylbGHjq2784+dmA/3pYssvC2NmVXpujHk1FIQyNi/ODsngWnnKV5Hcm9pCr28=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:50 GMT
server
AmazonS3
x-timer
S1700187468.311872,VS0,VE0
etag
"448f6eba05b4a5ae20f922469c822de4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
73
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
3982
480_650.mp4
cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/ 		232 KB
232 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=16973824-

Response headers

Date
Fri, 17 Nov 2023 02:17:48 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 16973824-17211103/17211104
Connection
keep-alive
Content-Length
237280
RaCtuuWsOdfQqorHcdUHoenS9f%2FjTvStEBww8AtQD8hHwuHdAKI%2Bd%2BZPNeRgu91XHoCDLAE0kqbQJYPOlL9TuEaro5RUa4MCZ43qtwWu10vhKHaq9WRbZgoBpnvhU9Aw%2BoXwF9%2FsSF1SSmtRY6BZv5AaEcelJx%2Bi3Z%2F6bFTARPkCiRJzskfR%2B...
ad.vidverto.io/delivery/video/pod/ Frame 88F5 		53 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/delivery/video/pod/RaCtuuWsOdfQqorHcdUHoenS9f%2FjTvStEBww8AtQD8hHwuHdAKI%2Bd%2BZPNeRgu91XHoCDLAE0kqbQJYPOlL9TuEaro5RUa4MCZ43qtwWu10vhKHaq9WRbZgoBpnvhU9Aw%2BoXwF9%2FsSF1SSmtRY6BZv5AaEcelJx%2Bi3Z%2F6bFTARPkCiRJzskfR%2B8b3ABZfE%2B9eEIik4iS0teq07e6ctN7ozdaXGsD%2FjmPKE%2F8a%2FyrA3NYv%2Fmzx4%2FNd0CckP4QgNR2ghFlkim6RgPVRxnNSwf1xQJg0XBUXIlxhc3qivjAMLx4xllyVlNHd2Mis6tCWYqzOki16pHOFv5VYSSfhVCcJQDUhf2rMVfKfBsd%2FjhNuL0n4Kv5BEgwQ8VE1KzyNaVh4O8ACebglGGX3Hn%2F%2FhBqzsRvWZT5W319RqnflvwG4JR9P4P%2BIN3ZT%2Bm5p%2BgLzx1zpklYEgc3jl5sKQ3RHmD51F4lpN3wvzODls%2B7j9x8IZkX1OTsoYHZwxjT3G%2FWlWvtPzA8QmU3R2G%2Btyy9u0il6Wr7gfzY0C8FX%2FDZV3YdIbAh%2FQ0chSZ1rDa6h%2BowdUmYu7NkuYXLD%2FudXG3W6UYoyLskDPJk40tSTswaz%2BiXcV%2B7z3LMUy%2B%2FCGtVDZQjVhvFkUYwZmOmDLoda4XQQNXXlT35X36iGrhCvDHwYiuIAnXdWaHzcGyGgq0PGye0QffQcxYWbaQa42EI4fV5%2FBwSwVzhHB97mnaE%2BpYZKMZNeMJ4mmLXblwOHNkneoCT6lSh0L6dpYt4swg8xCbydOqA8IkEZCN3ls8qD0B7TIZuwUhpGhDBvTFT2lVYb6sfILznM?bids=%7B%7D
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e1583c70da1328ab0298178ce25b6854220b746591220980e61cda5ee875123b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
https://imasdk.googleapis.com
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
access-control-allow-credentials
true
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/xml;charset=UTF-8
achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame FC3F 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.67 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-67.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 17 Dec 2023 02:17:48 GMT
date
Fri, 17 Nov 2023 02:17:48 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
/
b1t-eudc1.zemanta.com/t/imp/impression/EXGC25SE43ILB4ZYBF6RIAVGFVSRZBEV534VRIEET7BKDJ7X55PAMI5HFQBMPOMFI7MSDMMDW636HZSOLL3QJGQO4M6WXK4RDWSBZUKJIBLIUAYH63QVG4VEF54SM64U7PHYWBOLSCSRMBAIX56NNXVTSZ6HOV... Frame FC3F 		26 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1t-eudc1.zemanta.com/t/imp/impression/EXGC25SE43ILB4ZYBF6RIAVGFVSRZBEV534VRIEET7BKDJ7X55PAMI5HFQBMPOMFI7MSDMMDW636HZSOLL3QJGQO4M6WXK4RDWSBZUKJIBLIUAYH63QVG4VEF54SM64U7PHYWBOLSCSRMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NHNJPJGCHPNP4L7RDHTFPBY7FXG7MM3YVWNOMZYJEQK7RBXRRJZFR6QZG37HQY45QWA4WDHU2GYBQPUCWI2B7HT7X5V3VJM63U2COT5NVJOAXILDR5XAAJYE55E4FP4JWOJVOMUTCOAFG6CHRHJ3KRKSHMMQUDKHWYFM7QBW2FG5FEP4BZNXDYZXN4O35A4JHWQHUFK3XW5BKG/?
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:48 GMT
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
track.adform.net/adfscript/ Frame 4AFF
Redirect Chain
  • https://ghent-aws-fr.bidswitch.net/imp/0.23027799999999998/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R68934215_Qrtbwp_R_I_WAUCTION__PRICE_X-gF__8qNFipQl974ntkw9gNkkG8BPrwfhX0_Qrtbdata_R7DbHNZ...
  • https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0;rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4...
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0;rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt_HtNOPh3We0jJGV5qwjkiUKzWr_qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV_YxgqFj_MmnWuft-0MibOKb_GQNxwRPY59cv4y_r6hn3aDtuT-ryQOXLN3_XlG5eTbO8_XgkX7hLg9O-fzNIFX41vnnnJkg_7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
39f03a0f41f3a18a2138c6cbb8c4c7be040ed2aced0c2c381767b0b400236089
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
1009
expires
-1

Redirect headers

Location
https://track.adform.net/adfscript/?bn=68934215;rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0;rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt_HtNOPh3We0jJGV5qwjkiUKzWr_qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV_YxgqFj_MmnWuft-0MibOKb_GQNxwRPY59cv4y_r6hn3aDtuT-ryQOXLN3_XlG5eTbO8_XgkX7hLg9O-fzNIFX41vnnnJkg_7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0;;OOBClickTrack=$%7BCLICK_URL_ENC%7D
Date
Fri, 17 Nov 2023 02:17:48 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
bidswitch
sync.dmp.otm-r.com/match/ Frame 4AFF
Redirect Chain
  • https://aws-fr-sync.bidswitch.net/sync?ssp=onetag&dsp_id=70&imp=1
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=otm
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=24&bidswitch_ssp_id=otm
  • https://x.bidswitch.net/sync?dsp_id=70&user_id=6535013672049341254&ssp=otm
  • https://sync.dmp.otm-r.com/match/bidswitch?id=
0
69 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.dmp.otm-r.com/match/bidswitch?id=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
194.55.244.180 Moscow, Russian Federation, ASN34959 (PROCLOUD PROCLOUD MSK, RU),
Reverse DNS
Software
nginx/1.23.2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 02:17:49 GMT
server
nginx/1.23.2

Redirect headers

location
//sync.dmp.otm-r.com/match/bidswitch?id=
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
onetag-sys.com/usync/ Frame 7AAF 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
304de0151956d250076f7e37945bbcd489b2c07cec24530a6bb3ec6d57ce9fbb
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1279
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
csi
csi.gstatic.com/ Frame 88F5 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp1zpy3t&c=871759777855&slotId=435879888927.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
c929878af295097fad32f29b74b815732f.png
zem.outbrainimg.com/p/srv/sha/3b/6f/cb/ Frame FC3F 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://zem.outbrainimg.com/p/srv/sha/3b/6f/cb/c929878af295097fad32f29b74b815732f.png?fit=crop&crop=faces&w=180&h=90&fm=jpg
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.118.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
imgix /
Resource Hash
13290c34ccb6d3fd911e9b404afbe56023a52339105b493ae5c0a58a212da4a8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 varnish
x-content-type-options
nosniff
age
767469
x-cache
HIT, MISS, HIT
x-imgix-id
e882476005e384d3313b299885052bfb2d05aeb4
cross-origin-resource-policy
cross-origin
content-length
9977
x-served-by
cache-sjc1000133-SJC, cache-fra-eddf8230134-FRA, cache-fra-eddf8230069-FRA
x-imgix-render-farm
01.140328
last-modified
Wed, 08 Nov 2023 05:06:39 GMT
server
imgix
x-timer
S1700187469.628009,VS0,VE1
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22taboola-vignette-script-loaded%22%2C%22type%22%3A%22%7B%5C%22timeFromLoad%5C%22%3A2407%7D%22%2C%22eventTime%22%3A1700187468544%7D&tim=03%3A17%3A48.544&id=4649&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22event_type%22%3A%22distance_from_article%22%2C%22event_state%22%3A%22reported%22%2C%22event_value%22%3A%22303.296875%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A17%3A48.574&id=9580&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.585&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=9871&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
84564
css2
fonts.googleapis.com/ 		20 KB
1011 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 01:33:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 02:17:48 GMT
spa-detector.20231116-8-RELEASE.es6.js
cdn.taboola.com/libtrc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/spa-detector.20231116-8-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/palmate-bg3co/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
7QcC5tadVgGiWdOmI5x_aGnuaxCJwtWb
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:48 GMT
x-amz-request-id
RAV076W595X03VY5
age
55995
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
779
x-amz-id-2
WiB88Vqlnd8t5RFKXY725OHFlaqFT0AEYNLMTIeyHZpUw0gvvUah8bpW+CepPeBMDHgkxIuZHv4=
x-served-by
cache-mxp6947-MXP
last-modified
Thu, 16 Nov 2023 10:43:43 GMT
server
AmazonS3
x-timer
S1700187469.611261,VS0,VE0
etag
"7653a5dacee64271085316a2604ddf96"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
30867
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A17%3A48.587&id=1898&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1700187468588%7D&tim=03%3A17%3A48.588&id=4975&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
supply-feature
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/supply-feature?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=03%3A17%3A48.591&id=558&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
abtests
il-trc-events.taboola.com/palmate-bg3co/log/3/ 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/3/abtests?route=AM:IL:V&tvi2=13726&tvi48=10143&tvi50=11103&lti=deflated&ri=fa8566fdc237f03d7860d2b77af2959d&sd=v2_1aab0d4377907b5ee14194595680631c_99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb_1700187467_1700187467_CNawjgYQ2YJdGPnax9i9MSABKAEwKziy0A1Az4gQSNrY2ANQ____________AVgAYABosa_ptcr9986tAXAA&ui=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&pi=/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&wi=-5076723206906236655&pt=text&vi=1700187467129&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22explore-more-available%22%2C%22eventTime%22%3A1700187468592%7D&tim=03%3A17%3A48.592&id=4004&llvl=2&cv=20231116-8-RELEASE&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 3A41 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
35751
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 17 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 14C6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311130101/pubads_impl.js?cb=31079658
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:17:48 GMT
/
onetag-sys.com/analytics/ Frame 5769 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/analytics/
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
strict-transport-security
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length
0
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Fri, 17 Nov 2023 02:17:48 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame D22A 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dpjgrnd6i7dk0/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
th
www.bing.com/ Frame D22A 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/th?id=OADD2.8108966046343_18UOPE0NBRGUAL25C3&pid=21.2&c=16&roil=0&roit=0&roir=1&roib=1&w=300&h=157&qlt=90
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
faf7482b4de1f246a0de8017efebe9dcd7094f06ad11f813d4f7fb4e39c8e74a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:47 GMT
nel
{"report_to":"network-errors","max_age":604800,"success_fraction":0.001,"failure_fraction":1.0}
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5F5AE1BADE074F89826DFF19AF7ABE56 Ref B: ZRHEDGE1108 Ref C: 2023-11-17T02:17:48Z
access-control-allow-methods
GET, POST, OPTIONS
x-cache
TCP_HIT
access-control-allow-origin
*
report-to
{"group":"network-errors","max_age":604800,"endpoints":[{"url":"https://aefd.nelreports.net/api/report?cat=bingth"}]}
content-type
image/jpeg
cache-control
public, max-age=2592000
timing-allow-origin
*
access-control-allow-headers
*
content-length
16635
rd_log
ams3-ib.adnxs.com/ Frame D22A 		0
647 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&e=wqT_3QKFBugFAwAAAwDWAAUBCMqa26oGEMzAzPTF1amtXxgAKjYJ_g5TFRw8nz8R2OcO4U2snT8ZAAAAoJmZyT8h2A0SACkRJNgxAAAAQOF6lD8w8uzGCjj9XEC1XkjjA1C6iYq2AVi5tIoBYABotZGzAXjC9AWAAQGKAQNVU0SSBQbwWJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALQ8FzqAnBodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nARUcYnUtbWVuLWQBDFRzaG91LWh1YS1qaW5nLXF1bi15aS1qCRMwY2hlbmctc2hhbmctZgEF8KpzaGkuaHRtbIADAIgDAZADAJgDF6ADAaoDAMAD2ATIAwDYA_TAxAHgAwDoAwD4AwGABACSBA0vdXQvdjMvcHJlYmlkmAQAogQOMTg1LjE5NS43MS4yMTSoBACyBBAIABAEGNgFIPoBKAEwADgCuAQAwAQAyAQA2gQCCAHgBAHwBLqJirYBiAUBmAUAoAXFgK265YWHgQnABQDJBQAAAAAAAPA_0gUJCQAAAAABEPB52AUB4AUB6gVYClTlpKnlpKnopoHogZ7vvIzntIXllq7ngpLkvZzmg7nlhazpg6jploDjgIzli5XmiYvjgI3vvJ_oirHmlaznvqPkuIDlj6XoqbHnm6_kuIrmiL_luIISAPAFgpNf-gUECAAQAJAGAJgGALgGAMEGAAABfizwP9AGwo0E2gYWChABEC4BAHQQABgA4AYB8gYCCACABwGIBwCgBwHIB8L0BdIHDQkRKgEmDNoHBggFCfBr4AcA6gcCCADwB7-DDYoIRwpDAAABi9sR6RBfWqasXpMgTAG-oNkzFAMWhfDUlZRUoSn2nIRFspdQ-KbrqR2UvszekukFqo2rfxxWxH_otKqmsCh-RRABlQgAAIA_mAgBwAgA0ggGCAAQABgA&s=a564dd60afbfa1eafb84c5bb213089d7b6395493&bdref=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html,https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&
Requested by
Host: cadmus.script.ac
URL: https://cadmus.script.ac/dpjgrnd6i7dk0/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
an-x-request-uuid
ec606649-2400-4770-966a-951158a898de
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
js
www.googletagmanager.com/gtag/ 		271 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JLX4K2W8JS
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
babeac8347fcaa986a7b0525a56592930e7a6a24f8013a97bb373640e6d2b09c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91808
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 02:17:48 GMT
logs
http-intake.logs.datadoghq.com/api/v2/ 		2 B
252 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://http-intake.logs.datadoghq.com/api/v2/logs?dd-api-key=pub6b45632781dd758b20e9d8357c39efab&ddsource=nodejs&service=adpushup.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
accept-encoding
identity,gzip,x-gzip,deflate,x-deflate,zstd
content-type
application/json
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
content-length
2
truncated
/ Frame 5769 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4da7b47e9887d0ac0c51c7cc9fa41af7c6ff48d006c2a0a5ad3f40979e10c743

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
img
sync.mathtag.com/sync/ Frame 7AAF 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x34 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:48 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x34 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 17 Nov 2023 02:17:47 GMT
/
onetag-sys.com/match/ Frame 7AAF
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:48 GMT
an-x-request-uuid
aad514b7-d91c-4be9-8789-5ccb74baa3a5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=4737946100709174159
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
onetag-sys.com/match/ Frame 7AAF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:48 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187468516075-427
tap.php
pixel.rubiconproject.com/ Frame 7AAF 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 7AAF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ecm3
s.amazon-adsystem.com/ Frame 7AAF
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0Grv_ZneLi39Y1GuCvPz0QCDe1uGvtQnQFRc_qZDHb0
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0Grv_ZneLi39Y1GuCvPz0QCDe1uGvtQnQFRc_qZDHb0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
HTTP/1.1
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:48 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
1FYXQ4H8B4JPWQN81BAE
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=0Grv_ZneLi39Y1GuCvPz0QCDe1uGvtQnQFRc_qZDHb0
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
pubmatic
um.simpli.fi/ Frame 7AAF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26gdpr%3D${GDPR}%26gdpr_consent%3D${GDPR_STRING}%26u...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEJ2b7EjwnvdwMt-dMhiTu2Q&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
43 B
610 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 16 Nov 2023 02:17:49 GMT

Redirect headers

location
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
date
Fri, 17 Nov 2023 02:17:48 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
207
content-type
text/html; charset=utf-8
/
onetag-sys.com/match/ Frame 7AAF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
https://onetag-sys.com/match/?int_id=92&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
date
Fri, 17 Nov 2023 02:17:48 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
generic
match.adsrvr.org/track/cmf/ Frame 7AAF 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
odr.mookie1.com/t/v2/ Frame 7AAF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c63acbb1-6fc6-4c18-b376-99f785c1f865&ssp=onetag&gdpr=0&gdpr_consent=
42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c63acbb1-6fc6-4c18-b376-99f785c1f865&ssp=onetag&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
34.160.236.64 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
via
1.1 google
last-modified
Thu, 19 Oct 2023 06:07:48 GMT
server
nginx
etag
"6530c7b4-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=c63acbb1-6fc6-4c18-b376-99f785c1f865&ssp=onetag&gdpr=0&gdpr_consent=
date
Fri, 17 Nov 2023 02:17:48 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
adx3.adform.net/adx/ Frame 88F5 		65 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx3.adform.net/adx/?mid=1743473&t=2
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
access-control-allow-methods
GET,OPTIONS
content-type
text/xml
access-control-allow-origin
https://imasdk.googleapis.com
access-control-max-age
86400
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
ads
pubads.g.doubleclick.net/gampad/ Frame 88F5 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F52555387%2C22574853003%2Fbg3.co_video_preroll&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&max_ad_duration=30000&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468827&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 88F5 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&cust_params=mt_fln%3D1.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468830&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 88F5 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&cust_params=mt_fln%3D1.3&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468833&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 88F5 		156 B
186 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_1.0&description_url=http%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468836&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 88F5 		156 B
676 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21830442390%2C22574853003%2Fbg3.co%2Fvast_0.7&description_url=https%3A%2F%2Fbg3.co&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468840&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 88F5 		156 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&cust_params=mt_fln%3D0.8&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468844&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/live/ Frame 88F5 		33 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21679382043%2C22574853003%2Fmt_video_NPR%2Fmt_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1337804306080262&cust_params=target%3D0.5&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=2251205480&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E1DEB42C-D54C-4DED-910B-BD091712BFB7&nel=0&eid=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187468847&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=1927697188770395&ged=ve4_td3_tt1_pd3_la3000_er741.400.742.800_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
4a597ea249aadd2e7ede24042f75edf47906b554cbf5ede619d8e40c862fd089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4960
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
ltt
google-creative-id
-1
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame FC3F 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
56c65187ff8ccecf6512d5e5e5cf1c82bf4f2835edab5a8fe0b5d1201de20d74

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
st
imprammp.taboola.com/ Frame 2284 		422 B
352 B 		Document
General
Check archive.org
Download Go to
Full URL
https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=undefined&cb=1700187468930&uv=3358&tms=1700187468930&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a9cc76e-6854-4c60-b2a9-a00f42f2cb75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
57d8c01d2398e9afeb56695ac936b58b9f53f9a44395d38a8e53c855f9d74f36

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 02:17:48 GMT
server
nginx
vary
Accept-Encoding
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6947-MXP
x-timer
S1700187469.950914,VS0,VE29
sync
am-match.taboola.com/ Frame D9CE 		577 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
2613fe32531e760ebf5344c59ea4b6c60ea6ee681f9b0e7e5b2182761cf7c39c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 02:17:48 GMT
machineid
3401
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700187468938&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=1&pv=1573&pt=466946127&tz=60&viewable=true&ddast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1426
x-cache
MISS
x-served-by
cache-mxp6947-MXP
pragma
no-cache
server
nginx
x-timer
S1700187469.951119,VS0,VE49
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=31589837&cb=1700187468930&uv=3358&tms=1700187468930&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1700187463536.4!ts:1700187468930&mntl=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-length
0
server
nginx
38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js
www.gstatic.com/mysidia/ Frame 5978 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/38bcf84a6c98f8ab5c7e5b9a6f0eaec8.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
562400
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4046
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 19:36:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 08 Feb 2024 14:04:29 GMT
7c8fef2b841c224dc9dd256dc808a409.js
www.gstatic.com/mysidia/ Frame 5978 		42 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16607
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 23:09:12 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5978 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 15:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
37579
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 15:51:29 GMT
b91a06220cfa130b0e547db55a85d66b.js
www.gstatic.com/mysidia/ Frame 5978 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/b91a06220cfa130b0e547db55a85d66b.js?tag=exit_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:09:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
11317
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9816
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 14 Feb 2024 23:09:12 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame 5978 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
23
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 02:17:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5978 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 14:03:13 GMT
content-encoding
br
x-content-type-options
nosniff
age
44075
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 14:03:13 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 5978 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
10850
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 5978 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 02:17:48 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame 5978 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 03:47:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253809
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Mon, 13 Nov 2023 13:20:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 12 Feb 2024 03:47:40 GMT
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.962&type=info&msg=Start%20Rendering%20Next%20Up&llvl=2&id=6537&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
88330
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A48.966&type=info&msg=Finish%20Rendering%20Next%20Up&llvl=2&id=6335&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
88330
pixel
cm.g.doubleclick.net/ Frame 3A41
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_cver=1&google_push=AXcoOmSLstxmTjBsVzvtwpijB4t9-umWTRJclmgqauSRVlHcw_Q9-dE...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=5126dc4f510f1594&is_secure=true&networkId=14000&version=1&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_cver=1&google_push=AXcoOmSLstxm...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHqouGE6qdSQNqtciSAAAAAAA&expiration=1700273869&google_cver=1&is_secure=true&google_gid=CAESEKc34q3Rlx7SNTr6DVhwL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHqouGE6qdSQNqtciSAAAAAAA&expiration=1700273869&google_cver=1&is_secure=true&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_push=AXcoOmSLstxmTjBsVzvtwpijB4t9-umWTRJclmgqauSRVlHcw_Q9-dEupfTW6PVDP4Q6mPBvCF-k7VcAaQnrx4jAx2XzXzlsmJFQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAHqouGE6qdSQNqtciSAAAAAAA&expiration=1700273869&google_cver=1&is_secure=true&google_gid=CAESEKc34q3Rlx7SNTr6DVhwLCo&google_push=AXcoOmSLstxmTjBsVzvtwpijB4t9-umWTRJclmgqauSRVlHcw_Q9-dEupfTW6PVDP4Q6mPBvCF-k7VcAaQnrx4jAx2XzXzlsmJFQ
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
google
match.adsrvr.org/track/cmf/ Frame 3A41 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPJ8B51JnrP5SI6-OljXUT0&google_cver=1&google_push=AXcoOmT2NcMKgQK9_5t8kJhXMSbeveA5E3T3S0u_GCTfC2MrFv9OrPRlg7WPOLtxv3DUQUzTgypY4qbVLWCUSZUKNID9kgfMXoi-rg
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 3A41
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEAU-57cGe4zg-Sgcze2mFpw&google_cver=1&google_push=AXcoOmQ1zL-6mVwDiMoJ09dmFXhcJMQmgexR1mlzs-_HybvV2cQTpTsQL6-08VBmpF1S3prFyEZeYz5tPbqM0YQBAG6vMio...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1zL-6mVwDiMoJ09dmFXhcJMQmgexR1mlzs-_HybvV2cQTpTsQL6-08VBmpF1S3prFyEZeYz5tPbqM0YQBAG6vMioy-E1pMQ&google_hm=eS1mMXRWN2c5RTJwRlF4...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1zL-6mVwDiMoJ09dmFXhcJMQmgexR1mlzs-_HybvV2cQTpTsQL6-08VBmpF1S3prFyEZeYz5tPbqM0YQBAG6vMioy-E1pMQ&google_hm=eS1mMXRWN2c5RTJwRlF4c1RnLmdfWUJROE16YVNXb3c3TH5B
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Fri, 17 Nov 2023 02:17:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmQ1zL-6mVwDiMoJ09dmFXhcJMQmgexR1mlzs-_HybvV2cQTpTsQL6-08VBmpF1S3prFyEZeYz5tPbqM0YQBAG6vMioy-E1pMQ&google_hm=eS1mMXRWN2c5RTJwRlF4c1RnLmdfWUJROE16YVNXb3c3TH5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3A41
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESENbeTeNceC1KxME04j1cjkc&google_cver=1&google_push=AXcoOmQgZHHodbLzmzSRLSFPVUf5JNklJqkK65wvPTmWfj7MTIgcRRZJSkFZs7OeG6DRSgKv6fL-0s7Wsa2A0SBCelJbHOs...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGQ3MDVhMTkxYjExNGYwOGJiOWJiMzViZGJmZGQ5NDI%3D&UIDF=CAESENbeTeNceC1KxME04j1cjkc&google_cver=1&google_push=AXcoOmQgZHHodbLzmzSRLSFPVUf5...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGQ3MDVhMTkxYjExNGYwOGJiOWJiMzViZGJmZGQ5NDI%3D&UIDF=CAESENbeTeNceC1KxME04j1cjkc&google_cver=1&google_push=AXcoOmQgZHHodbLzmzSRLSFPVUf5JNklJqkK65wvPTmWfj7MTIgcRRZJSkFZs7OeG6DRSgKv6fL-0s7Wsa2A0SBCelJbHOsSX1iQPg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=ZGQ3MDVhMTkxYjExNGYwOGJiOWJiMzViZGJmZGQ5NDI%3D&UIDF=CAESENbeTeNceC1KxME04j1cjkc&google_cver=1&google_push=AXcoOmQgZHHodbLzmzSRLSFPVUf5JNklJqkK65wvPTmWfj7MTIgcRRZJSkFZs7OeG6DRSgKv6fL-0s7Wsa2A0SBCelJbHOsSX1iQPg
date
Fri, 17 Nov 2023 02:17:49 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame 3A41
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESELOZ4rx-cP6xxQrxk5CfxJw&google_cver=1&google_push=AXcoOmQaMttx2eZ9KvBASOUHeEDPjEHUHPKhPhSP8WIBsH_diAoUtst9zV7seYvEEWoxg1p065kXL-1BZU-j0gzP6lA45g5njEQEew
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQaMttx2eZ9KvBASOUHeEDPjEHUHPKhPhSP8WIBsH_diAoUtst9zV7seYvEEWoxg1p065kXL-1BZU-j0gzP6lA45g5njEQEew&google_hm=M0ZNeTU3N2RkNDdNUD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQaMttx2eZ9KvBASOUHeEDPjEHUHPKhPhSP8WIBsH_diAoUtst9zV7seYvEEWoxg1p065kXL-1BZU-j0gzP6lA45g5njEQEew&google_hm=M0ZNeTU3N2RkNDdNUDZMZGswTXo=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AXcoOmQaMttx2eZ9KvBASOUHeEDPjEHUHPKhPhSP8WIBsH_diAoUtst9zV7seYvEEWoxg1p065kXL-1BZU-j0gzP6lA45g5njEQEew&google_hm=M0ZNeTU3N2RkNDdNUDZMZGswTXo=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 3A41
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmTvJ5yO8hQ9PlKfSiNZt...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw&google_hm=A58C5d2CfU3Av_64d_6tBww
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw&google_hm=A58C5d2CfU3Av_64d_6tBww
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmTvJ5yO8hQ9PlKfSiNZtTdoG-Gxf7fsYN-zAiYBY3gTlzOdssy3FUDn194_GVwqYxGnqkhdS9gMcZsUvPjN6v8OPWbcDgCNSw&google_hm=A58C5d2CfU3Av_64d_6tBww
date
Fri, 17 Nov 2023 02:17:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9f02e5dd827d4dc0bffeb877fead070c003
content-type
text/html
google
sync-dmp.aura-dsp.com/match/ Frame 3A41 		0
0
attr
cm.g.doubleclick.net/pixel/ Frame 3A41 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KA23A-cqXc6QnLribSSu8UXj3Fg33szNkKweh3LVPdfs7j47DDRLOdBCOXWLn8CLe0OPjXOw
Requested by
Host: a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
URL: https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:48 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
adview
securepubads.g.doubleclick.net/pagead/ Frame FC3F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CSPJ0S81WZbD6Fqib9u8Pytii6AvXrJyCbsrq_Lz9EMCNtwEQASAAYPUFggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwHIAwKqBO0CT9BxhmWxTPqPxEMyLSvj_vuahh6FHnjdblgznns2LFscssoLZUy3x_ZU4ciqhRSoJgeSdkm917HDGoV8_B8Fz6Pwt-_4KrVLiLNeCVh5Kt5tvJN8XQhBB-rX456adBdNXleDmwerEhVAK04CxjlgMWXVrI1lFAn6clEnOlqY_b7mlsKOaUz5cGvHmKdEPvnn5ZJSgDu9KwPlQvLWre9wTE8uuthMZRpU_k559BbYlj4daPItgp7P0kCr1z2_ib8-t-9cCR2QJguSvvMRSB0-H84FTsWyzf3n1YYCWz6nkwu5Th_U_Alicw_tvrWwcYKOpaJpH7N07AamHYQtf6S06N4GpMM0-bEHM40-KOQ-BFBvjYfsQC9P91EYq_TnTbzAxyeMnVqqEsM9QOmgez-2L3vJEIvFl_dHY0laGpGBKVaWcM9neDM07kTz-3dbg9CHNIybUqNYV7WUGp_CxgJxItJyU427VmyNzu49EzHgBAGABsTxnraX-eWIrQGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggSCIBhEAEyAooCOgKAQEi9_cE68ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHiDRMImtSs8PvJggMVqI39Bx1KrAi90BUBgBcBshccChoSFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=ztgc2dlr4q8&uach_m=[UACH]&cid=CAQSPADICaaN_6lO64-tR4qL8ivVrPXnKfFNJo3QYRvn8NVifh6b02am_jDkhvFeD1V8hBaepN3f5vT2_57z0RgB&cbvp=2&vis=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
b1-eudc1.zemanta.com/bidder/win/googleadx_display/7ffe53fa-84ef-11ee-867b-7761bfebda70/ZVbNSwAFvTAH_Y2oAAisSqNVxNPzIWZLCB4bXQ/WXISUSRFYHZTJUEE5UZEIIAIA23J2BHL75YSJOFG3DNMYIPBQYONMO635MO4LDT4HSLFFXV... Frame FC3F 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/7ffe53fa-84ef-11ee-867b-7761bfebda70/ZVbNSwAFvTAH_Y2oAAisSqNVxNPzIWZLCB4bXQ/WXISUSRFYHZTJUEE5UZEIIAIA23J2BHL75YSJOFG3DNMYIPBQYONMO635MO4LDT4HSLFFXVBTIL3EBB4MYRWKA34MPUK7FQDVNO6ZJVKDAXEBAIYFIU7BIM4INYE4AEUCMBFP3EC6ISSKXZLQ23BBUHIWSHYD56YSS7LWN5UT2I2S3VF4OXNRHOJ2WXTRIETPNIBSNE5FGGAF5AAVWQNBQTD4RWBQKOQD3NLAXZRHWN4ACNNWJBLNXDUEJ6THVRRDMCPIYMS7PVUJ4LENWGOENOMSHC2HIP7BGJRYYQSM2OR2F7MOCYMWFGUXLRTVMNQSIFKWWLQSKVHRF6XVKW5ASICJ5AZFVCX7OIODVF43HO2EUW7K4KYXTD3WACFJEYF3YOKLCBA4EMYQHPQDF7FKE6TVVZKCQOEN3NB6A55AU54IOLUTLIXA7IC4VVEMLG2APUBUCVJKUVAFCQ5HU3VNAKJUXTKWHCXP3IXXYVLJXAQVXSBLVD3KC6JUWKO5IN6WJT7BWXTNFN4P5N62TDTYXSGH6QXOJ6OSMJ6EILMGRESPSHMTMPQ/?&cbvp=2
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.224 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection
keep-alive
Date
Fri, 17 Nov 2023 02:17:49 GMT
Content-Length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5B1A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
45295
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 13:42:54 GMT
expires
Fri, 15 Nov 2024 13:42:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7CEC 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
c908fc0efe64813a711e22dcc3dc26b9c566aad2875dd5e870227fe324ddc3f7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-sDumF2zzGHA9FdYb0gFABw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-sDumF2zzGHA9FdYb0gFABw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:49 GMT
expires
Fri, 17 Nov 2023 02:17:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
ping
onetag-sys.com/v2/ Frame 5769 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=Ouiu5FKJ8yF1c7NdmgO00DgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iAtKm4trEux5PaaamVLWQCnYR9pZ-6Z9X4iN99rP02vEL_i9tKHU-3dmg3bgk9k4CA1rp9j_Ixmu7wWSGAjAoFQapmwWyO1p0zR2lJn8Kr2EJaCSqjAIDpz1-TKMbETLeTmJk-7dgMVy3NQi-RUSCUB0eRx40WcytbcD-VQsMFJyMPs3zUcpj5lcK_3Qr554wmxuHCjFXuN3fs0AiWSeuVKVhsl5d-4CzmFc78bgjilV3ElRz3JbbAgmrl_3oKufA910jKHgEKeVKXglQcchh-c_wAd8rnM6KC8lbvNq5HmCXUoxGbU9boTiJsXydONO5eOWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEiey43V3aY2CZ8_CKPPKGLyys_4yj0iC_elcwEXBByNvEhc7hCbp7PetDY0h3dII4XbUjNOOQwMl2jUlWJul-K_X3hkQ9n0ukmP3RoJYY69pcEnZ5HZskTzM6iyRcsjCY4oxcNi3AFgUVInOGbRFcXtI_QHNGbR0HdTuxQfHwb3Crlp-9_iPK1DlDSQZSoLt39lvk1TGqkTd9flSereQF4I&event=1&price=&click=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
ping
onetag-sys.com/v2/ Frame 5769 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=Ouiu5FKJ8yF1c7NdmgO00DgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iAtKm4trEux5PaaamVLWQCnYR9pZ-6Z9X4iN99rP02vEL_i9tKHU-3dmg3bgk9k4CA1rp9j_Ixmu7wWSGAjAoFQapmwWyO1p0zR2lJn8Kr2EJaCSqjAIDpz1-TKMbETLeTmJk-7dgMVy3NQi-RUSCUB0eRx40WcytbcD-VQsMFJyMPs3zUcpj5lcK_3Qr554wmxuHCjFXuN3fs0AiWSeuVKVhsl5d-4CzmFc78bgjilV3ElRz3JbbAgmrl_3oKufA910jKHgEKeVKXglQcchh-c_wAd8rnM6KC8lbvNq5HmCXUoxGbU9boTiJsXydONO5eOWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEiey43V3aY2CZ8_CKPPKGLyys_4yj0iC_elcwEXBByNvEhc7hCbp7PetDY0h3dII4XbUjNOOQwMl2jUlWJul-K_X3hkQ9n0ukmP3RoJYY69pcEnZ5HZskTzM6iyRcsjCY4oxcNi3AFgUVInOGbRFcXtI_QHNGbR0HdTuxQfHwb3Crlp-9_iPK1DlDSQZSoLt39lvk1TGqkTd9flSereQF4I&event=287&price=&click=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
debug
il-trc-events.taboola.com/palmate-bg3co/log/2/ 		0
89 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://il-trc-events.taboola.com/palmate-bg3co/log/2/debug?tim=03%3A17%3A49.002&type=info&msg=Finish%20Rendering%20Next%20Up&llvl=2&id=7695&cv=20231116-8-RELEASE&lt=deflated&pct=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.106.33.48 , Israel, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
88330
2369446f435814c2884566242ca9cebe.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
011d615514ded365a35cc412b03c11ea9f10cf549b47abc0bcb2e562a1ea95f2

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/2369446f435814c2884566242ca9cebe.jpg
age
1482295
edge-cache-tag
563848386788618383252994488150488470583,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
563848386788618383252994488150488470583,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time
75
req-referer
https://viduppu.com/
content-length
10278
x-request-id
98d2b9b95cc03c1f410c873f380559dc
x-backend-name
CH_nlb803
x-served-by
cache-iad-kjyo7100091-IAD, cache-iad-kjyo7100091-IAD, cache-lga21929-LGA, cache-iad-kiad7000143-IAD, cache-mxp6947-MXP
last-modified
Sun, 08 Oct 2023 19:20:54 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=18208,owidth=615,oheight=460,obytes=91314
x-timer
S1700187469.015664,VS0,VE1
etag
"4c7092fc6c6d64c696a9ed90361b33b9"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 1, 3, 1
profile%3Aezone-teaser940x528
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6D... 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
39cd2d94116bd462c6fc4bbae33b9f5a084523d19e03d79231a7af0421c274ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//mim.p7s1.io/pis/mw/fdebjq5FgV8h73OMk30hSmQ3ksnTujGLThfZrJTemL4yREOdH4xmFM2deImx6DNMg-N70eTHVG2zsG3jFxHgwMu8dUBQ9IEq7W2LjI75cilIOA/profile%3Aezone-teaser940x528
age
1964184
edge-cache-tag
332148772397168287270586239145648000460,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
332148772397168287270586239145648000460,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
Miss from cloudfront, MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time
61
req-referer
https://newsflash24.de/
content-length
6178
x-request-id
2387b69825d4d6a9b3149f518e1a4d2f
x-backend-name
US_nlb103
x-served-by
cache-iad-kcgs7200167-IAD, cache-iad-kiad7000057-IAD, cache-lga21938-LGA, cache-iad-kcgs7200111-IAD, cache-mxp6947-MXP
last-modified
Tue, 24 Oct 2023 13:38:36 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=6761,owidth=940,oheight=529,obytes=98579
x-timer
S1700187469.016856,VS0,VE1
etag
"7d2cd9ee66d887ed4b782d57e006b122"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 1, 57, 1
6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
44f2bba32f5fe85e96959c98d71efe3bb3c3c9e6f02ff978c10e3ec44c5b897b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Fri, 17 Nov 2023 02:17:49 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_160%2Cw_160%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/IMAGE_UPSCALER/EIU/6aee2a08-5b40-49f1-a744-aaf4fe7c54e8__qvJyy3lJ.jpg
age
363543
edge-cache-tag
321194619511491062242132839077726262353,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
cache-tag
321194619511491062242132839077726262353,484438202950987515417932874384580560546,29ecf9b93bbf306179626feeda1fab70
x-cache
Miss from cloudfront, MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
148
expiration
expiry-date="Fri, 08 Dec 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://www.iefimerida.gr/
content-length
4132
x-backend-name
CH_nlb801
x-served-by
cache-iad-kiad7000082-IAD, cache-iad-kjyo7100131-IAD, cache-chi-kigq8000163-CHI, cache-iad-kiad7000037-IAD, cache-mxp6947-MXP
last-modified
Tue, 07 Nov 2023 15:30:11 GMT
server
nginx
surrogate-reporting
width=160,height=160,bytes=5609,owidth=1999,oheight=1249,obytes=185477
x-timer
S1700187469.017969,VS0,VE1
etag
"0b0093a1a1cb1e44283f7420c7734810"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 10, 1
generic
match.adsrvr.org/track/cmf/ Frame D9CE 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame D9CE
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24221

Redirect headers

date
Fri, 17 Nov 2023 02:17:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
content-length
0
generic
match.adsrvr.org/track/cmf/ Frame 2284 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=undefined&cb=1700187468930&uv=3358&tms=1700187468930&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a9cc76e-6854-4c60-b2a9-a00f42f2cb75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame 2284
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=undefined&cb=1700187468930&uv=3358&tms=1700187468930&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a9cc76e-6854-4c60-b2a9-a00f42f2cb75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
24221

Redirect headers

date
Fri, 17 Nov 2023 02:17:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
content-length
0
sync
x.bidswitch.net/ Frame 2284 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?gdpr=1&us_privacy=1---&ssp=taboola
Requested by
Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=undefined&cb=1700187468930&uv=3358&tms=1700187468930&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&ft=0&su=3&unm=FEED_MANAGER&aure=false&agl=1&cirid=4a9cc76e-6854-4c60-b2a9-a00f42f2cb75&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imprammp.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700187466162&gcd=11l1l1l1l1&dma=0&cid=1707958932.1700187467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1700187469&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=%E7%B4%85%E5%96%AE%E7%82%92%E4%BD%9C%E6%83%B9%E5%85%AC%E9%83%A8%E9%96%80%E3%80%8C%E5%8B%95%E6%89%8B%E3%80%8D%EF%BC%9F%E3%80%80%E8%8A%B1%E6%95%AC%E7%BE%A3%E4%B8%80%E5%8F%A5%E8%A9%B1%E7%9B%AF%E4%B8%8A%E6%88%BF%E5%B8%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success&tfd=5522
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bootstrap.js
s1.adform.net/stoat/630/s1.adform.net/ Frame 4AFF 		37 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Requested by
Host: ghent-aws-fr.bidswitch.net
URL: https://ghent-aws-fr.bidswitch.net/imp/0.23027799999999998/BSWhttps_A_B_Btrack.adform.net_Badfscript_B_Cbn_R68934215_Qrtbwp_R_I_WAUCTION__PRICE_X-gF__8qNFipQl974ntkw9gNkkG8BPrwfhX0_Qrtbdata_R7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X__nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt__HtNOPh3We0jJGV5qwjkiUKzWr__qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV__YxgqFj__MmnWuft-0MibOKb__GQNxwRPY59cv4y__r6hn3aDtuT-ryQOXLN3__XlG5eTbO8__XgkX7hLg9O-fzNIFX41vnnnJkg__7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0_Q_QOOBClickTrack_R_I_WCLICK__URL_AURLENCODE_X/QGu-bjini0dU4aB90Yixl_do8MrYBqkRL-pdoj-o7MkSXCHmt9lF0XgO4NF_CftSGJYsiQ8m7LfnTtdtDMJ9l4xCIz83EZNbATYrnH715iHiZkNyolEmfZP2dTiobQN0BRnuUZLEM8cS0Zl1zakIlBvc1qgtnQJqCnVH4esWZb_251F792KlXw7p_cgH0CcpaE2Z6V01F1QuwFc9gtXZRXQKAlDsaWKw2_wdPefGCUfS3T5fzVyH6w8Rsa_YEPPjvfCmYjVAcKUY7Y4YDLjxYkXkTXhruhig19SqR6QzXDbsBiD6wpeCLzAHbnseAYv4n_Kdx26znx7CD7t5b_lD967lqpZKUsEwxT43GkStwPNjS9toCVR-aRGOre1C85YQ5EyNzt0k8NfhLKZcWE1mVG9pr0_aZMdf5AFFQjvIRmQuT1Mtuay98bEmg000ynbfArOQzsh4SJssEbEaCscVqs9xIsmAxJ8SM3I4YnzFUJ0sVJ1OkBVjdxzqTZE0RwXW0O61G-yu6MkFpb6LXAdMl7hzXNRxhvUd4-wSUHcMtHHu-_1uVp2ubCFK_eruPPPCurP7mKu7eo1vme_8e4Higons0SauWszvBUg1htRyKMuNPYdZfl4T32rNG4tdCj0hncUW0j_7o-MPUpuGu0T_c_CxoDNfnXwN84O2HEaLXFU8lBYD2HxJVv92Sizwmvg8lImJhUxA7v_ruKUhC5KA7YrHyaIQlCGRD20pNAIarlrzTVNoZXaj4xa3FY5QaKTZ_9-1mauESo1zGTW5jntuEUg-FxjJjJWFLz9e2Mgy4XMPFQGbQSjCOM6JMeQUMchz3OGAxGzfi01_C5AUSD197w-xhYGgyye2FsazlEWM-6sqZVKuh5P0iF0tGcgqsXlq-N5zrWx9iT9TTJ2NGiObliVZTMQ4zt4kK3iEifgP_2r7kKkSD1FrbyiBYWiwoE2wWkZyHBda8_I3fp239iD7pkVft6LMK5YM3XH80R9Zgmx7iIaJeccOu9v4FVZbctZRvdQNkOfMUxOfRs0VpQoUn3SEA5WW1AKuowCBpm84IM_Dh6OkA93wpUBM26cZU_PN0dc5f62d-gKKi2mr7tNIJq6eroQDF-ouKtK0TtERh3yQ-sn_7DQu1dJbOPIk0fFIEY9X3KkkhUniNNjFQvvtWJAmoZ9pYH0NttQ491qi5TyaayXnEcMLh10g019CmixJUxftoimeqGaeV_x391DrEtd_CeSKFbrouP2kB71GOTvdpVAgcWUkmsntlPau9zGOWT4mjbdjGlyVixsbKSM6DwD3oYIl6Yus6nNddddhxMnCp_j9V8NpvqaeHOggt4iz_FbKtzPboR7nRdRElWs-ZSOWa8drfYvN3IE7U0nj0RC1uMpFY1-V1TqLZsIHMIIo3kGAoBDPec689yUCBVa_j4jl6tw2c7Htr3KCJMnKLE3HdpVQa8HW8Nr_CJf-oRKxc6titUEhUcg-nVDztWFW1fQPpGHxg4oF2klzcCfQluAk4kBUgQyd6unHwcse-cH3lWadMxpp6GiLYRk0pPXGcaDdhxEvWlj0xtp3fBDxhrAFwccmZiLSQebU6LB76CRb5UdGMXydS0Bk4zsLKzBxkFykoo-5lZGwfcv9MlFO5hAoBMXv8TH1mEwqIduBwXMRHQq7EE5r5Gtz5lOaRDSDAdM8whl6Zkt2QNqTDlc-aqQBcG9B_hpAATr3znMUOY25plNM2048ugXqojb8Sbx383RAtSJszeaqz8TjyaR5DfyORQ/$%7BCLICK_URL_ENC%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
vevent
ams3-ib.adnxs.com/ Frame D22A 		0
660 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&e=wqT_3QLkCOhkBAAAAwDWAAUBCMqa26oGEMzAzPTF1amtXxgAKjYJ_g5TFRw8nz8R2OcO4U2snT8ZAAAAoJmZyT8h2A0SACkRJNgxAAAAQOF6lD8w8uzGCjj9XEC1XkjjA1C6iYq2AVi5tIoBYABotZGzAXjC9AWAAQGKAQNVU0SSBQbwWJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALQ8FzqAnBodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nARUcYnUtbWVuLWQBDFRzaG91LWh1YS1qaW5nLXF1bi15aS1qCRMwY2hlbmctc2hhbmctZgEFeHNoaS5odG1sgAMAiAMBkAMAmAMXoAMBqgOxAwrHAmguhgDwhmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjcxMTI1MDAtMWMwNC00YmM0LWEwNjEtNWJiMTUzZmNhOWEwJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zOQVcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMjEzMjMzOCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQDwT19weXZweHBiYXN2ZXpuZ3ZiYV91YiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzY4NzA5ODc0NDA3NTgzOTkwNTIiCTM4MTg0NjcxNCoEIWTwnzo4VTJWaGNtTm9RV1FqTnpJNE5ESTVPRGMwTURBM05EWWpNak15TkRZME1qUTFPVFl3T0RZNU5RPT3AA9gEyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE0qAQAsgQQCAAQBBjYBSD6ASgBMAA4ArgEAMAEAMgEANoEAggB4AQB8ARF7FiIBQGYBQCgBcWArbrlhYeBCcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFgpNf-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwvQF0gcNFWUBJgjaBwYBXvB1GADgBwDqBwIIAPAHv4MNighHCkMAAAGL2xHpEF9apqxekyBMAb6g2TMUAxaF8NSVlFShKfachEWyl1D4puupHZS-zN6S6QWqjat_HFbEf-i0qqawKH5FEAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=87ec3c4e1d6d23b18cb6bdab4c797ed65e667c01&type=nv&nvt=5&jm=1003&px=605&py=60&bw=300&bh=157&sid=5611251021139464531&vd=ct~0|rr~0&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&sw=1600&sh=1200&pw=1600&ph=4168&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
an-x-request-uuid
d80cefe2-1ed5-43b1-88e1-bd188df4d487
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 457E 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://am-match.taboola.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 02:17:49 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
bulk
trc.taboola.com/palmate-bg3co/log/3/ 		0
323 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/bulk?tvi2=13726&tvi48=10143&tvi50=11103&route=AM%3AIL%3AV&lti=deflated&bulkSize=12
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
103
date
Fri, 17 Nov 2023 02:17:49 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80533
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6947-MXP
pragma
no-cache
server
nginx
x-timer
S1700187469.270441,VS0,VE103
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
csi
csi.gstatic.com/ Frame 88F5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp1zpyot&c=871759777855&slotId=435879888927.5&ghmsh_eids=44752052%2C44772139%2C44777649%2C44781409%2C44802074%2C44802463%2C44804291
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 88F5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~lp1zpz8t&c=871759777855&slotId=435879888927.5&vast_v=4.0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
175 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
csi
csi.gstatic.com/ Frame 88F5 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~lp1zpz94&c=871759777855&slotId=435879888927.5&faa=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 457E 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=16698&endpoint=us-east&gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:49 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38315
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:24 GMT
csi
csi.gstatic.com/ Frame 88F5 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=5~lp1zpz97&c=871759777855&slotId=435879888927.5&nlc=1&nlrh=0&nlri=0&nlrs=1&nlru=0&nlrhc=false&wta=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		123 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/7c8fef2b841c224dc9dd256dc808a409.js?tag=html5_display_upload/html5_exit_api
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a7f4a29bfb2de213388f9fdb098620aa09394e3d4a25f30c310b24c5e1233b8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
10406
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
22016
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 23:24:23 GMT
expires
Fri, 15 Nov 2024 23:24:23 GMT
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9DE4 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
35752
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 16:21:57 GMT
etag
48472445140208031
expires
Fri, 17 Nov 2023 16:21:57 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 5978 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38c069fcdea783fa5472e2992fac9df2a68359c1bd9831117ce1a6084ca380a6

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
css
fonts.googleapis.com/ Frame 9FCB 		1 KB
436 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:800italic
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ccf5181eba5df7437ad75c503d0b44358b3282f1537f2651e3bc0e8fc7d37f10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 02:17:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 02:17:49 GMT
Enabler.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9FCB 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 07:13:23 GMT
content-encoding
br
x-content-type-options
nosniff
age
68666
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5660
x-xss-protection
0
server
cafe
etag
544157900006238945
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 17 Nov 2023 07:13:23 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 9FCB 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:31:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
45988
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Fri, 17 Nov 2023 13:31:21 GMT
publishertag.prebid.135.js
static.criteo.net/js/ld/ 		89 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.135.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-16386"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 02:17:49 GMT
/
b1t-eudc1.zemanta.com/t/imp/view/EXGC25SE43ILB4ZYBF6RIAVGFVSRZBEV534VRIEET7BKDJ7X55PAMI5HFQBMPOMFI7MSDMMDW636HZSOLL3QJGQO4M6WXK4RDWSBZUKJIBLIUAYH63QVG4VEF54SM64U7PHYWBOLSCSRMBAIX56NNXVTSZ6HOVWAHYFI... Frame FC3F 		26 B
294 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/EXGC25SE43ILB4ZYBF6RIAVGFVSRZBEV534VRIEET7BKDJ7X55PAMI5HFQBMPOMFI7MSDMMDW636HZSOLL3QJGQO4M6WXK4RDWSBZUKJIBLIUAYH63QVG4VEF54SM64U7PHYWBOLSCSRMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NHNJPJGCHPNP4L7RDHTFPBY7FXG7MM3YVWNOMZYJEQK7RBXRRJZFR6QZG37HQY45QWA4WDHU2GYBQPUCWI2B7HT7X5V3VJM63U2COT5NVJOAXILDR5XAAJYE55E4FP4JWOJVOMUTCOAFG6CHRHJ3KRKSHMMQUDKHWYFM7QBW2FG5FEP4BZNXDYZXN4O35A4JHWQHUFK3XW5BKG/?
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

Access-Control-Allow-Origin
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
Date
Fri, 17 Nov 2023 02:17:49 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
26
Content-Type
image/gif
/
b1t-eudc1.zemanta.com/t/imp/view/EXGC25SE43ILB4ZYBF6RIAVGFVSRZBEV534VRIEET7BKDJ7X55PAMI5HFQBMPOMFI7MSDMMDW636HZSOLL3QJGQO4M6WXK4RDWSBZUKJIBLIUAYH63QVG4VEF54SM64U7PHYWBOLSCSRMBAIX56NNXVTSZ6HOVWAHYFI... Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://b1t-eudc1.zemanta.com/t/imp/view/EXGC25SE43ILB4ZYBF6RIAVGFVSRZBEV534VRIEET7BKDJ7X55PAMI5HFQBMPOMFI7MSDMMDW636HZSOLL3QJGQO4M6WXK4RDWSBZUKJIBLIUAYH63QVG4VEF54SM64U7PHYWBOLSCSRMBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NHNJPJGCHPNP4L7RDHTFPBY7FXG7MM3YVWNOMZYJEQK7RBXRRJZFR6QZG37HQY45QWA4WDHU2GYBQPUCWI2B7HT7X5V3VJM63U2COT5NVJOAXILDR5XAAJYE55E4FP4JWOJVOMUTCOAFG6CHRHJ3KRKSHMMQUDKHWYFM7QBW2FG5FEP4BZNXDYZXN4O35A4JHWQHUFK3XW5BKG/?
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
v182.ce13.ams-01.nl.leaseweb.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
content-type
Access-Control-Allow-Methods
HEAD, GET, OPTIONS
Access-Control-Allow-Origin
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
Access-Control-Max-Age
600
Connection
keep-alive
Date
Fri, 17 Nov 2023 02:17:49 GMT
/
track.adform.net/adfserve/ Frame 4AFF 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?bn=68934215;rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0;rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt_HtNOPh3We0jJGV5qwjkiUKzWr_qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV_YxgqFj_MmnWuft-0MibOKb_GQNxwRPY59cv4y_r6hn3aDtuT-ryQOXLN3_XlG5eTbO8_XgkX7hLg9O-fzNIFX41vnnnJkg_7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0;;oobclicktrack=%24%257BCLICK_URL_ENC%257D;js=1;adfxid=1x;9285;set=en-US|en-US|1600X1200|0|300|250|24|8|3|7|0|0;fd=0|2&CREFURL=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e6e66f2270f3ced2feafe068ec2cea9b00a181e343bb205334aab9c415c7e453
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2620
expires
-1
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CEC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202311130101&jk=412989719541503&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
khaos.json
token.rubiconproject.com/ Frame 457E 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?gdpr=1&us_privacy=1---&khaos=LP1ZPXH6-K-6UH9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
i.match
s.tribalfusion.com/z/ Frame 9DE4
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEBSrvJsCQQxlf5h3pd5kHNk&google_cver=1&google_push=AXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds&r...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSrvJsCQQxlf5h3pd5kHNk&google_cver=1&google_push=AXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds...
43 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSrvJsCQQxlf5h3pd5kHNk&google_cver=1&google_push=AXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82747ac6ac0d020d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
142
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBSrvJsCQQxlf5h3pd5kHNk&google_cver=1&google_push=AXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQfpL8kwR8yiX-rk-yUpWRPJpiGIeGDk1m-3sVue0GHIJlt7HtGgUnKquDL1XwwAtnxvNPk2PXt06ndwQwEt-GI37o3dds%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
82747ac4e9ff020d-ZRH
alt-svc
h3=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
google
match.adsrvr.org/track/cmf/ Frame 9DE4 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPJ8B51JnrP5SI6-OljXUT0&google_cver=1&google_push=AXcoOmT6G7s37rAuNroKA-XAxhC4t58CV15bHld92FFyJM8sfI0hWAT-zcI1-xOCgqvAC4Ak84EaLlUg98ty15NOOR9NgyqI4yKc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 9DE4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEE6py4vcRSyDYZfForz9LiE&google_cver=1&google_push=AXcoOmRLBKFGJd3c-6qldzY7MpI37NP0x_1-b9KalwCDbeEU09k2Re0iuhPTluGlxLrfVdk0TTjYlncUdbjQNS...
  • https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI0OTU3NjQzMTc0NTE3MA%3D%3D&google_push=AXcoOmRLBKFGJd3c-6qldzY7MpI37NP0x_1-b9KalwCDbeEU09k2Re0iuhPTluGlxLrfVdk0TTjYlncUdbjQNS3KK9...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI0OTU3NjQzMTc0NTE3MA%3D%3D&google_push=AXcoOmRLBKFGJd3c-6qldzY7MpI37NP0x_1-b9KalwCDbeEU09k2Re0iuhPTluGlxLrfVdk0TTjYlncUdbjQNS3KK9QG8DHTkRMe
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzMwMjI0OTU3NjQzMTc0NTE3MA%3D%3D&google_push=AXcoOmRLBKFGJd3c-6qldzY7MpI37NP0x_1-b9KalwCDbeEU09k2Re0iuhPTluGlxLrfVdk0TTjYlncUdbjQNS3KK9QG8DHTkRMe
Date
Fri, 17 Nov 2023 02:17:49 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
pixel
cm.g.doubleclick.net/ Frame 9DE4
Redirect Chain
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEN-sAjTHB2b4t6RZp9shuTw&google_cver=1&google_push=AXcoOmS3ysGYEgBSLeAo9ZZi9WaMw4zZKYtnIMM-OsHBOpAd_Tvhct3UMuC6KwMC0xkKEUs8Hvb70f_vaSu...
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmS3ysGYEgBSLeAo9ZZi9WaMw4zZKYtnIMM-OsHBOpAd_Tvhct3UMuC6KwMC0xkKEUs8Hvb70f_vaSudM7WMhYlgZRl2_Kt3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmS3ysGYEgBSLeAo9ZZi9WaMw4zZKYtnIMM-OsHBOpAd_Tvhct3UMuC6KwMC0xkKEUs8Hvb70f_vaSudM7WMhYlgZRl2_Kt3
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=AXcoOmS3ysGYEgBSLeAo9ZZi9WaMw4zZKYtnIMM-OsHBOpAd_Tvhct3UMuC6KwMC0xkKEUs8Hvb70f_vaSudM7WMhYlgZRl2_Kt3
Date
Fri, 17 Nov 2023 02:17:49 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
pixel
cm.g.doubleclick.net/ Frame 9DE4
Redirect Chain
  • https://match.360yield.com/match/ebda?google_gid=CAESEIObhPnpgQvqLSwVfkkan3w&google_cver=1&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJW9dll4...
  • https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEIObhPnpgQvqLSwVfkkan3w&google_cver=1&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PihVwxpNSP6TOfmKxBqUWQ&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PihVwxpNSP6TOfmKxBqUWQ&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJW9dll4SE1yx1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=PihVwxpNSP6TOfmKxBqUWQ&google_push=AXcoOmSRsw_qfE1jH8KCKZWkU3DsY3k2SbdbvqCqyOB0HfUQy6XIpXCfmrxElafjXubv4o1waJZnXGKANdsTb9lJW9dll4SE1yx1
access-control-allow-origin
*
date
Fri, 17 Nov 2023 02:17:49 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
pixel
cm.g.doubleclick.net/ Frame 9DE4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEF...
  • https://sync.targeting.unrulymedia.com/csync/RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAXcoOmRQrBA7LcguECvGsarMY...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRQrBA7LcguECvGsarMYm6oUWfdxb9L6PasPKcc4kYmu_hC55p4tjk-omw65yl-KeIJtoWbLY_JZM82ySxa9dXqnTosQpg&google_hm=A58C5d2CfU3Av_64d_6tBww
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRQrBA7LcguECvGsarMYm6oUWfdxb9L6PasPKcc4kYmu_hC55p4tjk-omw65yl-KeIJtoWbLY_JZM82ySxa9dXqnTosQpg&google_hm=A58C5d2CfU3Av_64d_6tBww
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AXcoOmRQrBA7LcguECvGsarMYm6oUWfdxb9L6PasPKcc4kYmu_hC55p4tjk-omw65yl-KeIJtoWbLY_JZM82ySxa9dXqnTosQpg&google_hm=A58C5d2CfU3Av_64d_6tBww
date
Fri, 17 Nov 2023 02:17:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9f02e5dd827d4dc0bffeb877fead070c003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 9DE4
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEBYmp8Ol8Fd6FsO8fil-xRY&google_cver=1&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm...
  • https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm0VE1-IWzPUcmHWusJgIhlw&google_hm=WlZiTlRzQ281...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm0VE1-IWzPUcmHWusJgIhlw&google_hm=WlZiTlRzQ281dWNBQUtSSnhzUUFBQUFB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID
0
Date
Fri, 17 Nov 2023 02:17:50 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=google_ebda&google_gid=CAESEBYmp8Ol8Fd6FsO8fil-xRY&google_cver=1&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm0VE1-IWzPUcmHWusJgIhlw","cluster_id":0,"gdpr":false,"ipv4":"185.195.71.214","key":"ZVbNTsCo5ucAAKRJxsQAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40069"}
X-SO-Key
ZVbNTsCo5ucAAKRJxsQAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40069
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=AXcoOmRR62RdtSdWx1L3b71oUtIDPrCSGZTNnptvwhKhC5LWmFBMTzzp0nRAR4NiFAUqOKf_4TaDm0VE1-IWzPUcmHWusJgIhlw&google_hm=WlZiTlRzQ281dWNBQUtSSnhzUUFBQUFB
Cache-Control
private
X-SO-HostName
a-ad40069.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
5
Content-Length
0
X-SO-LB-Hostname
a-tgng40016.dc2p.scaleout.jp
X-SO-IP
185.195.71.214
attr
cm.g.doubleclick.net/pixel/ Frame 9DE4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KS31rUP3tvvxoHSsnYNl7so38oNsBpvRBisq6xHoDkxVXzZZBcIJbC22rEHjOQ-8pdQMzV
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 5B1A 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
29805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ Frame 9FCB 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm111VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
494d66c1f510af5609c852b228a4ad3e0f12ccf93126b5f437f8e4ac14def828
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tpc.googlesyndication.com
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:41:38 GMT
x-content-type-options
nosniff
age
189371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8680
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:15:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Nov 2024 21:41:38 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 5769 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJlKsoiEL0PKR02ldvTC083cDperz4GL5N0FqEeuqeuJdU7XrsJY4jgfeNuTseQOE05ZMZCVAzs3epFBq3ZIh9zDqzxqpmKludYHigCmhaKugr-AvwcgjtkusnVcbgTS9Qbw5hbizd8pHr8-_2o6Z03ezkj1XMMeg0To2vsE503CYVIhYjsVXK-nq5ZtHVIEaFJNXE54FNbuFstVDLcRzLwNfYkhxDt0OCowPk1Et4nC-Q1EUgOTHPAuzTFXzBNSFlBhM0TnSKi4vga3pANJklLte7Iu21OJE2uFOuQ_IJ6baJnDUo6NY1CPtGDcGL5Zcg9fbx_8l85CwJT7rZJ2FZvMiPCFvAKHA&sai=AMfl-YSdIsorPaXu81XaRWk-OPxlDJQpKUM9cxyAXU7iRgnln1nUuIePVWskNVRovcKfiyf7Jjgvgybg90qTEAuAJwtXYAq-5kKl5_6Xsrpxo-wEbvL_c5Pmd6tdtqHEhdM&sig=Cg0ArKJSzOYYjUg_Z7zpEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 02:17:49 GMT
Standard
s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/ Frame 4AFF 		92 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/630/s1.adform.net/load/v/0.0.235/e/.gSBgiDQ/i/vCAv.IAAAAAUAA/r:AdConstructor:contents/HTML:types/Standard
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
3b1eff64e77bf4378206394ce0eaa5726402de0d0711131317f8a1054f460282

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
last-modified
Thu, 12 Oct 2023 13:27:00 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Tue, 17 Oct 2023 16:09:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 6B52 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
737ae1c4783d6865bf12ab5e22099aee84ed982b619aa157ff27acdce0000e39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12327
x-xss-protection
0
csi
csi.gstatic.com/ Frame 88F5 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=6~lp1zpz9x&c=871759777855&slotId=435879888927.5&fas=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 127B 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14893_2023&adk=1587687671&adf=2452301109&pi=t.ma~as.3006%2F14893_2023&w=336&lmt=1700187468&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700187467477&bpp=132&bdt=627&idt=690&shv=r20231109&mjsv=m202311090101&ptt=5&saldr=sd&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&correlator=871759777855&frm=23&ife=1&pv=2&ga_vid=1707958932.1700187467&ga_sid=1700187468&ga_hid=955385354&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=2026&biw=1600&bih=1200&isw=336&ish=280&ifk=2575727733&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079628%2C31078297%2C44807754%2C44807763%2C44808148%2C44808285%2C44809056&oid=2&pvsid=3321110143345705&tmod=2076779727&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=1.bmje7n4cndfs&btvi=1&fsb=1&dtd=728
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
339738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 03:55:31 GMT
truncated
/ 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 		254 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Fri, 17 Nov 2023 02:17:49 GMT
via
1.1 varnish
x-amz-request-id
DM4PFN0WZV5ZS5NS
age
10176
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
QYSQ4/qAqV4Hb4K6M+GoojBK1e8pnhtotO1/yTxdJpopul6YDUPXKzR3ArITbOLUVAA12TmhKuQ=
x-served-by
cache-mxp6947-MXP
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1700187470.682014,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
60
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
382
publishertag.prebid.js
static.criteo.net/js/ld/ 		96 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.135.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 27 Oct 2023 06:43:26 GMT
server
nginx
etag
W/"653b5c0e-1811e"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 18 Nov 2023 02:17:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 6B52 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311090101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:17:49 GMT
4072496958553746652
tpc.googlesyndication.com/daca_images/simgad/ Frame 88F5 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/4072496958553746652
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35c214f925928346f704baed1b7f12e1ba193d1e614e1b9dd36f5c8c5f4ff276
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 05:08:23 GMT
x-content-type-options
nosniff
age
76166
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101964
x-xss-protection
0
last-modified
Wed, 18 Oct 2023 17:49:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Nov 2024 05:08:23 GMT
pixel.gif
ad.vidverto.io/vidverto/test/ Frame 88F5 		42 B
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/vidverto/test/pixel.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
last-modified
Mon, 26 Oct 2020 16:14:05 GMT
server
nginx/1.14.0 (Ubuntu)
accept-ranges
bytes
etag
"5f96f5cd-2a"
content-length
42
content-type
image/gif
/
googleads.g.doubleclick.net/pagead/live/interaction/ Frame 88F5 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/live/interaction/?ai=C4KrcTM1WZbmrO6PDhcIPnpCtuAG49ZiddLKX5_iQEtzZHhABIJ-X_GJg9QWgAYihx44pyAEC4AIAqAMBmAQAqgTWA0_QdfzhpEw9E9wUZYrdNBGBvUQO100ATK3Wuh2rezpLxOe8rqjfV5A47Vw4Bn1mO7camxVUbIRayNBtTI1_Ghh2BdatVWaq_xvQhQ0_to9bFu9vulDUNsAjP0TMHX_q-0IVTPPwxf1vhIDHYdBPNac8dpeAVwTnDrw56uTBEYBYqaDthYhVRW_YqSyjF9-sCju5PSScg7tnhm2xXRUe5dgeoLm_Q4YfpoKbjnKzWUubZ6DYq1qlOBral5Bxve0QRXq_miEA2jnz3rYUBQI6Qa8JcH26AlL9nu2NT7r1V47dStgTLgNGE7i5nAJy-EiaTgrAp1kmqyljFCpaAwSrGvOdf3VQTEqhe9qUplMBVmRedFgOetlGjS48-20OWrK_PWqCsjDB5mFu0EWzAKKmcR9dlh8LFmPxXz8SM7A2STLKGWw983duHJgUYgGo74BT9IEmsZ1ppFDahaw4iAeazM3b8QfENC7sEgMkNKL8_z7AZsPzaVuHYFCyZ-4vjOybmViunCbqEo4_3kdu6kIMdsXesD2dD5BgyWwzMIk4Sn3X102krNzM2DCTBVLipEcfz3pBGxInIIOA1moNUI_5PPEPYg-NrwIQFE-tPCWC0i1u2sapvmmGwAT0zZDc1QTgBAGIBYGv5qBNoAYCgAeI2ZfuA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwHSCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAqoNAkNI4g0TCITujfH7yYIDFaNhQQIdHkgLF9gTAtAVAZgWAfgWAYAXAQ&sigh=yj_aMrTJZCs&cmd=Ch1jYS12aWRlby1wdWItMzE5MTI4OTg4MjA0NTE1NRAAGAI&label=videoplayfailed501
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
x-content-type-options
nosniff
server
ltt
x-frame-options
SAMEORIGIN
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
pagead2.googlesyndication.com/bg/ Frame 9FCB 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Yf5BzeG23wDzTlqXlXQekm6IYbjoDTlv95nUi6zaUwA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 03:55:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
339738
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14900
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 12 Nov 2024 03:55:31 GMT
logo.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		5 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/logo.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4004d343b43e48c59863f5690f31b555f7760fff781b444f15c2bce87df143b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 14 Nov 2023 04:45:57 GMT
age
250312
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2522
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 04:45:57 GMT
seat-light-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/seat-light-2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
91dc522d482d4dbc72031c96fce196616d623369c1d60f973e2a581cfae0b44b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Nov 2023 23:24:24 GMT
x-content-type-options
nosniff
age
10405
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1504
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Nov 2024 23:24:24 GMT
seat-light-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/seat-light-1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5bdd4245ca3eebbc158f3d9637f6dec42143d2b15daaee936d6ba58016c7b1a5
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 12 Nov 2023 07:01:51 GMT
x-content-type-options
nosniff
age
414958
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2767
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 11 Nov 2024 07:01:51 GMT
seat.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/seat.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b467a8f8d2eb79999ccf1f44c046f4c6782dcf369d707e462a2c3fa4d2683482
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Mon, 13 Nov 2023 05:39:24 GMT
x-content-type-options
nosniff
age
333505
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26374
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Nov 2024 05:39:24 GMT
smoke-2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/smoke-2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ef4ed6d7cea184f923b05413ba65169082c55107f94bc3eef474bd7758a5e08f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Thu, 16 Nov 2023 23:39:00 GMT
x-content-type-options
nosniff
age
9529
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19366
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Nov 2024 23:39:00 GMT
smoke-1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/smoke-1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fd9ed0cf3f4d3240bf2f291dfd671c55fe54af829508185091c64fef19d5dff6
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 14 Nov 2023 21:19:12 GMT
x-content-type-options
nosniff
age
190717
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21842
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 21:19:12 GMT
cars.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/ Frame 9FCB 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/cars.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bf6496f6270b380201f495715b9c8764d29d6e09f9e8ac541ad3a833db5fd66
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/1442381191717488606/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Tue, 14 Nov 2023 05:38:46 GMT
x-content-type-options
nosniff
age
247143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51303
x-xss-protection
0
last-modified
Thu, 13 Jan 2022 13:08:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 05:38:46 GMT
bridge3.605.0_en.html
imasdk.googleapis.com/js/core/ Frame 08A7 		752 KB
241 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
170587
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
246766
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Nov 2023 02:54:42 GMT
expires
Thu, 14 Nov 2024 02:54:42 GMT
last-modified
Wed, 15 Nov 2023 02:49:47 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8C92 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 01:55:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Fri, 17 Nov 2023 02:55:32 GMT
/
track.adform.net/csimpr/ Frame 4AFF 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/csimpr/?bn=68934215&csi=D5E_tWVTeCVytH0qA6ddArXjOrgixijSarGKqewWTIkJDwKV3Zer3AEI7IAC6ToD6KeaXEzVWUjQnDj69P8Bmty6P44QYHgGL4NHU6RsJooDvP-67D9Y4w2
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
480_650.mp4
cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/ 		324 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

Date
Fri, 17 Nov 2023 02:17:49 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 0-17211103/17211104
Connection
keep-alive
Content-Length
17211104
cds-pips.js
cdn.taboola.com/scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:49 GMT
x-amz-request-id
HHY0NQ91R65HT3D9
age
3495
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
1aLLj3wTF6Hb4QpDejMBZ+IhqWdnyRRAZC3aa69irK3RgvzcwGvLjH/ZFc60e1UY4gUBo215H64=
x-served-by
cache-mxp6947-MXP
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1700187470.979993,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
98
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
1103
eid.es5.js
cdn.taboola.com/scripts/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Fri, 17 Nov 2023 02:17:49 GMT
x-amz-request-id
A6XD77SS1CMDSM72
age
10129
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
FSxV+8Hpz/6WkleYz3xquIzHKjbgxOmYAfNkOGLdUSjKradKSM07FyoFtz+tnbwAd2b/26VZ5MQ=
x-served-by
cache-mxp6947-MXP
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1700187470.980928,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
92
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
583
c.gif
www.bing.com/aes/ Frame D22A
Redirect Chain
  • https://www.bing.com/api/v1/mediation/tracking?adUnit=391466&auId=86359b83-b8ec-40f8-9679-f9f2c184d462&bidId=15000&bidderId=4&cmExpId=LV1&oAdUnit=391466&publisherId=162645330&rId=b7112500-1c04-4bc4...
  • https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=12ff6b46532f4bd1837e4f12162d6494&tids=15000&med=10
0
184 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=12ff6b46532f4bd1837e4f12162d6494&tids=15000&med=10
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2DAA07DCDC9E445BB12565A29B549E83 Ref B: ZRHEDGE1108 Ref C: 2023-11-17T02:17:50Z
vary
Origin
x-cache
CONFIG_NOCACHE
p3p
CP=BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo
cache-control
private,no-store
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=15724800; includeSubDomains
date
Fri, 17 Nov 2023 02:17:49 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 3F3135A69BEC45B0A960CDD77A0FAB45 Ref B: ZRHEDGE1108 Ref C: 2023-11-17T02:17:50Z
vary
Origin
x-cache
CONFIG_NOCACHE
content-type
text/html; charset=utf-8
location
https://www.bing.com/aes/c.gif?type=mv&reqver=1.0&rg=12ff6b46532f4bd1837e4f12162d6494&tids=15000&med=10
cache-control
no-cache, no-store, must-revalidate
content-length
146
expires
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1A6D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
age
45296
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Nov 2023 13:42:54 GMT
expires
Fri, 15 Nov 2024 13:42:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0801 		829 B
558 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
98c04ad96d66cfe1bd4c96a1fc1ca0fd526cf7298eaacd6dbae7890b0ac973a4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bvdu7yOm1j6w31p03VMwoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Bvdu7yOm1j6w31p03VMwoQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
Fri, 17 Nov 2023 02:17:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
13311272.js
s1.adform.net/Banners/Elements/Files/2135726/13311272/ Frame 1824 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/Banners/Elements/Files/2135726/13311272/13311272.js?ADFassetID=13311272&bv=257
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
44ade2ec01f729473700678dcbe209b33f16266837991014e6f622c590876170

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
content-encoding
gzip
last-modified
Thu, 10 Aug 2023 13:34:40 GMT
server
nginx
x-amz-request-id
tx00000e626bc1dd979373c-00653198db-3295cc06-default
etag
W/"d6c6e0ff915406890c477664009096be"
x-cache-status
STALE
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
access-control-expose-headers
Content-Range,Content-Length
x-rgw-object-type
Normal
cache-control
public, max-age=604800
activeview
pagead2.googlesyndication.com/pcs/ Frame FC3F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssBsrrCf2AQLn-N0wIDs392epqG90RHRqy8mGuLxOHFIViDnrhBwR58P_aUUwelOnJ8Y7nvcu3tG0sM9aNWsDmesbpHNd7JJqvW14JoMbJIfEyhZiuqdA&sig=Cg0ArKJSzNBcZrYR0ryKEAE&id=lidar2&mcvt=1160&p=1110,436,1200,1164&mtos=1160,1160,1160,1160,1160&tos=1160,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3374688892&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700187467775&rpt=1205&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame D22A 		0
660 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&e=wqT_3QLkCOhkBAAAAwDWAAUBCMqa26oGEMzAzPTF1amtXxgAKjYJ_g5TFRw8nz8R2OcO4U2snT8ZAAAAoJmZyT8h2A0SACkRJNgxAAAAQOF6lD8w8uzGCjj9XEC1XkjjA1C6iYq2AVi5tIoBYABotZGzAXjC9AWAAQGKAQNVU0SSBQbwWJgBrAKgAfoBqAEBsAEAuAEBwAEFyAEC0AEA2AEA4AEA8AEA2AIA4ALQ8FzqAnBodHRwczovL3d3dy5iZzMuY28vYS9ob25nLWRhbi1jaGFvLXp1by1yZS1nARUcYnUtbWVuLWQBDFRzaG91LWh1YS1qaW5nLXF1bi15aS1qCRMwY2hlbmctc2hhbmctZgEFeHNoaS5odG1sgAMAiAMBkAMAmAMXoAMBqgOxAwrHAmguhgDwhmluZy5jb20vYXBpL3YxL21lZGlhdGlvbi90cmFja2luZz9hZFVuaXQ9MzkxNDY2JmF1SWQ9YjcxMTI1MDAtMWMwNC00YmM0LWEwNjEtNWJiMTUzZmNhOWEwJmJpZElkPTE1MDAwJmJpZGRlcklkPTQmY21FeHBJZD1MVjEmb0FkVW5pdD0zOQVcGHB1Ymxpc2gFKSwxNjI2NDUzMzAmckmacQC4cnR5cGU9bnVybCZ0YWdJZD0yMjEzMjMzOCZ0cmFmZmljR3JvdXA9a25hcWVfM2MRFghTdWI2GQDwT19weXZweHBiYXN2ZXpuZ3ZiYV91YiZhaWQ9JHtBVUNUSU9OX0lEfRIFMTIwODUaEzY4NzA5ODc0NDA3NTgzOTkwNTIiCTM4MTg0NjcxNCoEIWTwnzo4VTJWaGNtTm9RV1FqTnpJNE5ESTVPRGMwTURBM05EWWpNak15TkRZME1qUTFPVFl3T0RZNU5RPT3AA9gEyAMA2AP0wMQB4AMA6AMA-AMBgAQAkgQNL3V0L3YzL3ByZWJpZJgEAKIEDjE4NS4xOTUuNzEuMjE0qAQAsgQQCAAQBBjYBSD6ASgBMAA4ArgEAMAEAMgEANoEAggB4AQB8ARF7FiIBQGYBQCgBcWArbrlhYeBCcAFAMkFAAUBFPA_0gUJCQULfAAAANgFAeAFAfAFgpNf-gUECAAQAJAGAJgGALgGAMEGASE0AADwP9AGwo0E2gYWChAJEhkBcBAAGADgBgHyBgIIAIAHAYgHAKAHAcgHwvQF0gcNFWUBJgjaBwYBXvB1GADgBwDqBwIIAPAHv4MNighHCkMAAAGL2xHpEF9apqxekyBMAb6g2TMUAxaF8NSVlFShKfachEWyl1D4puupHZS-zN6S6QWqjat_HFbEf-i0qqawKH5FEAGVCAAAgD-YCAHACADSCA4IgYKEiJCgwIABEAAYAA..&s=87ec3c4e1d6d23b18cb6bdab4c797ed65e667c01&type=pv&jm=1003&px=605&py=60&bw=300&bh=157&sf=1&sid=5611251021139464531&vd=ct~0|rr~5&sv=240&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=22132338&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/240/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
an-x-request-uuid
8f72727b-1ede-425a-ad37-1f705524e866
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
pips.taboola.com/ 		4 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-served-by
cache-mxp6923-MXP
date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bg3.co
cache-control
no-store
accept-ranges
bytes
content-length
4
retry-after
0
x-cache-hits
0
Adform.DHTML.js
s1.adform.net/banners/scripts/rmb/ Frame 1824
Redirect Chain
  • https://track.adform.net/banners/scripts/rmb/Adform.DHTML.js
  • https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
30 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Server
37.157.6.235 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 12:02:22 GMT
server
nginx
x-amz-request-id
tx00000496f57c7341b8671-0063766147-329354d9-default
etag
W/"4731aef0a5114a59b4311776d270e848"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-rgw-object-type
Normal
cache-control
public, max-age=604800

Redirect headers

location
https://s1.adform.net/banners/scripts/rmb/Adform.DHTML.js
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
content-type
text/html
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 17 Nov 2023 02:17:49 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
237195
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
368 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
209232
expires
0
rid
match.adsrvr.org/track/ 		63 B
418 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
eed7de3a9927e7458e9efa732e5f67b62671f716d8ae9e82bb445fc5b966ac13

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 17 Dec 2023 02:17:50 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame C176 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
390
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
82747aca8ff623c7-ZRH
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
Fri, 17 Nov 2023 06:17:50 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4DFB 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 02:17:50 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame 8160 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:50 GMT
/
onetag-sys.com/usync/ Frame 6FF6 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700187467228
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
aa0c7ad808b4583418613d2cf3bfcb4891507be46a6e1f419264f97212c95e4f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1066
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
checksync.php
contextual.media.net/ Frame E0EC 		24 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C2069%2C237%2C117%2C51%2C97%2C55%2C99%2C2045%2C3012%2C2043%2C2040%2C244%2C2039%2C3007%2C246%2C4%2C203%2C446%2C9%2C2055%2C2099%2C173%2C294%2C251%2C175%2C450%2C132%2C374%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C459%2C70%2C77%2C2022%2C2021%2C141%2C262%2C186%2C461%2C222%2C345%2C468%2C10000%2C80%2C108%2C229%2C307%2C508&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ef6ca8dad8a63869fec190ce7949b92b367981f281677daf118b588e2313fb93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8530
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
Sun, 19 Nov 2023 02:17:50 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
/
csync.smilewanted.com/ Frame C878 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747aca49b2bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:50 GMT
server
cloudflare
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame D85F 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.16.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-16-183.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Fri, 17 Nov 2023 02:17:50 GMT
ETag
"623de86a-cf34"
Expires
Sat, 18 Nov 2023 02:17:52 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
X-Akamai-EW-Subworker
8096267
sync.html
public.servenobid.com/ Frame 6F97 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-45.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

age
77335
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 16 Nov 2023 04:48:56 GMT
etag
W/"ea81456e0a6e1fca0e7a864b1d3121aa"
last-modified
Mon, 02 Oct 2023 23:54:30 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 0a4e8f7c3d348e526848328c55dd452a.cloudfront.net (CloudFront)
x-amz-cf-id
md9D_IFz8ig3coSgF4y6S7_auRhf76_uL5Wz5NW7L3g7v9tEsiwFow==
x-amz-cf-pop
FRA56-C2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:58584356-ee8f-4de0-abcc-b50f847fba2c
x-amz-meta-codebuild-content-md5
d3f9c0952d74faa30fada14e06b377b0
x-amz-meta-codebuild-content-sha256
8aa4841af9e8588faa6f0e126d94acab1f39eb0115dfa16eac2daccf149690d0
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
pd
adpushup-d.openx.net/w/1.0/ Frame 4D11
Redirect Chain
  • https://adpushup-d.openx.net/w/1.0/pd
  • https://adpushup-d.openx.net/w/1.0/pd?cc=1
653 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/pd?cc=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
3ef7158e9734fef662568162138a034a9d0d9758353d1ad3708a25f628b48202

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
412
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://adpushup-d.openx.net/w/1.0/pd?cc=1
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
via
1.1 google
isyn
prebid.a-mo.net/ Frame D9D0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1698934930219.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.97.67 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Fri, 17 Nov 2023 02:17:49 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
ads
pubads.g.doubleclick.net/gampad/live/ Frame 08A7 		156 B
227 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/live/ads?iu=%2F21986089839%2C22574853003%2Fivm_video%2Fivm_bg3.co_video&description_url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&tfcd=0&npa=0&sz=1x1%7C300x250%7C320x480%7C400x300%7C480x320%7C480x360%7C600x338%7C640x480%7C720x405&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4409639597544672&sdkv=h.3.605.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&u_so=l&ctv=0&mpt=vidvertoplayer&mpv=1.0.0&sdki=445&ptt=20&adk=3132361577&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.605.0&media_url=https%3A%2F%2Fcdn.vidverto.io%2Fsecured2%2FL6QRjmrq_Lml72YpVqIZSg%3A1700191067%2F1327%2Fvideo%2F1813%2F480_650.mp4&sid=E6A8635F-6358-4415-B5A1-2BBD961D626A&nel=0&eid=44770822%2C44772139%2C44777649%2C44781409%2C44797014%2C44802074%2C44802463%2C44804291%2C44804616&top=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&loc=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=1700187470494&cookie=ID%3Db7d37ca96679f1ce%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg&gpic=UID%3D00000cca2f5d1d86%3AT%3D1700187466%3ART%3D1700187466%3AS%3DALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g&scor=553868059726714&ged=ve4_td4_tt2_pd4_la4000_er741.400.742.800_vi0.0.1200.1600_vp100_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ltt /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
153
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
ltt
google-mediationtag-id
-2
google-creative-id
-2
x-frame-options
SAMEORIGIN
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cds.taboola.com/ 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-store
server
nginx
sodar
pagead2.googlesyndication.com/pagead/ Frame 0801 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=3321110143345705&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 4DFB 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38314
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:24 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5769 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWgFGCkVS8dE7j2NzHCc5Ib19pYgXnxZfi1xrDZrD_RSmvu5rBJcZi8VRaURHiKj4ddmh9Fg4JCEjYSm29QDANAXEaHG6wGVlr8Wo0OPhyVZ6uMFrv8XIGMnYUWBfRO8RsTu-VPwZlCw&sig=Cg0ArKJSzNsVepQx7GUREAE&id=lidar2&mcvt=1051&p=60,295,310,595&mtos=1051,1051,1051,1051,1051&tos=1051,0,0,0,0&v=20231115&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=19&adk=2102018513&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700187468131&rpt=1355&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
onetag-sys.com/usync/ Frame 6AC0 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1700187467537
Requested by
Host: ad.vidverto.io
URL: https://ad.vidverto.io/js/achernar/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
9dfba7b4c7519a72c754e4496e1eba764114254aa7d1e4f02eb4b24b49220900
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1066
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
img
sync.mathtag.com/sync/ Frame 6FF6 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467228
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x28 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x28 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 17 Nov 2023 02:17:49 GMT
/
onetag-sys.com/match/ Frame 6FF6
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467228
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187470620003-339
tap.php
pixel.rubiconproject.com/ Frame 6FF6 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=0Grv_ZneLi39Y1GuCvPz0QCDe1uGvtQnQFRc_qZDHb0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467228
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 6FF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467228
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame 6FF6 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467228
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 6FF6 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467228
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
usermatch
ssum-sec.casalemedia.com/ Frame A528
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
843 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc874f58e164935f002dc346f498a0bc44fb7cea32c8dc4f09e999fdf1997a9c

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82747acbad97021d-ZRH
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4xtj7L8oNAu9eSizaCft5wKfUjXeHMaUP6CsDukagrwC%2BYQW2g16cFsqSlNg3NdEgKlBqZUie09kBi9tgz91NUmU77D9hVnFQ%2F49tOM5bjPtA%2FgzfNXVyJ2rRVL3e7AO7U5afEWuY1mzxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82747acb7d52021d-ZRH
content-length
0
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
0
location
/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aor6sOPNAlBHStaxaCHCchIhOQQhM1bCbywoYkamHKbRvmeMYFbTN4FGMQ8%2BqFiIxvKBd2wMA29M4%2Bd8ntp5%2FqTEu6HuwpTu%2F1yJERJTDjxsStSndNhUaDIhauY2FdPEhvqgKCZYkQtF2A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 1A6D 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 18:01:04 GMT
content-encoding
br
x-content-type-options
nosniff
age
29806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 15 Nov 2024 18:01:04 GMT
64d4e74a0a0c2639203489fe
c.bannerflow.net/a/ Frame 1824 		73 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/64d4e74a0a0c2639203489fe?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fwww.bg3.co%2f
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2915cacb272776c42786f250cb34a9ace5da4e17b522b80ebee4b75d30aa39d4

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 17 Nov 2023 02:17:50 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, s-maxage=10
cf-ray
82747acc1e26021d-ZRH
request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
13926
g2.gumgum.com/usync/ Frame A3A3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.158.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2c9fe1c9e21fd520dfa82c1441da74a4d9f22b7d0d0fc4b3f34e69d7774120d0

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Fri, 17 Nov 2023 02:17:50 GMT
etag
W/"07ec66c37f4fdc858e37217485deb7041"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame FBF3 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
12ca1f90838744f3288c40238b38c65e76861cb85c441505d42ce8401aec7615
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1093
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 690A 		929 B
995 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
b1e963c339c0a3ca004b519a5bebc4a0f6399b3a62cf442a259b98b304371a23

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
929
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 4526 		2 KB
955 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c26b74d41ed80708b198ef381c3d5b2d7213e8cce414790a40a31f72f18abd40

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
82747acbbda3021d-ZRH
content-encoding
br
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yQfLveiR1MGOvuBWhwziLmJiM4LTjEvS0ce3EnWZpz7hROQptB%2FCdR%2FsSKJNLNUAIb%2B5DIv27KLGn6%2F8VwwU7VehkKutdaQ%2F6VQ7QjNMvymY8jFGB14sQvgaOBnae0D0GtTmWy8ItuEemw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame FAB1
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 02:17:50 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D5B 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111745
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
Sat, 18 Nov 2023 09:20:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame 9F45 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
08f6cecd267dba9571f4da3e27fb521f36befdc723b709ce738b83ac55ed4f81

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-encoding
gzip
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
server
istio-envoy
vary
Accept-Encoding
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
x-amz-cf-id
NP5g3F5n5h1yS9enl9xuxqn-edMyghHLI8a_Kc4ZgsF5biLnYARjPQ==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
user-sync
sync.adkernel.com/ Frame 3F34 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Fri, 17 Nov 2023 02:17:50 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame B1FF 		557 B
1011 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
54.211.177.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-177-173.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
06484a64eaeea277e538c62795a985df0636f5e129ad274b236947294c06447d

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
557
content-type
text/html
date
Fri, 17 Nov 2023 02:17:50 GMT
server
istio-envoy
x-envoy-upstream-service-time
1
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=4737946100709174159
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=4737946100709174159
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
an-x-request-uuid
9ecd301b-2711-4821-aaab-ee1e63e366c0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=4737946100709174159
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=Hq0JtRZHJ0kwAHgrQwiKYQoU
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=Hq0JtRZHJ0kwAHgrQwiKYQoU
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=Hq0JtRZHJ0kwAHgrQwiKYQoU
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap5ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 6F97 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 02:17:50 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://ad.turn.com/r/cs?pid=45&rndcb=5850600376
  • https://sync.1rx.io/usersync/turn/8103032297166246067?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX9f02e5dd827d4dc0bffeb877fead070c003
content-type
text/html
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5144588527503405045
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5144588527503405045
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5144588527503405045
Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=0d48f7bf-3768-4ebc-beb6-3de6de9a39c4
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=0d48f7bf-3768-4ebc-beb6-3de6de9a39c4
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-71
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ads.servenobid.com/sync?pid=332&uid=0d48f7bf-3768-4ebc-beb6-3de6de9a39c4
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Fri, 17 Nov 2023 02:17:49 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
45f6616f8301569fb3628edffa5edae8.gif
cs.admanmedia.com/ Frame 6F97
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3ce164ce-1168-3b18-bf2f-a6731aec520a&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid...
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3ce164ce-1168-3b18-bf2f-a6731aec520a&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zY2UxNjRjZS0xMTY4LTNiMTgtYmYyZi1hNjczMWFlYzUyMGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zY2UxNjRjZS0xMTY4LTNiMTgtYmYyZi1hNjczMWFlYzUyMGEyAhgGOAE=&gdpr=&gdpr_consent=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
80.77.87.162 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:51 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive

Redirect headers

location
https://cs.admanmedia.com/45f6616f8301569fb3628edffa5edae8.gif?puid=ua-3ce164ce-1168-3b18-bf2f-a6731aec520a&redir=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D24%26buyeruid%3D%5BUID%5D%26r%3DCid1YS0zY2UxNjRjZS0xMTY4LTNiMTgtYmYyZi1hNjczMWFlYzUyMGEQ____________ASpTaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzQ2JnVpZD11YS0zY2UxNjRjZS0xMTY4LTNiMTgtYmYyZi1hNjczMWFlYzUyMGEyAhgGOAE=&gdpr=&gdpr_consent=
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 6F97 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.136.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-136-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
sync
ads.servenobid.com/ Frame 6F97
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Fri, 17 Nov 2023 02:17:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Fri, 17 Nov 2023 02:17:50 GMT
sd
us-u.openx.net/w/1.0/ Frame 4D11
Redirect Chain
  • https://cms.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_uhXjqu5Vtrl6QGN-LlP3KnlU4_lvlTb_rgzmMBU
43 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_uhXjqu5Vtrl6QGN-LlP3KnlU4_lvlTb_rgzmMBU
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=_uhXjqu5Vtrl6QGN-LlP3KnlU4_lvlTb_rgzmMBU
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4D11
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8056414443070265019
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8056414443070265019
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8056414443070265019
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
dcm
aax-eu.amazon-adsystem.com/s/ Frame 4D11 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=fa457a28-e898-4449-9a1d-2b11dd13a271&id=a678d9ec-636f-8d75-97ae-ffefdf9606c8
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SMWWNRS4ETRQBQXBV3AM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
openx
match.adsrvr.org/track/cmf/ Frame 4D11 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=feaea591-7fc5-368f-57a0-7d78b7a5cd28&gdpr=0
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
pixel
cm.g.doubleclick.net/ Frame 4D11 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZDJjMTc2NWItYjZiMi02ODJiLTQyNDAtMjdjMTdkNDcwMzQ4
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4D11
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIPicT-OiELIsRv5a6SqLHI&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIPicT-OiELIsRv5a6SqLHI&google_cver=1
Requested by
Host: adpushup-d.openx.net
URL: https://adpushup-d.openx.net/w/1.0/pd?cc=1
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://adpushup-d.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEIPicT-OiELIsRv5a6SqLHI&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame D85F 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
an-x-request-uuid
7e6e3e2f-0578-40b3-9898-a7a686056f20
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 5B1A 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S8Hdgg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame C878 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
1299133
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
82747acc6a56bb20-MXP
expires
Thu, 31 Dec 2037 23:55:55 GMT
img
sync.mathtag.com/sync/ Frame 6AC0 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x16 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x16 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 17 Nov 2023 02:17:49 GMT
generic
match.adsrvr.org/track/cmf/ Frame 6AC0 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
sync
x.bidswitch.net/ Frame 6AC0 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467537
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.230.223 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-230-223.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
/
onetag-sys.com/match/ Frame 6AC0
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467537
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=1
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187470546047-333
tap.php
pixel.rubiconproject.com/ Frame 6AC0 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=dnSdh8FTVnAZGjmugX5PwM8odC8JLGIhMvhEZwm0b2A
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467537
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame 6AC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1700187467537
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
dcm
s.amazon-adsystem.com/ Frame A528 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.46.151.131 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
7Y9M06C9G845G76DHS9W
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A528 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
362358.gif
idsync.rlcdn.com/ Frame A528
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=b599b6ac249443169ade5b62a36228eb
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1aa1cde8-139b-4784-a480-00eb3f0a0c22
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=835ee9d9-687f-4feb-8f74-7ce8f84a2864%3A1700187471.6447213&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D835ee9d9-687f-4feb-8f74-7ce8f84...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527503405045&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D835ee9d9-687f-4feb-8f...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=835ee9d9-687f-4feb-8f74-7ce8f84a2864%3A1700187471.6447213&_=1700187471.6468797
  • https://idsync.rlcdn.com/1000.gif?memo=CM3PHhJBCj0IARAFGjc4MzVlZTlkOS02ODdmLTRmZWItOGY3NC03Y2U4Zjg0YTI4NjQ6MTcwMDE4NzQ3MS42NDQ3MjEzEAAaDQjPmtuqBhIFCOgHEABCAEoA
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A528
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZVbNTlVsUjeTdTa5zO2UGQAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGAVNNpe8nK6LmI_A8rUg7s&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGAVNNpe8nK6LmI_A8rUg7s&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bo30UU10m9bGG8YjmWfIJ1JwBRQHdYkvlfOb7KnFPn%2FbUwfpcWQL3FjCplW69HuQE5eQ%2B7wyPbmKD7NgVbYXjwpZTkcKjEjzmMXMtU6Q9kUUlfhGXla7zB5GL39lw9xWgsJbDimBnaArLg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acdac9924c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGAVNNpe8nK6LmI_A8rUg7s&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A528
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71E1AB8744644695805E27A511A92768
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71E1AB8744644695805E27A511A92768
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c2XdDvi2T7AO2iIdg3SCW%2B30CVUqgBEfMFfqj9z0pSNhIuUfwfyu5bLlkWpFBqP30c4I87OU8hzZN5SNNb9O15jvQoukIpNUIgBR8NQKTuJT7oFSdheJHddqLSQ1GP5v%2FKLcHy11vW4e7w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acd3c0324c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=71E1AB8744644695805E27A511A92768
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Thu, 16 Nov 2023 02:17:50 GMT
demconf.jpg
dpm.demdex.net/ Frame A528
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
42 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Server
52.31.205.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-205-224.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

dcs
dcs-prod-irl1-2-v054-099548ed2.edge-irl1.demdex.com 1 ms
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
0XhyUxjNRus=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-0d8917a30.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
5fPD2zlgTfc=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
crum
dsum-sec.casalemedia.com/ Frame A528
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8056414443070265019&expiration=1701397070
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8056414443070265019&expiration=1701397070
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eF24S8T9hXbVPNTVzrKj%2Fs%2BXhBTajLv33iBbx6h8NQypBtMYLlm7QC64ewX%2F0Zg4nh%2BkwxytqKVQTwndpv%2FUyZiFF%2BiC7hvhyRcKk2v6IsgDB1TyIPADLNXXXxP1hGIM8Vx5vzIDx1ZoTw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acd4c1a24c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=8056414443070265019&expiration=1701397070
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame A528
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4737946100709174159
43 B
735 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4737946100709174159
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpDHzRix1%2BbSHaAnx7SUMtU1eMkx9jn%2F0TS9gQRvklSgQ%2BJzYmYYOlp0FHQons6%2B8j%2B1k1AspuUVPamCwxgvATKuYn5RwJDPOvf1ONyTHHOwTs7tdvCPXS2hfHqAxyG4F9nzDuIy42fatw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acd3c0824c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
an-x-request-uuid
dd925c02-e371-4db0-a1b7-e9a316bfb478
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=4737946100709174159
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame A528 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZVbNTlVsUjeTdTa5zO2UGQAA%261101
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
84740
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
82747accfaaf23c7-ZRH
content-length
43
expires
Sat, 18 Nov 2023 02:17:50 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 4526
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNYngN2i_XuRJGJB0WPZLU&google_cver=1
43 B
768 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNYngN2i_XuRJGJB0WPZLU&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbxIzc2uQIp69oQG344IYKpCYiIL25MI5NOJmn6PxnnEOjQCOZJ1N17tGd%2B4tlWqyEX%2F9V4OvNrCSKXqEqIM8s1fWq%2Fm2n6OOh0xuQZ1DJ6XaL31WPcfzE0PQRIgpGIM7ne7019kwgQpew%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747accdb8324c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEKNYngN2i_XuRJGJB0WPZLU&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
362358.gif
idsync.rlcdn.com/ Frame 4526
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZVbNTlVsUjeTdTa5zO2UGQAA%261101&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=1aa1cde8139b4784a48000eb3f0a0c22
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=1aa1cde8-139b-4784-a480-00eb3f0a0c22
  • https://p.rfihub.com/cm?pub=39342&in=1&userid=05bdbb83-c425-4452-ab6f-e97636264e93%3A1700187471.6460516&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D05bdbb83-c425-4452-ab6f-e976362...
  • https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5144588527503405045&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D05bdbb83-c425-4452-ab...
  • https://idsync.rlcdn.com/501709.gif?partner_uid=05bdbb83-c425-4452-ab6f-e97636264e93%3A1700187471.6460516&_=1700187471.648279
  • https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
  • https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
42 B
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:52 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:52 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEEQ2HEgrJIAOJggM8vwfKzA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
289
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 4526 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a431:4595:7531:b100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
generic
match.adsrvr.org/track/cmf/ Frame 4526
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=a22d91ba4e30f9aaf86fe39e8716c80&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=umv1972_7302251787229313097&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?userId=AABVWE7KrZsAABT_CDLLUg&dataProviderId=817&gdpr=0
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187471168023-418
crum
dsum-sec.casalemedia.com/ Frame 4526
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=asMivCp31R3Oqy5
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=asMivCp31R3Oqy5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dU2XtVBtTMHgfo%2B7tmjQFySiIjpbNy3KFu%2FsJDdSKTsXwu9WoIEcHTSr4ogtlVtceq7WrjrvX5Fv1J0b%2BILkb1yc2yQ9l0gFw0Mu%2BdpoY4KnDdFH2kQkBm0W0pfDgW2ve24xVT786GeNmg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acddcef24c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-795-gb641a57#rel-ec2-master i-006fa252bd7417634@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=asMivCp31R3Oqy5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 4526
Redirect Chain
  • https://sync.adotmob.com/cookie/indexexchange?gdpr=&gdpr_consent=&r=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D13%26external_user_id%3D%7Bamob_user_id%7D%26expiration%3D%5BEXPIRATI...
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
43 B
744 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8v4aVmIelFrBsT1w4b5hdp%2FIXIMebQSrSCll%2FpyshcN6tBk9IHDMwhuJT4TmNlKntKTMkRXd%2Boev%2FP0Py0%2BkKyNVe68XVx8X%2FiBr%2FUjXtal%2Bc%2FU9KiYBQtTdMMIV4%2FEC%2BmygvskXSgDwuA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acd9c9724c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=13&expiration=%5BEXPIRATION%5D&gdprConsent=
date
Fri, 17 Nov 2023 02:17:50 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
rum
dsum-sec.casalemedia.com/ Frame 4526
Redirect Chain
  • https://csync.loopme.me/?pubid=11466&redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01e3c4b5-cb8a-4b70-8d0a-a5a51be442e1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01e3c4b5-cb8a-4b70-8d0a-a5a51be442e1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CfMdedNg1GOqRyCAAQMQc7Ah%2Bbz1UgUba79MlXOzKSvEsAw9Wh6OVk3E9y%2Bm4INc1sSlEBMYpW18rQwFEXJN4QBeTwVE3YThKZTBh9ShKRVaexkO57EMIiu%2BvKJaXARBwFAWHkZGwuOwPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747acd9c9124c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=01e3c4b5-cb8a-4b70-8d0a-a5a51be442e1&gpp_sid=null&gpp=null&us_privacy=null&gdpr_consent=null&gdpr=null
date
Fri, 17 Nov 2023 02:17:50 GMT
server
_
content-length
0
crum
dsum.casalemedia.com/ Frame 4526
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7153318e-ef13-f12c-983a08a1
43 B
685 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7153318e-ef13-f12c-983a08a1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FlrBWke0C%2F6DyujFhIOesSnmVg3Qyi0LcUzQwt4EJWAlsFVdEn7vxXfr5UNPJJ9LlN3nyoFOhyBrLHTR51V56qCFem2MlxGeRcGABi20dZJybWRtRnsMOrnlNDhnCaxo%2FjaQQCQ6"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
82747ace3858021d-ZRH
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7153318e-ef13-f12c-983a08a1
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
sync
ads.servenobid.com/ Frame 4526 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame FAB1 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:50 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38314
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:24 GMT
csi
csi.gstatic.com/ Frame 08A7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lp1zpzx4&c=871759777855&slotId=435879888927.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ads.servenobid.com/ Frame 690A 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=1462351491961293065&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 690A
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&pubid=5679&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=d8c60c00-3f15-4955-a2e9-6affd0a8638a&gdpr_consent=null&gdpr=0
43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=d8c60c00-3f15-4955-a2e9-6affd0a8638a&gdpr_consent=null&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=124&partneruserid=d8c60c00-3f15-4955-a2e9-6affd0a8638a&gdpr_consent=null&gdpr=0
date
Fri, 17 Nov 2023 02:17:50 GMT
server
_
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 690A
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tEUeJrCRJv6f&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tEUeJrCRJv6f&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=tEUeJrCRJv6f&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-bhg7b
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 690A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8056414443070265019&gdpr=0&gdpr_consent=
43 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8056414443070265019&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=8056414443070265019&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame 690A
Redirect Chain
  • https://s.ad.smaato.net/c/?adExInit=sas&redir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D133%26partneruserid%3D$UID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=089dd50ff1
43 B
321 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=089dd50ff1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
185.86.139.102 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Fri, 17 Nov 2023 02:17:17 GMT
via
1.1 017ac0aeeb057314a9b1c06f8b97ba34.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
PRG50-C1
age
34
x-cache
Hit from cloudfront
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=133&partneruserid=089dd50ff1
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
WXEf6Zjo447sE1lEqBmVTddtMryKAQ00k-GU38UiKfoVQXPFMEX0Hg==
img
sync.mathtag.com/sync/ Frame FBF3 		43 B
443 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.29.134.248 , United Kingdom, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MT3 1075 283b7e3 master cdg cdg-pixel-x33 config_version:"3168" /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
MT3 1075 283b7e3 master cdg cdg-pixel-x33 config_version:"3168"
Content-Type
image/gif
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
43
Expires
Fri, 17 Nov 2023 02:17:49 GMT
generic
match.adsrvr.org/track/cmf/ Frame FBF3 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
onetag-sys.com/match/ Frame FBF3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=8d1c0658-9ff8-4dc1-b6b7-036b6bfac20e&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

location
//onetag-sys.com/match/?int_id=30&uid=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=&gdpr_consent=&us_privacy=
date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
/
onetag-sys.com/match/ Frame FBF3
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3679&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:50 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://onetag-sys.com/match/?int_id=3&uid=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187470422080-426
tap.php
pixel.rubiconproject.com/ Frame FBF3 		42 B
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=qrMQNml6E_9l7GWkT_kClJDDDK60OLMTQSltw7-gi30
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
711916.gif
id.rlcdn.com/ Frame FBF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711916.gif?ct=4&cv=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame FBF3 		0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=qrMQNml6E_9l7GWkT_kClJDDDK60OLMTQSltw7-gi30
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:50 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
truncated
/ 		427 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		415 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		414 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce

Request headers

accept-language
de-CH,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
PugMaster
image6.pubmatic.com/AdServer/ Frame 9D5B 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=24926808&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c22c371f5ffcb37a61d263b733e67a0b17a82600ed741346cfe9bcf8abe5f98d

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:49 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=4737946100709174159
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=4737946100709174159
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
an-x-request-uuid
4ccca220-cc12-44b9-b160-ec2ed89c426e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=4737946100709174159
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_89400654-75c1-425f-a342-bc63590ff0bf&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=gumgum2&bsw_custom_parameter=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=283&user_id=f1aa2d0b-5edb-4671-aaa2-1e693a443b8a&expires=1&user_group=5&ssp=gumgum2&bsw_param=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://usersync.gumgum.com/usersync?b=bsw&i=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&us_privacy=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=bsw&i=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
//usersync.gumgum.com/usersync?b=bsw&i=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&us_privacy=
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=099301e1-57d0-0ed9-30db-6d957ff5cc6e
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=099301e1-57d0-0ed9-30db-6d957ff5cc6e
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 17 Nov 2023 02:17:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=099301e1-57d0-0ed9-30db-6d957ff5cc6e
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-b3d87671-d6b5-5539-606c-6f7f648d5d3c$ip$185.195.71.214
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-b3d87671-d6b5-5539-606c-6f7f648d5d3c$ip$185.195.71.214
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-b3d87671-d6b5-5539-606c-6f7f648d5d3c$ip$185.195.71.214
Date
Fri, 17 Nov 2023 02:17:51 GMT
Connection
keep-alive
Content-Length
128
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-qlOXKKRE2pemFSzJ21lPfZnRkv3xUblXY3Lc~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-qlOXKKRE2pemFSzJ21lPfZnRkv3xUblXY3Lc~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Fri, 17 Nov 2023 02:17:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-qlOXKKRE2pemFSzJ21lPfZnRkv3xUblXY3Lc~A
content-length
0
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=5627b720-1bf6-48c7-b423-24932b8c0196
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=5627b720-1bf6-48c7-b423-24932b8c0196
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=5627b720-1bf6-48c7-b423-24932b8c0196
Date
Fri, 17 Nov 2023 02:17:51 GMT
Connection
keep-alive
X-CI-RTID
cfe20122-8925-4873-a9db-fdf1c39a2d6a
Content-Length
108
Content-Type
text/html; charset=utf-8
142
match.deepintent.com/usersync/ Frame A3A3 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_89400654-75c1-425f-a342-bc63590ff0bf&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://b1sync.zemanta.com/usersync/gumgum/?cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__&gdpr=0&gdpr_consent=&puid=e_89400654-75c1-425f-a342-bc63590ff0bf&s=2&us_privacy=...
  • https://usersync.gumgum.com/usersync?b=zem&i=tmjZSQ8uvO2ZnL4dOj3k&gdpr=0&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=tmjZSQ8uvO2ZnL4dOj3k&gdpr=0&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:52 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&i=tmjZSQ8uvO2ZnL4dOj3k&gdpr=0&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=tYujJOb4LABT&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=tYujJOb4LABT&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-CH
location
https://usersync.gumgum.com/usersync?b=pln&i=tYujJOb4LABT&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-qk6sm
expires
-1
usersync
usersync.gumgum.com/ Frame A3A3
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=1462351491961293065
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=1462351491961293065
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=1462351491961293065
date
Fri, 17 Nov 2023 02:17:50 GMT
content-length
0
sync
ads.servenobid.com/ Frame A3A3 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_89400654-75c1-425f-a342-bc63590ff0bf
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 9F45
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&gdpr_consent=&ismms2s=1&name=MinuteMedia&uid=a1aca1d7a7acd80e26595e82223f1e6f&url=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21502%2...
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b2fc29283591d7929729cb12e15c0169
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b2fc29283591d7929729cb12e15c0169
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
2_9KoScEYEbRXlAbetsK_fqHTOtBEPJSN14dqWoHdp6Tc8nXD_jXiA==

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
via
kong/2.8.4
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21502&id=b2fc29283591d7929729cb12e15c0169
x-kong-upstream-latency
2
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 9F45
Redirect Chain
  • https://u.openx.net/w/1.0/cm?gdpr=0&gdpr_consent=&id=29975467-6f1b-4e06-b545-920b22ea49b2&ismms2s=1&r=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21477%26id%3D
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=67f74795-0057-09db-2f38-648ff7a647cd
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=67f74795-0057-09db-2f38-648ff7a647cd
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
-uLMLe4oe2rONCidlTpztSJ5Zr2Q41N-IZSa2bj6SdLXfJE_7KP7Jg==

Redirect headers

date
Fri, 17 Nov 2023 02:17:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21477&id=67f74795-0057-09db-2f38-648ff7a647cd
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 9F45
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21492%26uid%3D&gdpr=0&gdpr_consent=&ismms2s=1
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
0
532 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
x-reason
missing buyer cookie sync value, buyer id: '21492'
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
content-type
application/javascript
access-control-allow-credentials
true
x-envoy-upstream-service-time
8
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
NTyk1Pku2GEd89d4Mr3gWvrbpLMreppP8c44-GudL82rusz23rKGjg==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21492&uid=&gdpr=0
date
Fri, 17 Nov 2023 02:17:50 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
cs
cs-rtb.minutemedia-prebid.com/ Frame 9F45
Redirect Chain
  • https://eb2.3lift.com/getuid?cmp_cs=&gdpr=0&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21480%26id%3D%24UID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4648383420934579754688
0
487 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4648383420934579754688
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
QRnhjBHT9FyBcvfoVEZJ_hFf_WXyj-hnpIb_THVjVozvNSXWsyP50Q==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21480&id=4648383420934579754688
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
pixel
ap.lijit.com/ Frame 9F45 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&ismms2s=1&redir=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21488%26id%3D%24UID
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 02:17:51 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap5ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
cs
cs-rtb.minutemedia-prebid.com/ Frame 9F45
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?gdpr=0&gdpr_consent=&ismms2s=1&p=161683&pu=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21482%26id%3D%23PMUID
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
0
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
rrnafSSFAvJDciKE3x7ETf5bVxOi0Z3QtHiEZJsnakBOUDEk66PYnw==

Redirect headers

location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21482&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
117
content-type
text/html; charset=utf-8
cs
cs-rtb.minutemedia-prebid.com/ Frame 9F45
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcs-rtb.minutemedia-prebid.com%2Fcs%3Faid%3D21476%26id%3D&ismms2s=1&s=196326
  • https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
0
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
2600:9000:223f:dc00:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
via
1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-P5
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-rtb.minutemedia-prebid.com/
x-cache
Miss from cloudfront
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0
x-amz-cf-id
Pcow2PzbmvYHGYYvYiW3zeOnIuhMJN8QYWZx67ZYJHg5PUBD-buXkQ==

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ULeG%2BosCNCdwjwRcKu3kfXPEcorm8jeSGK7%2BY0z5mCwL0s%2FoMvx%2FStLQJQWPc0tS4eH6LlRg4tVBNf1tHwdxQVQ8stBBwgWXYoXiRrO8u2xL2mQL6OK%2FPxv2XShXa5C1i7wu8qH9AB6KwA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cs-rtb.minutemedia-prebid.com/cs?aid=21476&id=ZVbNTlVsUjeTdTa5zO2UGQAA%261101
cache-control
no-cache
cf-ray
82747acdecf724c4-ZRH
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
sync
ads.servenobid.com/ Frame 9F45 		0
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=348&uid=5CzEnsz-kp_mm
Requested by
Host: cs-rtb.minutemedia-prebid.com
URL: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-rtb.minutemedia-prebid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
khaos.json
token.rubiconproject.com/ Frame FAB1 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP1ZPXH6-K-6UH9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
preload.jpg
c.bannerflow.net/accounts/soft2bet/64ccfefffe324ed6db6bacf4/published/5472384/7941679/ Frame 1824 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/accounts/soft2bet/64ccfefffe324ed6db6bacf4/published/5472384/7941679/preload.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c8aa2daf70c1aa630b7e121d252800ce1d93534ba888502d549f8c920b85505

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
HIT
content-md5
capsTpnHaFpTs4cXOuS9FA==
age
317315
content-length
19379
x-ms-lease-status
unlocked
cf-bgj
h2pri
last-modified
Mon, 13 Nov 2023 10:07:48 GMT
server
cloudflare
etag
"0x8DBE4306385BE49"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
63fc985b-801e-0031-6219-1634c0000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
accept-ranges
bytes
cf-ray
82747acdbfc3021d-ZRH
usersync
rtb.gumgum.com/ Frame 8774
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=1301&gdpr=0&gdpr_consent=
  • https://rtb.gumgum.com/usersync?b=adf&i=8056414443070265019&gdpr=0&gdpr_consent=
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=adf&i=8056414443070265019&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.171.158.15 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-158-15.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
-1
location
https://rtb.gumgum.com/usersync?b=adf&i=8056414443070265019&gdpr=0&gdpr_consent=
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pixel
cm.g.doubleclick.net/ Frame 75E2 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTQwMDY1NC03NWMxLTQyNWYtYTM0Mi1iYzYzNTkwZmYwYmY=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 Plainview, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
480_650.mp4
cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/ 		2 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidverto.io/secured2/L6QRjmrq_Lml72YpVqIZSg:1700191067/1327/video/1813/480_650.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
175.110.113.203 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
175-110-113-203.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=1048576-

Response headers

Date
Fri, 17 Nov 2023 02:17:51 GMT
Last-Modified
Thu, 02 Sep 2021 16:35:03 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"6130fd37-1069ee0"
Content-Type
video/mp4
Access-Control-Allow-Origin
*
Content-Range
bytes 1048576-17211103/17211104
Connection
keep-alive
Content-Length
16162528
sync
ads.servenobid.com/ Frame FAB1
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LP1ZPXH6-K-6UH9
  • https://ads.servenobid.com/sync?pid=323&uid=LP1ZPXH6-K-6UH9
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=LP1ZPXH6-K-6UH9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:52 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=LP1ZPXH6-K-6UH9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
b08401febecfa1b1a0c0270265f29df4
Expires
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 386E 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111744
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Sat, 18 Nov 2023 09:20:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 6702 		70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
server
Kestrel
drop_cookie_sw.php
csync.smilewanted.com/ Frame 67DE 		0
338 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ace3ad4bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding
/
c.bannerflow.net/tr/v2/pixel/ Frame 1824 		0
81 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/64d4e74a0a0c2639203489fe?did=5ced02fe0fd60d000186f5ac&deeplink=off&domain=https%3a%2f%2fwww.bg3.co%2f
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:ca6e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
82747ace385c021d-ZRH
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
cs
cs-server-s2s.yellowblue.io/ Frame B1FF
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=160295&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fcs-server-s2s.yellowblue.io%2Fcs%3Faid%3D11576%26id%3D%23PMUID
  • https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
0
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.211.177.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-177-173.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

location
https://cs-server-s2s.yellowblue.io/cs?aid=11576&id=57B59519-9B3E-4DB5-B42D-FDB697822B64
date
Fri, 17 Nov 2023 02:17:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
115
content-type
text/html; charset=utf-8
v1
match.sharethrough.com/universal/ Frame B1FF 		0
34 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=5926d422&gdpr=0&gdpr_consent=
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.136.60 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-136-60.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
cs
cs.yellowblue.io/ Frame B1FF
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3663&gdpr=0&gdpr_consent=
  • https://cs.yellowblue.io/cs?aid=11601&id=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.yellowblue.io/cs?aid=11601&id=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Server
54.171.40.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-171-40-33.eu-west-1.compute.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
server
istio-envoy
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
access-control-allow-origin
https://cs-server-s2s.yellowblue.io/
access-control-allow-credentials
true
x-envoy-upstream-service-time
0
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
content-length
0

Redirect headers

Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://cs.yellowblue.io/cs?aid=11601&id=a22d91ba4e30f9aaf86fe39e8716c80&gdpr_consent=&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1700187471000039-424
sync
ads.servenobid.com/ Frame B1FF 		0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=352&uid=iYrEns-zCp_s
Requested by
Host: cs-server-s2s.yellowblue.io
URL: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cs-server-s2s.yellowblue.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 4430
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZVbNTsCo5ucAAKRJxsQAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZVbNTsCo5ucAAKRJxsQAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 02:17:51 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Fri, 17 Nov 2023 02:17:51 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZVbNTsCo5ucAAKRJxsQAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
7
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40069.dc2p.scaleout.jp
X-SO-IP
185.195.71.214
X-SO-Key
ZVbNTsCo5ucAAKRJxsQAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"185.195.71.214","key":"ZVbNTsCo5ucAAKRJxsQAAAAA","privacy_sensitive":false,"uid":"ZVbNTsCo5ucAAKRJxsQAAAAA","upstream_id":"a-ad40069"}
X-SO-LB-Hostname
a-tgng40016.dc2p.scaleout.jp
X-SO-UID
ZVbNTsCo5ucAAKRJxsQAAAAA
X-SO-Upstream-ID
a-ad40069
usersync
usersync.gumgum.com/ Frame 9B68
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 02:17:51 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT Fri, 17 Nov 2023 02:17:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame C137
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 02:17:51 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
1462351491961293065
csync.smilewanted.com/set_partner_userid_get/smart/ Frame 3551
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]
  • https://sync.smartadserver.com/getuid?gdpr_consent=&nwid=2491&url=https://csync.smilewanted.com/set_partner_userid_get/smart/[sas_uid]&cklb=1
  • https://csync.smilewanted.com/set_partner_userid_get/smart/1462351491961293065
0
351 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/smart/1462351491961293065
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747acf1b42bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/smart/1462351491961293065
apn
ads.playground.xyz/usersync/ Frame 1C13
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:6ba86556-cd4f-4200-8b0e-8fe705485e4b&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
132 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
x-request-id
0f7bcf58-fb84-4ebf-a83f-49427aaa9142

Redirect headers

content-length
176
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usersync.aspx
dis.criteo.com/dis/ Frame 6ABB 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 02:17:50 GMT
expires
Fri, 17 Nov 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
191760
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame AAAC 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=57B59519-9B3E-4DB5-B42D-FDB697822B64&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.220.228.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 02:17:51 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
BXC06FEZVAC444810G10
/
onetag-sys.com/match/ Frame 8FD0
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=yIRxg53VcNfThSeAztVp0Z-JdYLT0nLWyNRFPvrx
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
0
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000

Redirect headers

content-length
157
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://onetag-sys.com/match/?int_id=114&gdpr=${GDPR}&gdpr_consent=${GDPR_STRING}&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn
ads.playground.xyz/usersync/ Frame 43D7
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4737946100709174159&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
260 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
x-request-id
79ab2057-5c72-4fea-9947-138ca877f954

Redirect headers

content-length
176
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
apn
ads.playground.xyz/usersync/ Frame 4A06
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7302249576431745170&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
122 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
x-request-id
049770c4-c634-4669-8452-76611929057d

Redirect headers

content-length
176
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 29B5
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=s9h2cda1VTlgbG9_ZI1dPLnDR9Y&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame C3AF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=&us_privacy=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_a8aedc7e-c331-4b0b-afa7-3daa19cf927d&bsw_param=c63acbb1-6fc6-4c18-b376-99f785c1f865&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=c63acbb1-6fc6-4c18-b376-99f785c1f865&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 36E5
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCVldFN0tyWnNBQUJUX0NETExVZw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AABVWE7KrZsAABT_CDLLUg&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=1462351491961293065&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AABVWE7KrZsAABT_CDLLUg&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D1462351491961293065%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=1462351491961293065&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AABVWE7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABVWE7KrZsAABT_CDLLUg&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
ImgSync
image8.pubmatic.com/AdServer/ Frame 948B
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU2f96dddf554d41b3a60c75381a33c525
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame 56E9
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
93 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/ Frame C425
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_con...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_...
85 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVbNTwAANlmrtQBU
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6929-MXP
x-timer
S1700187471.473673,VS0,VE96

Redirect headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=&_test=ZVbNTwAANlmrtQBU
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-mxp6929-MXP
x-timer
S1700187471.341654,VS0,VE95
bridge
cm.adgrx.com/ Frame C7D8 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
ImgSync
image8.pubmatic.com/AdServer/ Frame B99A
Redirect Chain
  • https://b1sync.zemanta.com/usersync/pubmatic/?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDMmdGw9MTI5NjAw&piggybackCookie=uid:&gdpr=0&gdpr_consent=&gdpr=0
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:50 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:50 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
apn
ads.playground.xyz/usersync/ Frame 58E9
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5144588527503405045
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
43 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.253.54 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
54.253.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
vary
Origin
via
1.1 google
x-powered-by
Express
x-request-id
08953c82-48d5-4f73-a58c-6bda29a34fe8

Redirect headers

content-length
176
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 76F1
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=3368826976765405468
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
cm
ipac.ctnsnet.com/int/ Frame 21E4 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
cookiesync
core.iprom.net/ Frame D163 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Fri, 17 Nov 2023 02:17:51 GMT
Vary
Accept-Encoding
X-adserver-worker
erebus-e2b9d31c96b2@version_1.576
X-core-time
0ms
X-server-arch
v2
pubmatic
ad.mrtnsvr.com/sync/ Frame D3B2 		0
0
usersyncsupply
cm-supply-web.gammaplatform.com/adx/ Frame 0A9C 		0
0
i.match
a.tribalfusion.com/ Frame A675 		43 B
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
82747acf1f59020d-ZRH
content-length
43
content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
ImgSync
image8.pubmatic.com/AdServer/ Frame 264F
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=6eb7c9e34844e193/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=45ba5fd87d0bacc1c844126b3cd53c8d&gdpr=0&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4OD...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UnhTjRnYWSWWnbRY&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
private,max-age=86400
date
Fri, 17 Nov 2023 02:17:51 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

cache-control
no-store, no-cache, private
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx
sync
ads.servenobid.com/ Frame 640C 		0
358 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.105.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-105-38.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 02:17:51 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9D5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=V7WVGZs-TbW0Lf22l4IrZA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
content-encoding
gzip
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=111744
accept-ranges
bytes
content-length
5622
expires
Sat, 18 Nov 2023 09:20:15 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame 9D5B
Redirect Chain
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=
  • https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=&ct=y
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=&ct=y
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
54.73.167.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-167-29.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.5.134
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=&ct=y
cache-control
no-cache
x-server
10.45.22.136
content-length
0
expires
0
cr
cr.frontend.weborama.fr/ Frame 9D5B
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1348151878
0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1348151878
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
34.111.129.221 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
221.129.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 02:17:51 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:50 GMT
via
1.1 google
last-modified
Fri, 17 Nov 2023 02:17:51 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=1348151878
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
p
a.audrte.com/ Frame 9D5B
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=MWk4UGJpLUg0dEhUU09mR1JscG5LeDZNZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=8056414443070265019&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
52.50.95.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-50-95-14.eu-west-1.compute.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:51 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Fri, 17 Nov 2023 02:17:51 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9D5B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8056414443070265019
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8056414443070265019
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=8056414443070265019
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 9D5B 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
server
Kestrel
content-length
70
content-type
image/gif
SPug
image4.pubmatic.com/AdServer/ Frame 9D5B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9mPEZeJE2uUKcXhhy2.691EMBAqeh3Q-~A&gdpr=0
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9mPEZeJE2uUKcXhhy2.691EMBAqeh3Q-~A&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:49 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-9mPEZeJE2uUKcXhhy2.691EMBAqeh3Q-~A&gdpr=0
date
Fri, 17 Nov 2023 02:17:51 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
57B59519-9B3E-4DB5-B42D-FDB697822B64
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 9D5B 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/57B59519-9B3E-4DB5-B42D-FDB697822B64?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3601:a431:4595:7531:b100 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ImgSync
image8.pubmatic.com/AdServer/ Frame 9D5B
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=7a3481c2-8c4c-450b-88dc-baf27b3924a1-6556cd4f-4348&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ImgSync
image8.pubmatic.com/AdServer/ Frame 9D5B
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=2cd6387bc6551594&is_secure=true&networkId=17100&version=1&nuid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAI2Tx43FFO5ANtPlSIAAAAAAA&expiration=1700273871&nuid=57B59519-9B3E-4DB5-B42D-FDB697822B64&...
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Pug
simage2.pubmatic.com/AdServer/ Frame 9D5B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8247147485242101939&gdpr=0&gdpr_consent=&us_privacy=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8247147485242101939&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8247147485242101939&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 9D5B
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:580f256b-7549-4866-a3ff-f5f33824c571&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
113 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:580f256b-7549-4866-a3ff-f5f33824c571&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:580f256b-7549-4866-a3ff-f5f33824c571&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 17 Nov 2023 02:17:51 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
4737946100709174159
csync.smilewanted.com/set_partner_userid_get/appnexus/ Frame 60C4
Redirect Chain
  • https://secure.adnxs.com/getuid?https://csync.smilewanted.com/set_partner_userid_get/appnexus/$UID
  • https://csync.smilewanted.com/set_partner_userid_get/appnexus/4737946100709174159
0
409 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/appnexus/4737946100709174159
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747acfeb81bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
56029c35-56fe-49fb-9380-e6f46de5fad7
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/appnexus/4737946100709174159
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame C137 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.149.233 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a95-101-149-233.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 02:17:51 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Nov 2023 12:56:28 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=38313
Connection
keep-alive
Content-Length
13230
Expires
Fri, 17 Nov 2023 12:56:24 GMT
LP1ZPXH6-K-6UH9
csync.smilewanted.com/set_partner_userid_get/rubicon/ Frame E028
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-smilewanted&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP1ZPXH6-K-6UH9?gdpr=0
0
406 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP1ZPXH6-K-6UH9?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747acfeb84bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
Expires
0
Location
https://csync.smilewanted.com/set_partner_userid_get/rubicon/LP1ZPXH6-K-6UH9?gdpr=0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
content-length
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 6993 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=111744
content-encoding
gzip
content-length
5622
content-type
text/html
date
Fri, 17 Nov 2023 02:17:51 GMT
expires
Sat, 18 Nov 2023 09:20:15 GMT
last-modified
Thu, 16 Nov 2023 09:11:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
3e2855c3-1a4d-48fe-9339-f98ac41a9459&partner_id=1010
csync.smilewanted.com/set_partner_userid_get/improve/ Frame 97EE
Redirect Chain
  • https://ice.360yield.com/server_match?r=https://csync.smilewanted.com/set_partner_userid_get/improve/{PUB_USER_ID}&partner_id=1010
  • https://csync.smilewanted.com/set_partner_userid_get/improve/3e2855c3-1a4d-48fe-9339-f98ac41a9459&partner_id=1010
0
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/improve/3e2855c3-1a4d-48fe-9339-f98ac41a9459&partner_id=1010
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ad08bc4bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/improve/3e2855c3-1a4d-48fe-9339-f98ac41a9459&partner_id=1010
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
csi
csi.gstatic.com/ Frame 08A7 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lp1zq0h5&c=871759777855&slotId=435879888927.5&ghmsh_eids=44770822%2C44772139%2C44777649%2C44781409%2C44797014%2C44802074%2C44802463%2C44804291%2C44804616
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.605.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4002:c05::5e Atlanta, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
5be46707-4fa0-0811-11d5-ba94c919655a
csync.smilewanted.com/set_partner_userid_get/openx/ Frame C6B6
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=158474f5-20ec-4fcc-8ba8-4c101c556b25&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fopenx%2F
  • https://csync.smilewanted.com/set_partner_userid_get/openx/5be46707-4fa0-0811-11d5-ba94c919655a
0
466 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/openx/5be46707-4fa0-0811-11d5-ba94c919655a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ad08bc7bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
0
content-type
text/html
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/openx/5be46707-4fa0-0811-11d5-ba94c919655a
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
generate_204
tpc.googlesyndication.com/ Frame 1A6D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vbBdIw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
khaos.json
token.rubiconproject.com/ Frame C137 		7 B
777 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?khaos=LP1ZPXH6-K-6UH9
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
aca6c52e983509e86b136a052e19be23
Expires
0
pixel
ap.lijit.com/ Frame C6D5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.48 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Fri, 17 Nov 2023 02:17:51 GMT
X-Sovrn-Pod
ad_ap5ams1
8056414443070265019
csync.smilewanted.com/set_partner_userid_get/adform/ Frame E222
Redirect Chain
  • https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
  • https://csync.smilewanted.com/set_partner_userid_get/adform/8056414443070265019
0
551 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/adform/8056414443070265019
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ad1bc53bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/plain
date
Fri, 17 Nov 2023 02:17:51 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/adform/8056414443070265019
server
nginx
VideoBidRequestHandlerServlet
wf.taboola.com/ 		2 KB
771 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700187471504&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=2&pv=1573&pt=466946127&tz=60&viewable=true&ddast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

x-cache-hits
0
date
Fri, 17 Nov 2023 02:17:51 GMT
content-encoding
gzip
via
1.1 varnish
machineid
1407
x-cache
MISS
x-served-by
cache-mxp6947-MXP
pragma
no-cache
server
nginx
x-timer
S1700187472.514153,VS0,VE54
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
accept-ranges
bytes
expires
Sat, 26 Jul 1997 05:00:00 GMT
/
csync.smilewanted.com/set_partner_userid_get/outbrain/ Frame CCBD
Redirect Chain
  • https://b1sync.zemanta.com/usersync/smilewanted?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Foutbrain%2F__ZUID__
  • https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
0
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ad1bc51bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Content-Length
92
Content-Type
text/html; charset=utf-8
Date
Fri, 17 Nov 2023 02:17:51 GMT
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/outbrain/?gdpr=0
Pragma
no-cache
usersync
usersync.gumgum.com/ Frame C137
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LP1ZPXH6-K-6UH9
  • https://usersync.gumgum.com/usersync?b=mag&i=LP1ZPXH6-K-6UH9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=LP1ZPXH6-K-6UH9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Fri, 17 Nov 2023 02:17:51 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=LP1ZPXH6-K-6UH9
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
e8e3ec71b160ae7345e4e302cc752a77
Expires
0
RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c
csync.smilewanted.com/set_partner_userid_get/rtbhouse/ Frame F66C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=smilewanted
  • https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c?pi=smilewanted
0
565 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c?pi=smilewanted
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ad16c17bb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:51 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Fri, 17 Nov 2023 02:17:51 GMT Fri, 17 Nov 2023 02:17:51 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/rtbhouse/RYElfCl1o-aImCD9ptJ87m9QuP18Y7GWwoXp-Zfn76c?pi=smilewanted
pragma
no-cache
sodar
pagead2.googlesyndication.com/pagead/ Frame 14C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202311130101&jk=412989719541503&bg=!NDelN3jNAAZxrfrxUa07ADQBe5WfONahKEUbdEWj5YOPdH1FU1d2xAnJ4EIw7H2I7BB8tatDuroKe7gvqFtGb54R578vAgAABKlSAAAAA2gBB5kCzMephkQQAvhc0px7u801O9KMkpv2ch9sao4IkppAHpIoglygVCl8agtmWB18Fl6IPeUmvJNfohUoIW33FKJ-Cbxf7WDmbVFp9m7hN5gUVMYMLZ9Nbd6anGu3DZqwgpYiqoVrYqgVeCuFTpdHL8kZLcvFdqd5Twbes-OmELI_VsTN9JEOskdsBT5yy1KKCAzygrYiJtK9Wq9ftVp9GIhRAaEEZRep9ah1ShbSG7WwFfVckvsOPK_D3gDFFKhzn_GVjdScOzfqgLYB78yb7n_h2dcbsD_atEpzhgF998eug8vnDFis6KPBH1gJZFYj6CuP9SBFzPd0WnZLXXRVCLHp-WFO0cHB8KrPPVFLOJbb5vNKju60q8Bs1A0lJFR6Bw0Q5csx3kZdsC9UP9bYjaeC4Lyn1QtVmcLAa6fxT8seRoykgnBtFHtMjZjEM7VE9mSGOuojuA9ABn4Xtwnyds8rgXF70PIypPHaquvJkPINqNgur79FdRLVIFr4Tfv_cyMTesfWqBH_XdZkbsAYBWswhwOo3wpltWIP0mrte8hrxoj58cn5OY3Q0cnkd39zCP0ngkiKK9oM9K_fz-SzHr3kdcPcbubZH6Ce033rK8635Btx0j7dSXQ4PCIMatvhctZI6gfR4TDQIKUK5CCyd4Kt_-00OZeWQMHOuF12iXiNjuLDxqh-K8TCHWQuYegp0xWj2Ao25DAgpqEboWYonl8KzXRI5VY-EGISY26A0baSOFpiGEPykNRbXMXSohYiVkcV3uKLCJPzioBd1jHm8x1gzfg7is10wOyC1ttytw6kET4LRPbCkrcPd0Y32drIQ6Ga6QThcoH4GnZiwjZXIljik8PRD54xbG6zUs3Q6K2y450CRfM7UeIyxidzd5Gxc6abC8alTYl0Rb6aAucuadVPN8M15YetTXiD7fm5k7FzvLHFkFwnxT61v1E3KMqw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ping
onetag-sys.com/v2/ Frame 5769 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=Ouiu5FKJ8yF1c7NdmgO00DgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iAtKm4trEux5PaaamVLWQCnYR9pZ-6Z9X4iN99rP02vEL_i9tKHU-3dmg3bgk9k4CA1rp9j_Ixmu7wWSGAjAoFQapmwWyO1p0zR2lJn8Kr2EJaCSqjAIDpz1-TKMbETLeTmJk-7dgMVy3NQi-RUSCUB0eRx40WcytbcD-VQsMFJyMPs3zUcpj5lcK_3Qr554wmxuHCjFXuN3fs0AiWSeuVKVhsl5d-4CzmFc78bgjilV3ElRz3JbbAgmrl_3oKufA910jKHgEKeVKXglQcchh-c_wAd8rnM6KC8lbvNq5HmCXUoxGbU9boTiJsXydONO5eOWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEiey43V3aY2CZ8_CKPPKGLyys_4yj0iC_elcwEXBByNvEhc7hCbp7PetDY0h3dII4XbUjNOOQwMl2jUlWJul-K_X3hkQ9n0ukmP3RoJYY69pcEnZ5HZskTzM6iyRcsjCY4oxcNi3AFgUVInOGbRFcXtI_QHNGbR0HdTuxQfHwb3Crlp-9_iPK1DlDSQZSoLt39lvk1TGqkTd9flSereQF4I&event=6&price=&click=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
ping
onetag-sys.com/v2/ Frame 5769 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=Ouiu5FKJ8yF1c7NdmgO00DgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iAtKm4trEux5PaaamVLWQCnYR9pZ-6Z9X4iN99rP02vEL_i9tKHU-3dmg3bgk9k4CA1rp9j_Ixmu7wWSGAjAoFQapmwWyO1p0zR2lJn8Kr2EJaCSqjAIDpz1-TKMbETLeTmJk-7dgMVy3NQi-RUSCUB0eRx40WcytbcD-VQsMFJyMPs3zUcpj5lcK_3Qr554wmxuHCjFXuN3fs0AiWSeuVKVhsl5d-4CzmFc78bgjilV3ElRz3JbbAgmrl_3oKufA910jKHgEKeVKXglQcchh-c_wAd8rnM6KC8lbvNq5HmCXUoxGbU9boTiJsXydONO5eOWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEiey43V3aY2CZ8_CKPPKGLyys_4yj0iC_elcwEXBByNvEhc7hCbp7PetDY0h3dII4XbUjNOOQwMl2jUlWJul-K_X3hkQ9n0ukmP3RoJYY69pcEnZ5HZskTzM6iyRcsjCY4oxcNi3AFgUVInOGbRFcXtI_QHNGbR0HdTuxQfHwb3Crlp-9_iPK1DlDSQZSoLt39lvk1TGqkTd9flSereQF4I&event=601&price=&click=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
async_usersync
ib.adnxs.com/ Frame D85F 		0
596 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:51 GMT
an-x-request-uuid
28f69047-ba06-417b-bb37-589ec54ae046
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
185.195.71.214; 185.195.71.214; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 6B52 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=3321110143345705&bg=!BQalBknNAAZxrfrxUa07ADQBe5WfOEcjp9Ety375pasTRqOKN43xJtVFdJ_BZO1aVvAzTH1jL3-Oof2TdZwWAL_nZszpAgAAAm1SAAAADGgBB5kCy8f24KjLEUCQvrVbBgdtGnOcwWUIAqp3R1uIDKs4_ECuPcmF-it0Voq6Pn9PbE-VR1dvpOqDPIEZFa83hGnYtMYa1gDT1QCKHhAZRIpcm1Y4hqSV99vrtTKpPqMGxhfGgMIEX7iDZKHS2c0eDEDuaav93L48MPJq9bFhCbfW0q4sPYwfPj4nhYWCptbNIr8zSc34cW8SG7jh7XE_5iGFlPD2I4oDSvkVTVsT2xPKVQX8d6uVAsFOGqeRehpDFz93drn3uT76782RUWV4s4q3UMa0SRY0p8F6fOHZcLfNBWEGTdi16CrOYB-5H03OPGFUwfmI_j-WjvpXrbPHg28KTIyWZWGIJzfRSujGyxOVL-nfIWzd16XNQLpojV1Jnt8tHXY-ymYWhbP2KTUamae_FFEgLoC5T0zGIHsTqqJ1w2RecDXRVrz-OUlPVwPAOZJgk0Mqm8PNEB_17HAk8PJJ8lDCHeVyYxcttQTp23npM94FeTYHG6dXG0e7QUEv1ynza5Yl7oQfqU6ZTk5v0dWEqXVeyLrphxyyUa8eOrxXtPOf7QXRwDxOu7iSnNzbXz4Z8mr-SvWO9dDRP-iAFJru4ZqdwqmRW4l0WUyTkIAdiKoLEZ0kQEJ5Vy_pqonM0bBjUWsT6xRFstBU3M8a3cZHw1IxtavMHe2Fx5ezpKAjRAswbLQspe6tq-z6aL3DDrZUFVXNRsor9dYCJy7cEI90IIk8xuh9MxkNMX-v89DPmQBtdVp6Ze4RVN4sIGJNiSNwjVIvVacCFdtM_PLqvuexwlYy3Ze2UkGrUN1m6nlPeX7r_BJSuANV7fmkjI6nzQIKDYHCEzInDnYkFxsSYtjSyx9AOnR37-WzMfqb7dil-dprzodwCXlJGwTJ69Cw5i_PUnhQluonKGceuTQ7r60IW_WSn0Vjd_ws0MIO5SfcEtZTRwsXbL51PQ3qG5A
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
track.adform.net/Serving/Event/ Frame 4AFF 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/Event/?bn=68934215&event=178&time=3&baid=60079247&name=Viewable%20impressions&imprid=296177362120129650&icid=6535013672049341254&eData=D5E_tWVTeCWVgxhfX-AQl6lE__Wz8u8NYaJU2uM20NmIrFs6TBBmRDYq-7S3T8wpYORBOrP-N5sMivgtBkCkE_oSj0VGFIp30&rtbdata=7DbHNZOADPMkiihX5kNFVoXez6eLNW-0OJKoQJUx2uJw8X_nXpLcAz0xCH2F6faorY8RVAN9qua-MjQBwZA8AZlkfych4hZI9VbzYw3tmzoRG8Udr5QthkDImt_HtNOPh3We0jJGV5qwjkiUKzWr_qNbgncvGEMzA5fvV1tEmN2GuRILowUinv1FdGEsPY0FhKfLR9fMePs6Dc52AkXqhErOnMgV_YxgqFj_MmnWuft-0MibOKb_GQNxwRPY59cv4y_r6hn3aDtuT-ryQOXLN3_XlG5eTbO8_XgkX7hLg9O-fzNIFX41vnnnJkg_7xmmz2J9eJPJUCEESa9igJtXFi9I0p5NKLY-oWEZmgnhHCtfeyRB5ph3TkHhIpkoas3H0&rtbwp=0.23027-gF_8qNFipQl974ntkw9gNkkG8BPrwfhX0&rnd=497576739
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
/
track.adform.net/serving/unload/ Frame 4AFF 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6535013672049341254@@68934215,296177362120129650,100|1083|0|0|0|0|0|0|0||42|0|||||1|0|0|CaDS3yer_NSoMC9hkrxj6TLEFHTyb26uy0x4TRY-zTdGwXDDSp_MAY76hc51YuM1FLKM_daRVTxo4kOyoBiwbg2|||11|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
SPug
simage4.pubmatic.com/AdServer/ Frame 9D5B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
onetag-sys.com/analytics/ Frame 5769 		0
226 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/analytics/
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/static/BannerAdBannerPlacement.js?v=0.3.25
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.bg3.co
strict-transport-security
max-age=15552000
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Origin, Referer, User-Agent, x-ak-clientip
content-length
0
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700187473938&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=3&pv=1573&pt=466946127&tz=60&viewable=true&ddast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=0&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vD&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:54 GMT
content-encoding
gzip
server
nginx
machineid
1412
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=45je3b81v886690812&_p=1700187466162&gcd=11l1l1l1l1&dma=0&cid=1707958932.1700187467&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1700187469&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fhong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html&dt=%E7%B4%85%E5%96%AE%E7%82%92%E4%BD%9C%E6%83%B9%E5%85%AC%E9%83%A8%E9%96%80%E3%80%8C%E5%8B%95%E6%89%8B%E3%80%8D%EF%BC%9F%E3%80%80%E8%8A%B1%E6%95%AC%E7%BE%A3%E4%B8%80%E5%8F%A5%E8%A9%B1%E7%9B%AF%E4%B8%8A%E6%88%BF%E5%B8%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=5&tfd=10539
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 9D5B 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=65248719&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0adaf9d3174537c125cc1567267c06f95d15a3d7b23450d19500017c89c12377

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 02:17:52 GMT
content-length
1151
content-type
text/html; charset=UTF-8
cmOsUnit.css
vidstat.taboola.com/vpaid/units/33_5_8/assets/css/ 		60 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/assets/css/cmOsUnit.css
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031478
date
Fri, 17 Nov 2023 02:17:54 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
8M4D1F1RRSRT07RS
age
155933
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031478
x-amz-meta-mode
33188
content-length
7924
x-amz-id-2
FhWrY4DCWF+23GvAAL/dA2ol2qD3GiBIlrKDE88hLOqklDY8q1Xi0tG8ixQTGDiJesCoyIpAUy4=
x-served-by
cache-mxp6947-MXP
last-modified
Wed, 15 Nov 2023 06:57:59 GMT
server
AmazonS3-br
x-timer
S1700187474.119310,VS0,VE0
etag
"a6067988de416f653559cce5285c7c1b"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
75687
cmTagFEED_MANAGER.js
vidstat.taboola.com/vpaid/units/33_5_8/infra/ 		604 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700031467
date
Fri, 17 Nov 2023 02:17:54 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
XXQSBGZ3KHXNPPRM
age
155929
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700031468
x-amz-meta-mode
33188
content-length
123398
x-amz-id-2
oc65rKHf/4A2XXM35luw3pVlvwg8N7scNOV/IGWmQ0pivxH3ZGWO2cqinOc+eI2RvASE7QY/rhQ=
x-served-by
cache-mxp6923-MXP
last-modified
Wed, 15 Nov 2023 06:57:49 GMT
server
AmazonS3-br
x-timer
S1700187474.119333,VS0,VE0
etag
"e8023cd27890386539e680dcc790152c"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
61778
match
c1.adform.net/serving/cookie/ Frame DC44 		35 B
591 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:54 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
pub
matching.truffle.bid/sync/ Frame C0DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.88.86.2 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.2.86.88.23.clients.your-server.de
Software
nginx/1.23.1 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Connection
keep-alive
Date
Fri, 17 Nov 2023 02:17:54 GMT
Server
nginx/1.23.1
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame B3B4
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:71E1AB8744644695805E27A511A92768&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:71E1AB8744644695805E27A511A92768&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Fri, 17 Nov 2023 02:17:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Fri, 17 Nov 2023 02:17:54 GMT
expires
Thu, 16 Nov 2023 02:17:54 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:71E1AB8744644695805E27A511A92768&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame BDA4
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4268733715
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4268733715
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Fri, 17 Nov 2023 02:17:54 GMT
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Fri, 17 Nov 2023 02:17:54 GMT
etag
RX9f02e5dd827d4dc0bffeb877fead070c003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4268733715
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
sync
ads.servenobid.com/ Frame D5B2 		0
0
mw
mwzeom.zeotap.com/ Frame 9D5B 		95 B
439 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
82747ae1ae740d57-MXP
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 9D5B
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=57B59519-9B3E-4DB5-B42D-FDB697822B64&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=57B59519-9B3E-4DB5-B42D-FDB697822B64&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=57B59519-9B3E-4DB5-B42D-FDB697822B64&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
HTTP/1.1
Server
77.243.51.122 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:58 GMT
frontend-id
9
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:58 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=57B59519-9B3E-4DB5-B42D-FDB697822B64&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 9D5B
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=57B59519-9B3E-4DB5-B42D-FDB697822B64&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 386E 		47 B
222 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=86466492&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Fri, 17 Nov 2023 02:17:52 GMT
content-length
47
content-type
text/html; charset=UTF-8
content_v3.js
vidstat.taboola.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/content_v3.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
via
1.1 46c9f6285b432bb7ca825d1b5670a6b0.cloudfront.net (CloudFront), 1.1 varnish
content-encoding
gzip
x-amz-cf-pop
MXP64-C1
age
2736248
x-cache
Hit from cloudfront, HIT
content-length
4839
x-served-by
cache-mxp6947-MXP
last-modified
Wed, 20 Jul 2022 13:23:50 GMT
server
AmazonS3
x-timer
S1700187474.273882,VS0,VE0
etag
"f7533e747bb02a8eb527ada4f2749620"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
GYJJg7cHa9StY_p8FziuGzT8rJ8lRYh0JE2SiZPd1FnWWMlxlyRlkA==
x-cache-hits
37586
OvaMediaPlayer.js
vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/ 		427 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vidstat.taboola.com/vpaid/vPlayer/player/v15.7.3/OvaMediaPlayer.js
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-meta-mtime
1700123877
date
Fri, 17 Nov 2023 02:17:54 GMT
via
1.1 varnish
content-encoding
br
x-amz-request-id
3G5B3DGRM2H4ZWEF
age
63555
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-meta-ctime
1700123890
x-amz-meta-mode
33188
content-length
81612
x-amz-id-2
fNtZEL7M1RwVcc7hlPH7puHBAF+aad+AZHcu2fNanHjwwBCnM+LvMtm7CKmegcmUABffyJHXXY4=
x-served-by
cache-mxp6923-MXP
last-modified
Thu, 16 Nov 2023 08:38:11 GMT
server
AmazonS3-br
x-timer
S1700187474.297135,VS0,VE0
etag
"3d881848170c7ab7d2916771d7b9012f"
x-amz-meta-uid
0
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS, HEAD
x-amz-meta-gid
0
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-cache-hits
37051
sync
am-match.taboola.com/ Frame E156 		439 B
533 B 		Document
General
Check archive.org
Download Go to
Full URL
https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/33_5_8/infra/cmTagFEED_MANAGER.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
f640ec00f2e66af347985a9fdb0ee5491b0056722c3e5068afce562c4439a6ab

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

content-type
text/html;charset=ISO-8859-1
date
Fri, 17 Nov 2023 02:17:54 GMT
machineid
3407
server
nginx
st
am-vid-events.taboola.com/ 		0
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=16&cisd=convusmp&cipid=66361655&crid=-1&dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&cmcv=&pix=31579697&cb=1700187474290&uv=3358&tms=1700187474290&su=3&abt=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vG&ft=0&unm=FEED_MANAGER&su=3&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
content-length
0
server
nginx
blackScreen5.mp4
vidstatb.taboola.com/vid/ 		89 KB
89 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://vidstatb.taboola.com/vid/blackScreen5.mp4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66

Request headers

Referer
https://www.bg3.co/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

x-amz-meta-mtime
1497790207
date
Fri, 17 Nov 2023 02:17:54 GMT
via
1.1 3bbd9c639a192694d597e09ea3006bce.cloudfront.net (CloudFront), 1.1 varnish
x-amz-cf-pop
MXP53-P3
age
2739034
x-cache
Hit from cloudfront, HIT
Content-Range
bytes 0-90783/90784
x-amz-meta-mode
33188
Content-Length
90784
x-served-by
cache-mxp6947-MXP
last-modified
Sun, 02 Jul 2017 20:40:57 GMT
server
AmazonS3
x-timer
S1700187474.355777,VS0,VE0
etag
"b2b087fe4ae638c533731c347fcd4df8"
x-amz-meta-uid
0
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
video/mp4
x-amz-meta-gid
0
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
access-control-allow-headers
*
x-amz-cf-id
rwv7OLZdAtEftvukpuYs4xNlsLRSkpDbrV3q9Gctrh9YYok5D3MY9Q==
x-cache-hits
291794
usersync
usersync.gumgum.com/ Frame 2EF2 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 02:17:54 GMT
Expires
0
Pragma
no-cache
WD31WDHLbVYOezhGjc1tS1bNvZihXV8LGmuglYBb7MzCE83juHX1AEsfGC639nJGqYNDA22z1XRn%2B%2B%2BHD2SGOS68cIKj%2Fa2XqjnBWzvQJKcrOUpftGgLsc0N5ato1q5XfFQrNJFuKCjlOZh1LTaDHrTTxNQGOMwgbd9LQQsIapXvmrpZbxEQQFt2rnmdw...
ad.vidverto.io/delivery/v2/content/tracking/progress/1813/ 		50 B
50 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.vidverto.io/delivery/v2/content/tracking/progress/1813/WD31WDHLbVYOezhGjc1tS1bNvZihXV8LGmuglYBb7MzCE83juHX1AEsfGC639nJGqYNDA22z1XRn%2B%2B%2BHD2SGOS68cIKj%2Fa2XqjnBWzvQJKcrOUpftGgLsc0N5ato1q5XfFQrNJFuKCjlOZh1LTaDHrTTxNQGOMwgbd9LQQsIapXvmrpZbxEQQFt2rnmdwyHgP05tz59CJf%2FkbPV1ZY0ziA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.165.240.175 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-240-175.hosted-by-worldstream.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
content-encoding
gzip
server
nginx/1.14.0 (Ubuntu)
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
generic
match.adsrvr.org/track/cmf/ Frame E156 		70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
server
Kestrel
content-length
70
content-type
image/gif
/
sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/ Frame E156
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/taboola/99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb?gdpr=1&us_privacy=1---
  • https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
27062

Redirect headers

date
Fri, 17 Nov 2023 02:17:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://sync.taboola.com/sg/yahoodsprtb-network/1/rtb-h/?taboola_hm=y-kTaJKFhE2oSylqd9iOwZsSnTW2_zZRemnEGEhQ--~A
content-length
0
sync
ups.analytics.yahoo.com/ups/58785/ Frame E156 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58785/sync?redir=true&gdpr=1&us_privacy=1---
Requested by
Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&excid=22&docw=0&cijs=1&nlb=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.87 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://am-match.taboola.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.87
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
57B59519-9B3E-4DB5-B42D-FDB697822B64
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 5C6C 		0
623 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ae3bacbbb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:54 GMT
server
cloudflare
vary
Accept-Encoding
57B59519-9B3E-4DB5-B42D-FDB697822B64
csync.smilewanted.com/set_partner_userid_get/pubmatic/ Frame 7138 		0
81 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/pubmatic/57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158810&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fpubmatic%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.22.68.131 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
82747ae47afdbb20-MXP
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 02:17:54 GMT
server
cloudflare
vary
Accept-Encoding
/
track.adform.net/serving/unload/ Frame 4AFF 		35 B
589 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/unload/?version=15&unload=6535013672049341254@@68934215,296177362120129650,100|3777|0|0|0|0|0|0|0||148|0|||||1|0|0|CaDS3yer_NSoMC9hkrxj6TLEFHTyb26uy0x4TRY-zTdGwXDDSp_MAY76hc51YuM1FLKM_daRVTxo4kOyoBiwbg2|||01|0|0|0|
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/630/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.84 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET, POST
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires
-1
ping
onetag-sys.com/v2/ Frame 5769 		0
77 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/v2/ping?data=Ouiu5FKJ8yF1c7NdmgO00DgAVncGfx-14jkcO653PkXy_UYQgaiTEURJwsWliy6p_LGVfJqaiaPUkP6SIaa_iAtKm4trEux5PaaamVLWQCnYR9pZ-6Z9X4iN99rP02vEL_i9tKHU-3dmg3bgk9k4CA1rp9j_Ixmu7wWSGAjAoFQapmwWyO1p0zR2lJn8Kr2EJaCSqjAIDpz1-TKMbETLeTmJk-7dgMVy3NQi-RUSCUB0eRx40WcytbcD-VQsMFJyMPs3zUcpj5lcK_3Qr554wmxuHCjFXuN3fs0AiWSeuVKVhsl5d-4CzmFc78bgjilV3ElRz3JbbAgmrl_3oKufA910jKHgEKeVKXglQcchh-c_wAd8rnM6KC8lbvNq5HmCXUoxGbU9boTiJsXydONO5eOWbwjUjIY4dkqVkaVtBuNizcWCUBsp-anugRJ09lpa8utZWN0uIQMyidblFzkxEiey43V3aY2CZ8_CKPPKGLyys_4yj0iC_elcwEXBByNvEhc7hCbp7PetDY0h3dII4XbUjNOOQwMl2jUlWJul-K_X3hkQ9n0ukmP3RoJYY69pcEnZ5HZskTzM6iyRcsjCY4oxcNi3AFgUVInOGbRFcXtI_QHNGbR0HdTuxQfHwb3Crlp-9_iPK1DlDSQZSoLt39lvk1TGqkTd9flSereQF4I&event=569&price=&click=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/hong-dan-chao-zuo-re-gong-bu-men-dong-shou-hua-jing-qun-yi-ju-hua-cheng-shang-fang-shi.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
visible
trc.taboola.com/palmate-bg3co/log/3/ 		0
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/palmate-bg3co/log/3/visible?tvi2=13726&tvi48=10143&tvi50=11103&route=AM%3AIL%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231116-8-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
84
date
Fri, 17 Nov 2023 02:17:55 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
80519
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-mxp6947-MXP
pragma
no-cache
server
nginx
x-timer
S1700187476.827653,VS0,VE84
content-type
image/gif
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
SPug
simage4.pubmatic.com/AdServer/ Frame 9D5B 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-CH,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
VideoBidRequestHandlerServlet
am-wf.taboola.com/ 		2 KB
797 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-wf.taboola.com/VideoBidRequestHandlerServlet?oid=15&width=700&height=393&pubid=169497&tagid=953497&crid=-1&noaop=3&sortOrderType=0&cb=1700187476687&mimes=5,10,11,12&isvideo=0&plmd=2&mindur=1&maxdur=210&minbr=1&maxbr=10000&st=0&seq=4&pv=1573&pt=-2099488267&tz=60&viewable=true&ddast=V8ui8CLAbAEPEdo_0_WhCAIeI7Rvt_tCgAAABgYID-AAktnBuPb7Zyy4ar0Vq0sQ3WEsvCuVYYBjPTZGbZWHyrISChhXPj8c1WbtlwNVqLNrbBWmJZONcKw2BmmswsG4tvNQUZxnKZDGqBhGX2-w4KyunpMbsMMpbL5AZwaDodPte9Xvf73SU-z1zj9yv8Qr_d5xY57G6N0eF3S19_t-Tl1vntPrfE9Va77G6R3-5za45-11voerilTrvPrXjd3cqnW-p6C10Pt8bosvvcmqPD7nPLHHafW3N02oWmt9kOAAAAAB78____QwAAAACIAAAAACABAAAAgEJAhX8LAhcAAAAAMPz___9rAHjmkICuu8tucVl-_gAAAAAAAgAAAIAEAAL6YQmAGOO9E___________MQboM29k_P___98w6AHw4APgQQgAAMDHECDIt8Y2lxQMIgWvRRgBAAAAyB0-sj4ySSeoWFT5___vtwJwBQAgYHE7wh0ji-6gxFsYAAAAgTEL9LD4_WaHXeN3u8z_________v5n_M_9ohHhwpdIEGYQjqfkFBABY8wsIAMBG3QAAvAmAE3QIWjEYrE5AzA4AAADAnf___389ILFwWAwj02a3Ww52E9fK5RgtlqPVcjUbDmabxcZ7sB5GP-Ul9Bj7bAjL7PcdFJTT02N2GWQsl8kgPmgYlpNBMD8TthitJpPNcjhbLiaD4Wg4Gu2PAC4HaCIGy-VkspjsVqPVaDPcjWaDBRKIwQRRtGgwWY1Gk8VkuBpNVrPlYrfbIIpWrWajzWC4mk1mu91qOBguRyM0YYvRajLZLIez5WIyGI6Go9EQweRy5VpYnDO3xOGZuEWD2catMHmGa4ltZRgsJsbNbGRci14f08c1WE02Fi8SDLDbi-RpkU4Es9FsNVi5PIvVzDNZLWyOzWC3GyxHG4fFOdi4JmKJ5mSRTmSXfWPhsBhGps1utxzsJq6VyzFaLEer5Wo2HMw2i42_uVy5FhbnzC1xeCZu0WC2cStMnuFaYlsZBouJcTMbGdei18f0cQ1Wk43F39gNBovhbjTb7Ru7wWAx3I1mu32HzvBdfc5GZVkl-Qh1h_G5dK45DQqXweJ9qU_nYcFYUE87R6dOeVYWdEa_3-_3-_1-v9_vN2g9B7NB4Xse_sLpY3kuh7PRg9hgUMQSwUU6ETzMbofp5Zb4PBu_RSxRmi7SiV7hF_rtPrfIYXdrjA6_W_r6uyUvt85v97klrrfaZXeL_HafW3P0u95C18Mtddp9bsXr7lY-3VLXW-h6uDVGl93n1hwddp9b5rD73Jqj0y40vc0WsURwukgnopfxdFH_kUMMV3PFcjXXLeaSxWiVAAAAAAAAAAAswTTTTQAAAACcDGq4GS5W63Qwk9lksFstF8BFUJYuYBAAAAAAAIBijT3WAA-z22F6uSU-z8ZvZQASzHnMNvuMINZqtawBAAAIYAMAAAjgphtvAtqjuP____9xAAAAZOTQAwAAoN8HhPXAhVIv_MivIBaLwWb_AFSItVqtbjfWarUCGsRutVgMJ_D___8f!&proto=2,3,5,6&encoded=1&pstn=1&callback=&wfv=1&amp=0&qsz=6&ft=0&pb=0&pagg=2&sd=undefined&ctsldr=1&dtagid=3262075&dpubid=583815&abtst=adxsub-out_vA!adxsub-out_vB!eidc_vA!iiqrc_vA!lvlstst-in2_vA!lvlstst1_vA!t45!t45!ufm_vG&mPre=0.033&cirf=https%3A%2F%2Fwww.bg3.co&en=1&subu=3
Requested by
Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/4.5.7/UnitFeedManagerDesktop.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838

Request headers

Referer
https://www.bg3.co/
accept-language
de-CH,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 02:17:56 GMT
content-encoding
gzip
server
nginx
machineid
1426
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
access-control-allow-credentials
true
expires
Sat, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 25E1 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=57B59519-9B3E-4DB5-B42D-FDB697822B64
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
de-CH,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Fri, 17 Nov 2023 02:17:57 GMT
Expires
0
Pragma
no-cache

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/72127d3848c5b730e96a246f9d1ffbad.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/1223c8e7e04bea10ed82caaebedf2b5a.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/162a294ba78bc6c443074bd85d9b5379.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/bc0a3307423e02729eb20893164cf42c.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202106/97009ff4aa72b04ce3a59c01cde1caee.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/cd3ff2dd8d5425660d1375ac32f6e891.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/d777f1591012235d692ec9e08b82f782.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/c191f79fd3538b0a0cbd6d1c17252297.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202309/a0bc8d5a2a492cbaae154ada703a692d.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202310/12742af32890f00202a660015e257e68.jpg?w=150&h=100&q=100
Domain
static.bg3.co
URL
https://static.bg3.co/imgs/202105/14fd4fd3b958f0fc66f375186fac00cb.jpg?w=150&h=100&q=100
Domain
sync-dmp.aura-dsp.com
URL
https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEO6FNxsAPlJVvPVJmIMKovY&google_cver=1&google_push=AXcoOmRifwPxn-8Jm0eCEUe3I_okB_o-hu2P1vrLAfDwufiokWqNcHrtj_sDrglD-3uaT3aXU0W1TXeYYSX-bfkl4qWj5gJcPcIODA
Domain
ad.mrtnsvr.com
URL
https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
Domain
cm-supply-web.gammaplatform.com
URL
https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=316&uid=57B59519-9B3E-4DB5-B42D-FDB697822B64

Verdicts & Comments Add Verdict or Comment

182 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| documentPictureInPicture function| gtag object| dataLayer object| _taboola number| sc_project number| sc_invisible string| sc_security object| adpushup object| ucfad_async object| googletag function| _statcounter object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP__EXPERIMENT_TOGGLES object| __AMP_URL_CACHE boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover function| setImmediate function| clearImmediate object| ggeac object| google_tag_data object| google_js_reporting_queue function| $ undefined| jQuery function| jqAlias object| google_tag_manager string| currentState object| adpGlobals object| _apPbJs object| hbAnalytics object| adpTags function| onYouTubeIframeAPIReady object| gaGlobal object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid undefined| google_measure_js_timing object| google_reactive_ads_global_state number| google_unique_id object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| Criteo object| ucf object| request string| paramsString object| aries function| quantserve function| __qc object| ezt object| _qoptions function| _typeof object| TRC object| _tblConsole undefined| msg number| vidverto object| regeneratorRuntime object| aries_registry function| __trcCopyProps function| __trcFromError function| __trcClientTimestamp function| __trcLog function| __trcError function| __trcDebug function| __trcInfo function| __trcWarn function| __trcWarnUsingBeacon function| __trcDOMWalker function| __trcJSONify function| __trcUnJSONify function| __trcTrim function| __trcGetElementsByClass function| __trcToArray function| __trcObjectCreate function| PageManager function| addHashParam number| trc_debug_level string| trc_article_id object| TRCImpl number| taboola_view_id function| inView function| VASTClient function| IMA function| VidvertoPlayer object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| vpbjsChunk object| vpbjs object| _aries object| inViewWindow object| vidvertoPromiseCache object| closure_lm_847320 function| VidvertoPlayerVideoPlaylistUI string| nam object| placementData object| closure_lm_674085 boolean| noPreviewPage object| google_ad_modifications object| google_prev_clients object| closure_lm_307063 object| onetag object| cmTag object| _cm_wfCounters string| lastWfUrl number| lnt_z object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_135 object| Criteo_prebid_135 object| Adform boolean| __adform_onload function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| Zepto object| Backbone function| startCMTagMain string| category function| shuffle object| entertainment object| arrToUse object| playlist function| OvaMediaPlayer

210 Cookies

Domain/Path Name / Value
i.liadm.com/s Name: _li_ss
Value: CggKBgiiARDCFg
.bg3.co/ Name: sc_is_visitor_unique
Value: rx12918656.1700187466.006FA9EFE3994F829578C467E1907286.1.1.1.1.1.1.1.1.1
.statcounter.com/ Name: is_unique
Value: sc12918656.1700187466.0
.statcounter.com/ Name: is_visitor_unique
Value: 1700187466376589633
www.bg3.co/ Name: __AP_SESSION__
Value: 601af01b-edaf-439b-b784-0838c4997fb9
.bg3.co/ Name: _ga_JLX4K2W8JS
Value: GS1.1.1700187466.1.0.1700187466.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.1707958932.1700187467
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 91cdfd6d-c689-4032-abe9-6dedb1815694
.openx.net/ Name: receive-cookie-deprecation
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1700187466_1700187466
.doubleclick.net/ Name: IDE
Value: AHWqTUkDfclFC__fef3vuKtp0H4gwVLHWc0gYGcz8dJAv656J9e_UVQemcBuhar4PbU
.teads.tv/ Name: tt_viewer
Value: 1aa6d217-4dad-4b02-aab8-916a7bad7e54
.teads.tv/ Name: receive-cookie-deprecation
Value: 1
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.omnitagjs.com/ Name: ayl_visitor
Value: b2fc29283591d7929729cb12e15c0169
ad.vidverto.io/ Name: moxuuid
Value: 6456bd6a-ea81-4edc-89d0-e570811b5cf7
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_zone_imp[9799][frequencyPeriodEnd]
Value: 1700273867
ad.vidverto.io/ Name: _mwayss_imp[23133][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23133][frequencyPeriodEnd]
Value: 1700273867
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10351][frequencyPeriodEnd]
Value: 1700273867
ad.vidverto.io/ Name: _mwayss_imp[23239][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_imp[23239][frequencyPeriodEnd]
Value: 1700273867
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][count]
Value: 0
ad.vidverto.io/ Name: _mwayss_camp_imp[10384][frequencyPeriodEnd]
Value: 1700273867
.bg3.co/ Name: __gads
Value: ID=b7d37ca96679f1ce:T=1700187466:RT=1700187466:S=ALNI_Ma3YQ5FAFWO8KDRUWWBH9Ol4WY9hg
.bg3.co/ Name: __gpi
Value: UID=00000cca2f5d1d86:T=1700187466:RT=1700187466:S=ALNI_Ma8hcQCXwBcT1CIglcFfZwBJqga1g
.rubiconproject.com/ Name: khaos
Value: LP1ZPXH6-K-6UH9
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwy5rbqgY4AUABSAEQy5rbqgYYAA..
.adnxs.com/ Name: uuid2
Value: 4737946100709174159
.bidswitch.net/ Name: tuuid
Value: c63acbb1-6fc6-4c18-b376-99f785c1f865
.bidswitch.net/ Name: c
Value: 1700187467
.bidswitch.net/ Name: tuuid_lu
Value: 1700187467
.aralego.com/ Name: sspid
Value: 14ef4be5-612e-32bc-9e01-6267b9ecf4da
a4p.adpartner.pro/ Name: apuid
Value: f1218a01-61df-46fa-aef4-16131160c7e4
.quantserve.com/ Name: mc
Value: 6556cd4b-4c50d-da817-c6c6e
ad.vidverto.io/ Name: adpartner
Value: f1218a01-61df-46fa-aef4-16131160c7e4
.marketperf.com/ Name: ui
Value: 16556cd4b50aff100291275
.yahoo.com/ Name: A3
Value: d=AQABBEvNVmUCEA5RaPEw7QZqD9WstQNtonoFEgEBAQEeWGVgZbti0CMA_eMAAA&S=AQAAAlpfvGmV7t3ahoiFzUu5WMA
.bg3.co/ Name: __qca
Value: P0-1089899889-1700187466901
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 57B59519-9B3E-4DB5-B42D-FDB697822B64
.admixer.net/ Name: am-uid
Value: 12ca622bc15b402083f094321aabec87
ad.mox.tv/ Name: onetag
Value: pxo0PDKu2jjCAHjTMmIGdKxf6DPMamuz3fVEk-UP7RE
.smartadserver.com/ Name: pid
Value: 1462351491961293065
ad.vidver.to/ Name: bidswitch_com
Value: c63acbb1-6fc6-4c18-b376-99f785c1f865
.ads.stickyadstv.com/ Name: UID
Value: a22d91ba4e30f9aaf86fe39e8716c80
.aralego.com/ Name: euconsent-v2
Value:
.sportradarserving.com/ Name: zuuid
Value: 8d1c0658-9ff8-4dc1-b6b7-036b6bfac20e
.sportradarserving.com/ Name: c
Value: 1700187467
.sportradarserving.com/ Name: zuuid_lu
Value: 1700187467
.sportradarserving.com/ Name: zuuid_k
Value: 1
.sportradarserving.com/ Name: zuuid_k_lu
Value: 1700187467
www.bg3.co/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3D99e5ab9f-ba3b-406c-ad38-b6e001b836d8-tuctc5052cb
.script.ac/ Name: __cf_bm
Value: KyaEpEGdHEd4_MPHtYBHJKFiSzN8bGIY_Cnh9gfklYc-1700187468-0-AZs6izclR112e2mUkHvLtamSx2ZPuwBh8F4UxWd3TWp4EznWUfLcgvyHld8ThbaTG9vjIytREe2aiV9SqT5DPSI=
.bing.com/ Name: MUID
Value: 367F5D7EF6E862F12E504EB2F7EE631E
.bidr.io/ Name: bito
Value: AABVWE7KrZsAABT_CDLLUg
.bidr.io/ Name: bitoIsSecure
Value: ok
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.primis.tech/ Name: csuuid
Value: 6556cd4c80be1
.amazon-adsystem.com/ Name: ad-id
Value: A3eEKjEerks8tFJTCFHvvUo
.tapad.com/ Name: TapAd_TS
Value: 1700187468554
.tapad.com/ Name: TapAd_DID
Value: 1e8c85c7-177e-4eaa-8afa-474c4ea47595
.connatix.com/ Name: cnx_userId
Value: e9babff32bc640b793f55b4db00970bf
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.ipredictive.com/ Name: cu
Value: 5627b720-1bf6-48c7-b423-24932b8c0196|1700187468606
.linkedin.com/ Name: bcookie
Value: "v=2&b15980a0-18e8-41e9-89fe-86fddc35edd5"
.linkedin.com/ Name: li_gc
Value: MTswOzE3MDAxODc0Njg7MjswMjGZsJKdXLACQ+v4npGSBFRyGX/Ut1APCO7xzBxH4ZCriQ==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2790:u=1:x=1:i=1700187468:t=1700273868:v=2:sig=AQF-6Req7Nn5hFytfEs_ISMLLk2IZyxh"
.adform.net/ Name: C
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEJ2b7EjwnvdwMt-dMhiTu2Q&KRTB&23025-CAESEJ2b7EjwnvdwMt-dMhiTu2Q&KRTB&23386-CAESEJ2b7EjwnvdwMt-dMhiTu2Q
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1700187469.1.0.1700187469.0.0.0
.simpli.fi/ Name: suid
Value: 71E1AB8744644695805E27A511A92768
.yieldmo.com/ Name: yieldmo_id
Value: 3FMy577dd47MP6Ldk0Mz%7C1700179200000%7C0
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003%22%7D
.tremorhub.com/ Name: tvid
Value: dd705a191b114f08bb9bb35bdbfdd942
.tremorhub.com/ Name: tv_UIDF
Value: CAESENbeTeNceC1KxME04j1cjkc
.tremorhub.com/ Name: tvssa
Value: 1700187469329
.adform.net/ Name: TPC
Value: 1700187469430
.adform.net/ Name: uid
Value: 8056414443070265019
.adfarm1.adition.com/ Name: UserID1
Value: 7302249576431745170
.360yield.com/ Name: tuuid
Value: 3e2855c3-1a4d-48fe-9339-f98ac41a9459
.360yield.com/ Name: tuuid_lu
Value: 1700187469
.socdm.com/ Name: SOC
Value: ZVbNTsCo5ucAAKRJxsQAAAAA
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-17T02%3A17%3A50%22%7D
.openx.net/ Name: i
Value: 2d029ac8-d642-0978-0d76-b590d382fed5|1700187470
.openx.net/ Name: pd
Value: v2|1700187470|gen0vNvQiygu
.casalemedia.com/ Name: CMID
Value: ZVbNTlVsUjeTdTa5zO2UGQAA
.casalemedia.com/ Name: CMPS
Value: 1101
.casalemedia.com/ Name: CMPRO
Value: 1101
.onetag-sys.com/ Name: OTP
Value: qrMQNml6E_9l7GWkT_kClJDDDK60OLMTQSltw7-gi30
.lijit.com/ Name: ljt_reader
Value: Hq0JtRZHJ0kwAHgrQwiKYQoU
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_337
Value: y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
.servenobid.com/ Name: pid_339
Value: y-AZucgQ5E2uEhumAMwYdtw9tVlK8bVXO_YX5ncx0-~A
.servenobid.com/ Name: pid_312
Value: 4737946100709174159
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1Mjc1MDYxMDUwMRXiM9StSPQ0cjPKiSjKNDIDAF95BQslAAAA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MTG1sDA1Mjc1MDYxMDUwMRXiM9StSPQ0cjPKiSjKNDIDAF95BQslAAAA
.servenobid.com/ Name: pid_310
Value: Hq0JtRZHJ0kwAHgrQwiKYQoU
.gumgum.com/ Name: vst
Value: e_89400654-75c1-425f-a342-bc63590ff0bf
.servenobid.com/ Name: pid_324
Value: 5144588527503405045
.servenobid.com/ Name: pid_317
Value: 1462351491961293065
.minutemedia-prebid.com/ Name: wrvUserID
Value: 5CzEnsz-kp_mm
.servenobid.com/ Name: pid_318
Value: qrMQNml6E_9l7GWkT_kClJDDDK60OLMTQSltw7-gi30
.servenobid.com/ Name: pid_333
Value: ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB
.servenobid.com/ Name: pid_353
Value: 0000EEA
.ads.stickyadstv.com/ Name: uid-bp-34673
Value: ZVbNTlVsUjeTdTa5zO2UGQAABE0AAAIB
.csync.loopme.me/ Name: viewer_token
Value: 01e3c4b5-cb8a-4b70-8d0a-a5a51be442e1
.adotmob.com/ Name: uid
Value: 09cf220400b8a5d6253737e8
.adotmob.com/ Name: uuid
Value: 09cf220400b8a5d6253737e8
.adotmob.com/ Name: partners
Value: IX%3A1700187470953
.w55c.net/ Name: wfivefivec
Value: asMivCp31R3Oqy5
.w55c.net/ Name: matchcasale
Value: 5
.demdex.net/ Name: demdex
Value: 40780589102648726910851220645457236816
.go.sonobi.com/ Name: __uis
Value: 0d48f7bf-3768-4ebc-beb6-3de6de9a39c4
.go.sonobi.com/ Name: HAPLB8G
Value: s8671|ZVbNU
.contextweb.com/ Name: V
Value: tYujJOb4LABT
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: bc681a6d214e5874
.3lift.com/ Name: tluid
Value: 4648383420934579754688
.servenobid.com/ Name: pid_309
Value: e_89400654-75c1-425f-a342-bc63590ff0bf
.yellowblue.io/ Name: wrvUserID
Value: iYrEns-zCp_s
.brand-display.com/ Name: _knxq_
Value: 7153318e-ef13-f12c-983a08a1.1700187470.0.1700187470.1700187470
.smaato.net/ Name: SCM
Value: 089dd50ff1
.smaato.net/ Name: SCMsas
Value: 089dd50ff1
.servenobid.com/ Name: pid_348
Value: 5CzEnsz-kp_mm
.servenobid.com/ Name: pid_332
Value: 0d48f7bf-3768-4ebc-beb6-3de6de9a39c4
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-3ce164ce-1168-3b18-bf2f-a6731aec520a
.dpm.demdex.net/ Name: dpm
Value: 40780589102648726910851220645457236816
.fwmrm.net/ Name: _uid
Value: umv1972_7302251787229313097
.nrich.ai/ Name: _nauid
Value: f1aa2d0b-5edb-4671-aaa2-1e693a443b8a
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: umv1972_7302251787229313097
.ads.stickyadstv.com/ Name: MRM_UID
Value: umv1972_7302251787229313097
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16890%3b%24o%3d11100
.servenobid.com/ Name: pid_352
Value: iYrEns-zCp_s
.quantserve.com/ Name: d
Value: EMoBEQG5KvijCJiTAA
.mathtag.com/ Name: uuid
Value: 6ba86556-cd4f-4200-8b0e-8fe705485e4b
.creativecdn.com/ Name: u
Value: a9hYjw3iUWLsF2bv9qXT
.creativecdn.com/ Name: g
Value: a9hYjw3iUWLsF2bv9qXT_1700187471193
.creativecdn.com/ Name: ts
Value: 1700187471
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-yIRxg53VcNfThSeAztVp0Z-JdYLT0nLWyNRFPvrx&KRTB&19420-yIRxg53VcNfThSeAztVp0Z-JdYLT0nLWyNRFPvrx&KRTB&22979-yIRxg53VcNfThSeAztVp0Z-JdYLT0nLWyNRFPvrx&KRTB&23462-yIRxg53VcNfThSeAztVp0Z-JdYLT0nLWyNRFPvrx
.adsby.bidtheatre.com/ Name: __kuid
Value: 580f256b-7549-4866-a3ff-f5f33824c571.469401471
.analytics.yahoo.com/ Name: IDSYNC
Value: "194o~2f3e:18vk~2f3e:19e0~2f3e:198o~2f3e:18z8~2f3e"
.liadm.com/ Name: lidid
Value: 1aa1cde8-139b-4784-a480-00eb3f0a0c22
.turn.com/ Name: uid
Value: 8247147485242101939
.dotomi.com/ Name: DotomiTest
Value: 2cd6387bc6551594
.ads.stickyadstv.com/ Name: uid-bp-26913
Value: AABVWE7KrZsAABT_CDLLUg
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5144588527503405045
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-4737946100709174159&KRTB&23339-4737946100709174159
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7302249576431745170&KRTB&23369-7302249576431745170
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:6ba86556-cd4f-4200-8b0e-8fe705485e4b
.servenobid.com/ Name: pid_316
Value: 57B59519-9B3E-4DB5-B42D-FDB697822B64
.adx.opera.com/ Name: UID
Value: OPU2f96dddf554d41b3a60c75381a33c525
.ctnsnet.com/ Name: cid_0444789e370a4831b820c002eaaace65
Value: 1
.weborama.fr/ Name: AFFICHE_W
Value: Ks0@OXDIG08q52
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_a8aedc7e-c331-4b0b-afa7-3daa19cf927d
.de17a.com/ Name: guid
Value: 1.3368826976765405468
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-8056414443070265019&KRTB&23263-8056414443070265019&KRTB&23481-8056414443070265019
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-8247147485242101939&KRTB&23150-8247147485242101939&KRTB&23527-8247147485242101939
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZVbNTwAANlmrtQBU
.pubmatic.com/ Name: KRTBCOOKIE_1323
Value: 23480-OPU2f96dddf554d41b3a60c75381a33c525&KRTB&23485-OPU2f96dddf554d41b3a60c75381a33c525&KRTB&23524-OPU2f96dddf554d41b3a60c75381a33c525
.pubmatic.com/ Name: KRTBCOOKIE_32
Value: 11175-AAAI2Tx43FFO5ANtPlSIAAAAAAA&KRTB&22713-AAAI2Tx43FFO5ANtPlSIAAAAAAA&KRTB&22715-AAAI2Tx43FFO5ANtPlSIAAAAAAA&KRTB&23519-AAAI2Tx43FFO5ANtPlSIAAAAAAA
.sitescout.com/ Name: ssi
Value: 7a3481c2-8c4c-450b-88dc-baf27b3924a1#1700187471455
.audrte.com/ Name: arcki2
Value: 1i8Pbi-H4tHTSOfGRlpnKx6Mg!20220908!1700187471452!ip#185.195.71.214
.audrte.com/ Name: arcki2_pubmatic
Value: 57B59519-9B3E-4DB5-B42D-FDB697822B64!20220908!1700187471452
.pubmatic.com/ Name: KRTBCOOKIE_945
Value: 19558-uid:&KRTB&23513-uid:&KRTB&23537-uid:
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: 45ba5fd87d0bacc1c844126b3cd53c8d
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-c63acbb1-6fc6-4c18-b376-99f785c1f865
.sitescout.com/ Name: _ssuma
Value: eyI0NSI6MTcwMDE4NzQ3MTUxNn0
.smartadserver.com/ Name: csync
Value: 22:8056414443070265019|127:AABVWE7KrZsAABT_CDLLUg
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-3368826976765405468
.pubmatic.com/ Name: PugT
Value: 1700187471
.onaudience.com/ Name: cookie
Value: 6eb7c9e34844e193
.onaudience.com/ Name: done_redirects104
Value: 1
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-7a3481c2-8c4c-450b-88dc-baf27b3924a1-6556cd4f-4348&KRTB&23418-7a3481c2-8c4c-450b-88dc-baf27b3924a1-6556cd4f-4348
.audrte.com/ Name: arcki2_ddp2
Value: 1i8Pbi-H4tHTSOfGRlpnKx6Mg!20220908!1700187471581
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b3d87671-d6b5-5539-606c-6f7f648d5d3c.Nqx%2FT2r%2FAeXL65EwOB5m6lO2yo538D%2F3TjmczFQ6%2BzA
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-b3d87671-d6b5-5539-606c-6f7f648d5d3c.Nqx%2FT2r%2FAeXL65EwOB5m6lO2yo538D%2F3TjmczFQ6%2BzA
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3As9h2cda1VTlgbG9_ZI1dPLnDR9Y.0YmL1EsrhjXC%2FBs8fdHqLjk%2BFsHETx0EjMk5dgErgC4
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3As9h2cda1VTlgbG9_ZI1dPLnDR9Y.0YmL1EsrhjXC%2FBs8fdHqLjk%2BFsHETx0EjMk5dgErgC4
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1o19|7dN.0.AABVWE7KrZsAABT_CDLLUg|7bq.0.1
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-H1I2i050UnhTjRnYWSWWnbRY
.audrte.com/ Name: arcki2_adform
Value: 8056414443070265019!20220908!1700187471675
.rezync.com/ Name: zync-uuid
Value: 05bdbb83-c425-4452-ab6f-e97636264e93:1700187471.6460516
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AABVWE7KrZsAABT_CDLLUg
.rfihub.com/ Name: euds
Value: H4sIAAAAAAAA_wXByxWAMAgEwIvt4OOzLIndSIyFWLkz31Ga_XSPkAVPAdLlbr6yZzHoxJ5xWanaKJSdBDWNP895cvQ6AAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_1XMOxWAMAxA0YMApg6oCCdp82lwQ6AIYmREAjJQxQiMd3jv6noyRKrGRuS0J0OJNaIWWDgLMEuGOXSD5qZFs3LzMr3RqKwopEf6nKzi-Tfdw2s0zw_L--I0egAAAA
.servenobid.com/ Name: pid_321
Value: RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMUFVR4mAiuHZ22qSF97VSOlMiMUm6A-GPA2voDwOVobEHwYBCDPmtuqBjABOgTwi70wQgSPTPNH.cab0a%2BBm4GDTnEpxBcL1KWu7iZuvzNmxCvM7%2BMknopc
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIMUFVR4mAiuHZ22qSF97VSOlMiMUm6A-GPA2voDwOVobEHwYBCDPmtuqBjABOgTwi70wQgSPTPNH.cab0a%2BBm4GDTnEpxBcL1KWu7iZuvzNmxCvM7%2BMknopc
.tribalfusion.com/ Name: ANON_ID
Value: aVnwQRpyXahbqiVRFQm8Zc61thpdNF2nLoq7mip2N3gSTMgjUow5cnUXbUES5HZaP5nh4dRtT05PlntYhZb5VQpXsZam0PQH1eVSBRlsC6pOSwMdb7Fvv9xFbKvRs9OM
.zemanta.com/ Name: zuid
Value: tmjZSQ8uvO2ZnL4dOj3k
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-s9h2cda1VTlgbG9_ZI1dPLnDR9Y&KRTB&23334-s9h2cda1VTlgbG9_ZI1dPLnDR9Y&KRTB&23417-s9h2cda1VTlgbG9_ZI1dPLnDR9Y&KRTB&23426-s9h2cda1VTlgbG9_ZI1dPLnDR9Y
live.rezync.com/ Name: sd-session-id
Value: .eJwNylEOgyAMANC79FuWAm1BLmNEu4RsskX0Z8a7j8-XvAumr-7bXLUekI791AGWd-lqkC5o5bfpCxKwJeIY2QVGT8hIDPcATVsrnzqVtR_kvOYcvVnIsenfmTnL0-gYxIsT0tEnGxBtDBTsQ0iQrcD9B6diJTU.ZVbNTw.5uQi7UHnp8_-MbiKdTEsTyc1suU
.rlcdn.com/ Name: rlas3
Value: Yo5R3NkphXud/FKb55JgNqtjzetFU1CmaV9ZbO/77pU=
.rlcdn.com/ Name: pxrc
Value: CNCa26oGEgUI6AcQABIGCLrqARAA
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB0U7Ne8bqyM1RwWzGvB5zjFmi1YrgPAFMo6sr7aMhMzQfdbv8qaTWUEz64le3h8dtUhVzfZLSZD/uoyBNGqA3hL1WoBSYwPI/Y=
.servenobid.com/ Name: pid_323
Value: LP1ZPXH6-K-6UH9
.pubmatic.com/ Name: SPugT
Value: 1700187471
.pubmatic.com/ Name: DPSync3
Value: 1701388800%3A227_226_219_197_201_245_241_235
.pubmatic.com/ Name: SyncRTB3
Value: 1700784000%3A223_2_15%7C1705363200%3A69%7C1701475200%3A35%7C1702771200%3A203%7C1701043200%3A63%7C1701388800%3A196_7_46_264_234_71_22_243_55_166_21_8_238_88_13_204_251_54_233_214_176_3_161_254_220_99_249_165_56_81
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-9f02e5dd-827d-4dc0-bffe-b877fead070c-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 15
.onaudience.com/ Name: done_redirects147
Value: 1
.zeotap.com/ Name: zc
Value: c9fdc89f-333d-49ee-62f8-5d90d7054f2f
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1700209074350
.semasio.net/ Name: SEUNCY
Value: 91639F3E35BC0524
.smilewanted.com/ Name: sw_user_params_infos
Value: 9gelBK2pTgkX3s9%2BkhVdZAHdh4F4eUomaMRMczaW6DbJbXaIpVxDZO1iEeH%2F%2BTh0eqMzYC9tYzuEMYChDxdWm1dWGCHhccllWftFkRtHGfgQkPUIt74x5anf9pOvbrZDC6dkIBjH%2B%2B6uT2fxulUmBfWCwbHcuakfSyCCsxCWjYkLIThlFHljEOScQazh7LhVxTg0rj1iND47OKViGfeNBTUwa5hGePkzSbEj3HegWrbJcBxTBvBclKNpl27yRGQRytPDoJEW66bVwo3gXnMBUe9QRPkxq429YlBDYhRH7VNsNktbc6t0s%2BehHYT%2F2R43J0S8oiIY4Jz3bFN9EWfvrRPhVF2P3%2Bj%2B4sshKLhaOE%2Bo53Yg3YP%2Bo9VRSlAtBio6Hs02su4vgUB61hDZ0bC2bd%2F6G2q9OQQPiKifSjXoiJJU1lFi6QDn4uZ5C0iLdL2uPLoL1Wim5R8%2FVvUtGZReaihYigLJGpUrXBYYpcBmsgg%3D

21 Console Messages

Source Level URL
Text
network error URL: https://static.bg3.co/imgs/202105/162a294ba78bc6c443074bd85d9b5379.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/72127d3848c5b730e96a246f9d1ffbad.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/cd3ff2dd8d5425660d1375ac32f6e891.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/bc0a3307423e02729eb20893164cf42c.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/1223c8e7e04bea10ed82caaebedf2b5a.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202106/97009ff4aa72b04ce3a59c01cde1caee.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/c191f79fd3538b0a0cbd6d1c17252297.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/d777f1591012235d692ec9e08b82f782.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202310/12742af32890f00202a660015e257e68.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202309/a0bc8d5a2a492cbaae154ada703a692d.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://static.bg3.co/imgs/202105/14fd4fd3b958f0fc66f375186fac00cb.jpg?w=150&h=100&q=100
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://cdn.adpushup.com/42753/L2EvaG9uZy1kYW4tY2hhby16dW8tcmUtZ29uZy1idS1tZW4tZG9uZy1zaG91LWh1YS1qaW5nLXF1bi15aS1qdS1odWEtY2hlbmctc2hhbmctZmFuZy1zaGkuaHRtbA==.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://sync-dmp.aura-dsp.com/match/google?google_gid=CAESEO6FNxsAPlJVvPVJmIMKovY&google_cver=1&google_push=AXcoOmRifwPxn-8Jm0eCEUe3I_okB_o-hu2P1vrLAfDwufiokWqNcHrtj_sDrglD-3uaT3aXU0W1TXeYYSX-bfkl4qWj5gJcPcIODA
Message:
Failed to load resource: net::ERR_CONNECTION_CLOSED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 500)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://id.rlcdn.com/711916.gif?ct=4&cv=
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

164f28b95e6b8f672e54e451e51556d8.safeframe.googlesyndication.com
1f2e7.v.fwmrm.net
a.audrte.com
a.sportradarserving.com
a.teads.tv
a.tribalfusion.com
a4162dbdde9e035eb037d9a13f41a51c.safeframe.googlesyndication.com
a4p.adpartner.pro
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mox.tv
ad.mrtnsvr.com
ad.turn.com
ad.vidver.to
ad.vidverto.io
adpushup-d.openx.net
ads.aralego.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.yieldmo.com
adsdk.microsoft.com
adx3.adform.net
am-match.taboola.com
am-vid-events.taboola.com
am-wf.taboola.com
ams3-ib.adnxs.com
ap.lijit.com
aws-fr-sync.bidswitch.net
b-eu1.marketperf.com
b1-eudc1.zemanta.com
b1sync.zemanta.com
b1t-eudc1.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bannerflow.net
c.statcounter.com
c1.adform.net
cadmus.script.ac
capi.connatix.com
cdn.adnxs.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdn.taboola.com
cdn.vidverto.io
cds.taboola.com
ce.lijit.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
cs.yellowblue.io
csi.gstatic.com
csync.loopme.me
csync.smilewanted.com
d5p.de17a.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.adform.net
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsp.nrich.ai
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
ghent-aws-fr.bidswitch.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
green.erne.co
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hb.yahoo.net
hbx.media.net
htlb.casalemedia.com
http-intake.logs.datadoghq.com
i.clean.gg
i.liadm.com
ib.adnxs.com
ice.360yield.com
id.rlcdn.com
idsync.rlcdn.com
il-trc-events.taboola.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
imprammp.taboola.com
inv-nets.admixer.net
ipac.ctnsnet.com
js-sec.indexww.com
live.primis.tech
live.rezync.com
match.360yield.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
mwzeom.zeotap.com
obs.cheqzone.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pips.taboola.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prebid.smilewanted.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
region1.google-analytics.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
sonata-notifications.taptapnetworks.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
static.bg3.co
static.criteo.net
static.smilewanted.com
sync-dmp.aura-dsp.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.adotmob.com
sync.aralego.com
sync.crwdcntrl.net
sync.dmp.otm-r.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.taboola.com
sync.targeting.unrulymedia.com
t.adx.opera.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
trc-events.taboola.com
trc.taboola.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vidstat.taboola.com
vidstatb.taboola.com
visitor.omnitagjs.com
wf.taboola.com
widgets.outbrain.com
www.bg3.co
www.bing.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.statcounter.com
x.bidswitch.net
zem.outbrainimg.com
ad.mrtnsvr.com
ads.servenobid.com
cm-supply-web.gammaplatform.com
static.bg3.co
sync-dmp.aura-dsp.com
103.231.174.251
104.18.36.155
104.18.38.76
104.18.41.104
104.20.218.77
104.22.68.131
13.248.245.213
13.32.27.45
134.122.57.34
137.74.6.209
141.226.224.32
141.226.228.48
141.94.171.212
141.94.171.213
141.95.171.142
142.250.74.194
145.40.97.67
146.75.118.132
151.101.1.108
151.101.129.44
151.101.2.49
152.199.21.70
162.210.196.208
167.235.184.171
169.197.150.8
172.64.151.101
175.110.113.203
178.250.1.9
18.158.152.62
18.196.230.223
184.30.16.183
184.30.17.67
184.30.20.22
185.106.33.48
185.165.240.175
185.184.8.90
185.29.134.248
185.64.190.79
185.64.191.210
185.84.60.20
185.86.139.102
185.89.210.212
192.96.203.13
193.0.160.131
194.55.244.180
195.5.165.20
198.47.127.19
198.47.127.20
2.18.160.23
2001:4860:4802:34::36
208.93.169.131
211.120.53.204
212.8.250.228
212.8.250.83
213.155.156.164
213.227.153.220
213.227.153.224
216.52.2.48
23.211.8.12
23.32.184.192
23.48.23.8
23.56.202.187
23.88.86.2
23.97.225.52
2600:1f18:24e6:b900:b09f:68b1:e0c1:41bb
2600:1f18:612b:4232:2306:ee41:7d49:965e
2600:1f18:e8a:cd00:e7aa:3ac6:9899:87c4
2600:9000:2127:4600:1b:5138:8a40:93a1
2600:9000:2127:a000:1a:5235:f980:93a1
2600:9000:223c:1c00:6:44e3:f8c0:93a1
2600:9000:223f:dc00:1f:4c18:bd40:93a1
2602:803:c004:200::140
2606:4700:10::6816:1957
2606:4700:20::ac43:47fe
2606:4700::6810:5614
2606:4700::6811:ca6e
2606:4700::6812:1791
2606:4700::6812:18ad
2607:ae80:192:1::173
2607:f8b0:4002:c05::5e
2620:116:800d:21:5ed4:8d5d:fed7:f5ef
2620:1ec:21::14
2620:1ec:46::45
2620:1ec:c11::200
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::2004
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::2006
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:830::2002
2a02:2638:3::3
2a02:2638:3::7
2a02:2638:3::c
2a02:fa8:8806:20::2010
2a04:4e42:400::649
2a05:d018:d29:3601:a431:4595:7531:b100
3.123.91.65
3.126.217.32
3.127.126.167
3.127.72.135
3.33.220.150
3.64.136.60
3.69.152.80
3.69.181.174
3.73.183.236
3.75.62.37
3.76.107.155
34.102.253.54
34.111.113.62
34.111.129.221
34.120.63.153
34.160.19.107
34.160.236.64
34.91.62.186
34.95.69.49
35.186.193.173
35.186.253.211
35.214.189.64
35.244.159.8
35.244.174.68
37.157.3.26
37.157.4.28
37.157.5.84
37.157.6.235
44.205.140.116
45.137.176.88
46.228.164.11
46.228.174.117
50.19.228.115
51.68.39.188
51.89.9.254
52.210.15.1
52.212.105.38
52.213.118.96
52.31.205.224
52.46.151.131
52.49.253.230
52.5.145.170
52.50.95.14
52.72.41.189
54.154.5.229
54.171.158.15
54.171.40.33
54.211.177.173
54.72.186.48
54.73.167.29
64.202.112.159
65.9.95.52
67.220.228.203
69.166.1.66
69.173.144.137
69.173.144.138
69.173.144.139
69.173.144.165
72.251.241.196
77.243.51.122
77.245.57.72
8.43.72.97
80.77.87.162
82.145.213.8
85.114.159.93
95.101.149.233
98.98.134.241
011d615514ded365a35cc412b03c11ea9f10cf549b47abc0bcb2e562a1ea95f2
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
0407dafc112212a135d1aa4dd9b40ba0208c6bb6b1959f5535af093254189d66
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06484a64eaeea277e538c62795a985df0636f5e129ad274b236947294c06447d
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08f6cecd267dba9571f4da3e27fb521f36befdc723b709ce738b83ac55ed4f81
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0adaf9d3174537c125cc1567267c06f95d15a3d7b23450d19500017c89c12377
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf6496f6270b380201f495715b9c8764d29d6e09f9e8ac541ad3a833db5fd66
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0e1ec6a3c61a7364f67590dc873dfd7b1cf684800963b6f5ed0d2dbc0a830a8a
0eb9653dcf9e6f0a00d34e3edaa6613bd6dca5c74b05cd5670af3d963a97e528
12af7975664854ca36da674714083fa05297940fce71e42dabf688e2eb19a0f1
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
12ca1f90838744f3288c40238b38c65e76861cb85c441505d42ce8401aec7615
13290c34ccb6d3fd911e9b404afbe56023a52339105b493ae5c0a58a212da4a8
156cdfacad4b8d6b68ac923782ddbd7c634ef1e93e2e299ae20bfd1c7f735571
16f6a89c89e20586fdb7ed77f218f6af5442e80c8c3116deb2ab0cdd5aae2001
18d8329b2e4b430a4f34b5247ba02ca5378fcdf574eb7ba5f1ef00ac0a705c5a
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1a1d718d37cfe41f443875b0e534554d59fc224d8ea838cfbfcb5d9d426a2a59
1a57affb4d32cc9504c763b8bafc330a25e04c851e30edf9b242ea4545910e63
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c20d54555b098aef8269b6fa89b316fa731aac67e6926c1203c27edf8cf9dbd
1c8aa2daf70c1aa630b7e121d252800ce1d93534ba888502d549f8c920b85505
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
205b8ada8fdce09971bd7688c445e2c3cb42535874ca5a5f8c5d399489413e43
20678c305b50c0988193d64cb34f41e2dcb6f2fa48353106436ea301e07ce70a
22d9dc8a34bcbffe719050b949b9872f9af036a9bbfd3ca2e99165d604acaf24
230d5095dbd1dabfff7ef55aad99c662f57cd847bd3a5c9befd320551027045b
24bb3b133c1dcd54db877830ddf33443cd6fb3bfbb1ce015f335e69ca5ea87d0
25b1b4e9934aa4cb8e8bdf5fd7911f6ec67acde6b6b39f1561aec2244f7826af
2613fe32531e760ebf5344c59ea4b6c60ea6ee681f9b0e7e5b2182761cf7c39c
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
27655dcf14e02394ce08b6a2bcf6443cc3b3c3e327deb65abbd00339132c035e
2915cacb272776c42786f250cb34a9ace5da4e17b522b80ebee4b75d30aa39d4
29f63f9bc958e44b18ddbb089cc01dfe2df5d967fdb97f194301870ac520d2e2
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c9fe1c9e21fd520dfa82c1441da74a4d9f22b7d0d0fc4b3f34e69d7774120d0
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2dd20c9f608f4732b5cd45798d8a80feff63851f59549bdc56a867089834051e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e123b239fa9b7b0726fa621510953db60d2c5b2c8dafff82b95e17437e881cf
2ebcdc45625d8bd6eb8cea62780c1128df28c86ef0e10a6369ec23c97d61d92c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
304de0151956d250076f7e37945bbcd489b2c07cec24530a6bb3ec6d57ce9fbb
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
348dad726d7573e10b2ac7ec19cb8b4beb567efd334c27cddaa973fb519431c2
35c214f925928346f704baed1b7f12e1ba193d1e614e1b9dd36f5c8c5f4ff276
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
38c069fcdea783fa5472e2992fac9df2a68359c1bd9831117ce1a6084ca380a6
39108a26208871b2998efb4e634b30a9a55725098608bed8fde4c9b131043d89
3949cd3e0a4ca16cbb507c9e2906bb772c7bb2341d568cfb0614d051d8d9ca40
398de2685f4d09e875b1de6d1778799533939abb8addedd5a4a378ee028dca6c
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
39cd2d94116bd462c6fc4bbae33b9f5a084523d19e03d79231a7af0421c274ec
39f03a0f41f3a18a2138c6cbb8c4c7be040ed2aced0c2c381767b0b400236089
3b1eff64e77bf4378206394ce0eaa5726402de0d0711131317f8a1054f460282
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3da1286d21d6190bf7f7fdfe05879abe3f25f7d477e25832470d99cfcbc66886
3df19cbda74c943d3de0afd5990621355a70da8a743580d10be83fbe71dd500d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef7158e9734fef662568162138a034a9d0d9758353d1ad3708a25f628b48202
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
42fe10d8382d3fb7f84308b95ae83c5959838f0aeff2cb1733bab9d394c5a2d7
43f645cf2a0f5e977e145efbaa578af6f7ee6231d23f097159141fcd9e27728d
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4452a656d8e30f51db5e00d47fc827013467f6c77d0eb2de0b086e752ebf9262
44ade2ec01f729473700678dcbe209b33f16266837991014e6f622c590876170
44c41505855cf99a43c8f8be8de705bd5800b802b7ecfda0f2d664fa8b1920ac
44f2bba32f5fe85e96959c98d71efe3bb3c3c9e6f02ff978c10e3ec44c5b897b
456bc95a3265f859c7d2857f46596c29a18cb6c592c73734f1cc673bb45123a8
45bbdc432d78fe4bb27e9204888ef120d4b16207df4f9eaf5dd100563d59057c
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46af9c547fb80d2fc63363010cf0da7d2be1501e822d9336afa0f013a3d9fa03
47b193b0d3ac7fcb7bf22555b602c310145a0f6c1fd9acae397c121b22203f19
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
494d66c1f510af5609c852b228a4ad3e0f12ccf93126b5f437f8e4ac14def828
4a597ea249aadd2e7ede24042f75edf47906b554cbf5ede619d8e40c862fd089
4a7f4a29bfb2de213388f9fdb098620aa09394e3d4a25f30c310b24c5e1233b8
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4b11a3cb86b8e90ee13ac577dbb1a2398373c7d7777a18066cf50b991ecae129
4d6ba5913127b81a76b25ab72bd7352876690efb0e42d1825f7618b5cbd52f85
4d7ee587b1b2fb177db15824d9de078179371e1068c7d71a7c3941dab2806eba
4da7b47e9887d0ac0c51c7cc9fa41af7c6ff48d006c2a0a5ad3f40979e10c743
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
519e50788224b3422c6e6b1cce48d5decb83eece248558b54e48f88491e48aa4
51aecb1d1865fc015b32c793dbc533402c12d623e46e923e2867bc096c7266c9
51df5c4d53ae195b2d8bfbe1275fc7ffca77b164e538271917cee50a189af9c1
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56c65187ff8ccecf6512d5e5e5cf1c82bf4f2835edab5a8fe0b5d1201de20d74
577bbeb02edadd6a6119ee367adac8fd8b43b40a3763939f1d01e3cb9dd9a9a8
57d8c01d2398e9afeb56695ac936b58b9f53f9a44395d38a8e53c855f9d74f36
5bdd4245ca3eebbc158f3d9637f6dec42143d2b15daaee936d6ba58016c7b1a5
5caee3aaa1a04aac55e465614f4329486f5f2a3626706f000b61cc434ad92838
5ceebbe548ee8bb1525985410fedfb698a7d4d80c33895dc65761d07137b1b38
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
60f74110267d386c033ca330fc5bbd7d2472c972b63b33fa8000e87c8f815de6
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61fe41cde1b6df00f34e5a9795741e926e8861b8e80d396ff799d48bacda5300
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62b67fe02b0cba2ac38d051cf168d3a25bf2d3765e5fb7d2fa792c9b74c3a5ee
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6356de0eb2efef06a8338e5779a7d4e0f35fb127823cf356c6e3d5495d96b230
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66776998b10e583a72f8fd29391a50e2c80eb3bc9a65b0dafe97e576d7d88507
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b278e48df6b2e2f917803f532a9257fbb46bf576a8dfc07f1f8eb94468b54e8
6bd1e6977824b2917cae5408415a4b68b9b6bb70f500c1c60036aee516f7766e
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6e5c7bc3d4ed980d65a9d971762acc8dbe6c40c00144107a3e411e4197e81560
70602b2d4f8fd19b95f522d3f3334ada3b3ff4647b4e81c7285b885977fd9ac4
737ae1c4783d6865bf12ab5e22099aee84ed982b619aa157ff27acdce0000e39
7434a3ce1818dc5b8361f2a1c79c56340e452273c3e0437561e5573f25ec3bdd
746589ecfb4406519933a6aea5f1149224afcba81e3c3ef0541e7ad6c8111b7e
77daa4388c965a3e23b5a6c800727d8025ab108f89cf5679e79136986d5b4561
786c7be1974ccce2bd33de1579abfd3bf4343ea99da16780ffa18c27b4cb6ee2
79e5889c36479f99096a96a61cbfa92fc35ecf12d233635e0224b2c415859de1
7af59f6e1af5ff207fdf5079363a3660bf9139eb4c70e6e7cf7d8f4a2b2c9481
7e004df7e605ebd8af8e73d8f15a05204086b74bd06c8b45a4aff63ef6a270c5
7eddc7e40f583d7244a3f2235d6be162336c446b943ebcf7a4f4a0d02fa18030
7f66d59ff92c0971d1f27511dbed019307a1d66d799653c20001a715eb0f7f56
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83ecdfb76c38605f0e3538a0a9de0f1e57a457a2dfebe0654ee2f9b13c49a2ec
87960e7994f9fc5f6d2fc8c0b93be02f4b9b7cdca0dd9c726f5806d8e9092068
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d5d4d2769bdb28802f4309747ef6a358007eeb37daadc66a78ba0ca81cd4bce
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e53e50181b7a9e2caa94173c37fcd9de8fa75750764a2ad8ad02fac3306d652
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
908a935e15d34ec51aa5d98fb7c9f11b814fac80cc7e1bc32aed903df3754558
915e540ec4846f32a7e0ded607aecbe88840842f30933a946260d0fdcd72c782
91dc522d482d4dbc72031c96fce196616d623369c1d60f973e2a581cfae0b44b
924c7424b5c7c96052a804e964c0caf54c9ec24a7b78ca8f300045e587d17a4a
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93a7c137f40d18142a81f26fa8c5326e4f74b8d5dbed21138e0bba55e1a62141
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98c04ad96d66cfe1bd4c96a1fc1ca0fd526cf7298eaacd6dbae7890b0ac973a4
993a112fed28aebb10e2297da40f97e06e693040bebdfd6afcd6077e83b558c9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d52f3ded01d93de71b8b026aa5b8fc7bcef7e0ca48f9198cd75db6261261a3
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b6a7ca7428363767b92f9cf0ebc6dc31c5228022e2d2cb5016c0d9493021d1c
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c51b3bb0c5188de2571ed94d9432b85693241de3e05e5e82247dd8a45d4d03f
9dfba7b4c7519a72c754e4496e1eba764114254aa7d1e4f02eb4b24b49220900
9e89277953a75f8445730d8e8c1244ddd8a8f13d07c209a8f1bfa5df287d88ca
9ea5f56cefd5c8bcd5319d2e26aa905028992c93a1c41423ef727382a805a922
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1dd48c657971696c2087f2a6beb489ee65b25320b763222f10718dd93e9149e
a2072fedb72268b355ebd903f03143bb9696345e74e6c4264232d91f999ad286
a2b996fdc66d9abf1696965fbb8afdcb5b7b9aea5219da13e11d11512f3a101c
a2eacbd0a55e794d92e79a03b68c07f613a0ab710ffaffe5f1d12d67aac843a1
a44f5d561cd3e602e092304c1356809a206492fa189be1c11d923e8e768b06b5
a4892c9c2afde9a0b57ecab9049dd4c625fc9bb7051941dd222eb8ba97b09b3f
a61d8ed19b5bba32c11ba948036fe83489cc0a85662a9031e9db1707518ccd61
a79afc8be38c66a19e0dcfce66ec28d53571f8aec65320785f790910cd068141
a7d95017fa2379a4bf437aff9c95977004ffa0f3f4ab9544a685afa3120a0e6b
aa0c7ad808b4583418613d2cf3bfcb4891507be46a6e1f419264f97212c95e4f
aa36d0c8f1314f40d836be68fec53070e2a59ad8c2bdeb08796302aedd842339
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
b04dfae5d49297b8b6a514bd8bf1c7bea7ebe622232401a5abed5a92809a2b66
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16b368d431ac44238fc2d93fe086a857ca9450bf8970169fa57fd2aa533bca2
b1e963c339c0a3ca004b519a5bebc4a0f6399b3a62cf442a259b98b304371a23
b2b646e49650b10b0a0c09abcbed644e0fd130ae1926a0d0e8ad2be3c2675e55
b2d20ef01157e938babf09976dc9371124204b5e7ffa9d9d9898cd99cdca0c5a
b4004d343b43e48c59863f5690f31b555f7760fff781b444f15c2bce87df143b
b467a8f8d2eb79999ccf1f44c046f4c6782dcf369d707e462a2c3fa4d2683482
b47c015ef4aa39c3a3bd1c0e61b78a362027892650a3d892cfa9ae812fe40dce
b64321fd8b690c2b58b4a8f3959e97720b3db0350445ec3947e2e8cc3409107c
b7d818c698d26d9d34c00c94853c93b34abb2fd53e97c415fafb9e84df993f31
b87f3aad27cbbca4f420872f410bde6254aa7235d6db390730f1d9f46511dd97
b98e49c162c8631d0e2798d2664e4d82671939ee4f231e644af185f5770195c9
babeac8347fcaa986a7b0525a56592930e7a6a24f8013a97bb373640e6d2b09c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
bea63616949c80ff0dfdbb1e8547f1585882fc691483317b06441688e3e5f14a
beb2664a5d83399cbee87a2893eaf95a7cc8ce025afe188ea91934eb73669776
befbf95b0f53f4d435b1d095dd8364328e755fa99665df2b0a27363ddda16d10
c1e8359c7d9294993fe6c23173407a0a35c6d942b958abcba088201c51269cd1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c22c371f5ffcb37a61d263b733e67a0b17a82600ed741346cfe9bcf8abe5f98d
c26b74d41ed80708b198ef381c3d5b2d7213e8cce414790a40a31f72f18abd40
c908fc0efe64813a711e22dcc3dc26b9c566aad2875dd5e870227fe324ddc3f7
cb4427aa8c5e07464eaa4de61c31861acf89a5daa39d5a2665ae975bd51be013
ccd7b25b5061d883c7bf728947fb876d6225f3d8cd4b23dd7a0fb575b6f08b3f
ccf5181eba5df7437ad75c503d0b44358b3282f1537f2651e3bc0e8fc7d37f10
ce4763a7ea859b68590b08a100e26435e5615bb20bfcbeb8577072901b7c817e
cecd140859fded0e3056368fb89485ec9b8a63ea24c6a8dfb3d18f6a5f407772
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d4ae0d8304ce809a6248f6b21a330a35fc2509826b8e5a957353102880e25a7a
dbc8859a126031bd25cbe36951c6c34913de0336c1d729570287dc0179318e31
dc874f58e164935f002dc346f498a0bc44fb7cea32c8dc4f09e999fdf1997a9c
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e1583c70da1328ab0298178ce25b6854220b746591220980e61cda5ee875123b
e27203ff5e492787d73c5e4276efd1bd4f622afc92eedf751026cd807f105242
e329117bbdc12ee0649ed6654138a9ba8e600eaddf9138752631a50d236d135a
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6e66f2270f3ced2feafe068ec2cea9b00a181e343bb205334aab9c415c7e453
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb7942f135ce5b7b6bcb9becd335aac30ed761972e48d73197a287ae13b7565b
ecb8c212602d52dde3a3d0eb1659c7b3c8c629ed415e97e221e3f04a102e4d75
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
eed7de3a9927e7458e9efa732e5f67b62671f716d8ae9e82bb445fc5b966ac13
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef4ed6d7cea184f923b05413ba65169082c55107f94bc3eef474bd7758a5e08f
ef6ca8dad8a63869fec190ce7949b92b367981f281677daf118b588e2313fb93
f168efc3db293247e9eba46211e6bfa0004ec276bb14478c9082e9eb9a1290c6
f173ffc3d40264f06e43fcda7beece82038701518b76317b5a3e94ccb6f1a19d
f32ec7a452af020a426f77bb326ece4e42276a194b650aedd1287ee054fda884
f3a5c0220cd47633052fafc7165b728d2fa3c0afcb4e6c093f60d430a6a9d5cd
f640ec00f2e66af347985a9fdb0ee5491b0056722c3e5068afce562c4439a6ab
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f94611f7a8ded4e97166e42539e2559b0ed5b4454f6dc1a0f0ef29410e54c20c
faf7482b4de1f246a0de8017efebe9dcd7094f06ad11f813d4f7fb4e39c8e74a
fb329000228cc5a24c264c57139de8bf854fc86fc18bf1c04ab61a2b5cb4b921
fd9ed0cf3f4d3240bf2f291dfd671c55fe54af829508185091c64fef19d5dff6
fe92eff8e341af9f3f431a7535dcdb0b554b22bed30a27879e0044fa4cb4a080
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff65d80be1d7ee6ad9620de618dc1bd3962d81fa505806c02038dd6acc3641b8