urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-...
Submission: On October 23 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 97 IPs in 10 countries across 90 domains to perform 457 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 643495.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
10 74.125.68.132 15169 (GOOGLE)
1 3 23.108.102.145 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 23.59.168.81 20940 (AKAMAI-ASN1)
5 23.211.140.130 20940 (AKAMAI-ASN1)
20 104.26.2.91 13335 (CLOUDFLAR...)
56 142.250.4.154 15169 (GOOGLE)
3 209.58.188.181 133752 (LEASEWEB-...)
2 69.16.175.10 20446 (STACKPATH...)
2 74.125.200.97 15169 (GOOGLE)
3 142.251.10.113 15169 (GOOGLE)
5 172.253.118.157 15169 (GOOGLE)
15 172.217.194.155 15169 (GOOGLE)
6 74.125.24.132 15169 (GOOGLE)
2 74.125.68.154 15169 (GOOGLE)
12 142.251.10.157 15169 (GOOGLE)
1 142.251.10.94 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
45 74.125.200.132 15169 (GOOGLE)
1 10 74.125.24.105 15169 (GOOGLE)
2 172.217.194.157 15169 (GOOGLE)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
3 3 13.250.181.211 16509 (AMAZON-02)
19 47 172.253.118.155 15169 (GOOGLE)
6 6 103.229.205.242 30419 (MEDIAMATH...)
2 2 135.125.160.77 16276 (OVH)
3 3 18.210.86.232 14618 (AMAZON-AES)
1 1 18.182.120.145 16509 (AMAZON-02)
1 35.213.109.249 15169 (GOOGLE)
1 1 52.45.175.185 14618 (AMAZON-AES)
3 14 139.5.84.243 27381 (CASALE-MEDIA)
7 11 104.254.150.228 29990 (ASN-APPNEX)
14 74.125.200.149 15169 (GOOGLE)
9 182.161.73.129 55569 (CRITEO-AS...)
1 182.161.73.132 55569 (CRITEO-AS...)
1 104.17.24.14 13335 (CLOUDFLAR...)
1 104.16.87.20 13335 (CLOUDFLAR...)
3 6 145.40.89.200 54825 (PACKET)
1 54.179.183.230 16509 (AMAZON-02)
1 104.83.197.63 16625 (AKAMAI-AS)
2 8 34.98.64.218 396982 (GOOGLE-CL...)
3 18.182.192.59 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 2 52.38.91.115 16509 (AMAZON-02)
15 34.252.126.43 16509 (AMAZON-02)
3 139.99.49.250 16276 (OVH)
1 34.107.148.139 396982 (GOOGLE-CL...)
1 35.213.117.18 15169 (GOOGLE)
2 104.18.19.126 13335 (CLOUDFLAR...)
1 182.161.73.145 55569 (CRITEO-AS...)
2 4 103.229.10.180 16509 (AMAZON-02)
1 2 34.126.167.117 396982 (GOOGLE-CL...)
1 202.233.84.1 131957 (MICROAD M...)
2 3 23.106.127.164 59253 (LEASEWEB-...)
3 3 174.137.133.49 27257 (WEBAIR-IN...)
1 1 54.248.170.80 16509 (AMAZON-02)
6 6 52.74.162.2 16509 (AMAZON-02)
1 1 35.208.249.213 19527 (GOOGLE-2)
3 182.161.73.135 55569 (CRITEO-AS...)
1 182.161.73.142 55569 (CRITEO-AS...)
1 74.125.24.95 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 74.125.24.94 15169 (GOOGLE)
1 13.33.33.43 16509 (AMAZON-02)
2 8 35.244.159.8 15169 (GOOGLE)
2 4 23.36.49.63 16625 (AKAMAI-AS)
2 34.96.105.8 396982 (GOOGLE-CL...)
5 8 54.254.141.48 16509 (AMAZON-02)
4 6 93.158.134.90 208722 (GLOBAL_DC)
3 182.161.73.136 55569 (CRITEO-AS...)
10 11 52.223.40.198 16509 (AMAZON-02)
3 9 35.71.178.8 16509 (AMAZON-02)
1 151.101.129.108 54113 (FASTLY)
11 104.83.196.24 16625 (AKAMAI-AS)
1 108.138.36.45 16509 (AMAZON-02)
8 23.9.185.218 16625 (AKAMAI-AS)
2 104.18.13.76 13335 (CLOUDFLAR...)
10 13 69.173.158.64 26667 (RUBICONPR...)
4 5 209.191.163.208 14744 (INTERNAP-...)
2 2 50.116.239.135 6336 (TURN-US-ASN)
2 2 202.241.208.55 4694 (IDCF IDC ...)
2 2 13.227.254.100 16509 (AMAZON-02)
1 4 104.18.18.126 13335 (CLOUDFLAR...)
2 3 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 ()
2 4 35.213.12.39 15169 (GOOGLE)
4 7 52.46.130.91 ()
1 13.107.21.200 8068 (MICROSOFT...)
6 6 64.202.112.159 ()
3 3 104.69.148.168 ()
4 4 18.182.109.211 ()
2 52.76.242.203 16509 (AMAZON-02)
3 3 23.15.148.136 ()
2 2 198.8.71.130 ()
5 104.65.228.208 ()
11 11 74.118.186.44 ()
1 182.161.73.146 ()
2 2 52.59.108.23 ()
2 54.156.112.43 ()
1 18.179.228.80 ()
1 3 138.197.50.103 ()
1 1 72.34.250.75 ()
1 67.199.150.82 ()
2 3 52.95.125.22 ()
2 2 23.106.69.73 ()
3 23.106.127.38 ()
2 3 185.84.60.21 ()
1 35.214.174.31 ()
2 2 104.254.148.252 ()
5 5 151.101.66.49 ()
1 2 54.187.141.88 ()
17 54.238.120.71 ()
1 1 52.200.71.191 ()
1 141.148.45.191 ()
1 38.91.45.7 ()
2 2 18.140.149.174 ()
1 1 74.214.196.131 ()
2 2 185.184.8.90 ()
1 67.199.150.81 ()
1 1 69.173.151.100 ()
4 103.231.98.194 ()
4 67.199.150.86 ()
1 1 18.138.18.111 ()
1 103.231.98.195 ()
457 97
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
10    74.125.68.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f132.1e100.net
cdn.ampproject.org
3    23.108.102.145 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.59.168.81 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-59-168-81.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    23.211.140.130 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-211-140-130.deploy.static.akamaitechnologies.com
cdn.adpushup.com
20    104.26.2.91 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
56    142.250.4.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f154.1e100.net
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
2    74.125.200.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f97.1e100.net
www.googletagmanager.com
3    142.251.10.113 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f113.1e100.net
www.google-analytics.com
5    172.253.118.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f157.1e100.net
adservice.google.com.au
15    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
adservice.google.com
googleads4.g.doubleclick.net
www.googletagservices.com
6    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com
66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
2    74.125.68.154 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f154.1e100.net
partner.googleadservices.com
12    142.251.10.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f157.1e100.net
googleads.g.doubleclick.net
1    142.251.10.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f94.1e100.net
d-18355537582446915420.ampproject.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
45    74.125.200.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f132.1e100.net
tpc.googlesyndication.com
10    74.125.24.105 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f105.1e100.net
www.google.com
2    172.217.194.157 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f157.1e100.net
www.googletagservices.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
3    13.250.181.211 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-181-211.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
47    172.253.118.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f155.1e100.net
cm.g.doubleclick.net
6    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
2    135.125.160.77 (France)

ASN16276 (OVH, FR)
PTR: ns3195934.ip-135-125-160.eu
c.eu1.dyntrk.com
3    18.210.86.232 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-210-86-232.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    18.182.120.145 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-120-145.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
14    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
11    104.254.150.228 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
14    74.125.200.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f149.1e100.net
s0.2mdn.net
9    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
1    104.17.24.14 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    104.16.87.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
6    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.179.183.230 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-183-230.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
8    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
3    18.182.192.59 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
2    52.38.91.115 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-38-91-115.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
visitor.omnitagjs.com
15    34.252.126.43 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
ads.servenobid.com
3    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
2    104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
4    103.229.10.180 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    34.126.167.117 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 117.167.126.34.bc.googleusercontent.com
um.simpli.fi
1    202.233.84.1 (Japan)

ASN131957 (MICROAD MicroAd, Inc., JP)
aid.send.microad.jp
3    23.106.127.164 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync.smartadserver.com
3    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
rtb2-useast.e-volution.ai
dsp.adkernel.com
1    54.248.170.80 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-248-170-80.ap-northeast-1.compute.amazonaws.com
google.dap.fw-ad.jp
6    52.74.162.2 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-162-2.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    35.208.249.213 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 213.249.208.35.bc.googleusercontent.com
trace.mediago.io
3    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
1    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
1    74.125.24.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f95.1e100.net
fonts.googleapis.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
1    13.33.33.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-43.sin2.r.cloudfront.net
rules.quantcount.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
jp-u.openx.net
4    23.36.49.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-49-63.deploy.static.akamaitechnologies.com
sync.teads.tv
2    34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com
tr.blismedia.com
8    54.254.141.48 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-141-48.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
6    93.158.134.90 (Russian Federation)

ASN208722 (GLOBAL_DC, FI)
PTR: bs.yandex.ru
an.yandex.ru
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
11    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
9    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
11    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
cs.media.net
1    108.138.36.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-36-45.muc50.r.cloudfront.net
public.servenobid.com
8    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
2    104.18.13.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
cdn.indexww.com
13    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
5    209.191.163.208 (United States)

ASN14744 (INTERNAP-BLOCK-4, US)
ap.lijit.com
ce.lijit.com
2    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    202.241.208.55 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    13.227.254.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-100.sin52.r.cloudfront.net
cr-p3.ladsp.com
4    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
4    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
7    52.46.130.91 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
6    64.202.112.159 (None, )

ASN- ()
b1sync.zemanta.com
3    104.69.148.168 (None, )

ASN- ()
stags.bluekai.com
4    18.182.109.211 (None, )

ASN- ()
match.prod.bidr.io
2    52.76.242.203 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-242-203.ap-southeast-1.compute.amazonaws.com
d.adroll.com
3    23.15.148.136 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    198.8.71.130 (None, )

ASN- ()
p.rfihub.com
5    104.65.228.208 (None, )

ASN- ()
ads.pubmatic.com
11    74.118.186.44 (None, )

ASN- ()
sync.1rx.io
sync.targeting.unrulymedia.com
1    182.161.73.146 (None, )

ASN- ()
dis.criteo.com
2    52.59.108.23 (None, )

ASN- ()
rtb.mfadsrvr.com
2    54.156.112.43 (None, )

ASN- ()
cs.emxdgt.com
1    18.179.228.80 (None, )

ASN- ()
g2.gumgum.com
3    138.197.50.103 (None, )

ASN- ()
x.yieldlift.com
1    72.34.250.75 (None, )

ASN- ()
sync.go.sonobi.com
1    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
3    52.95.125.22 (None, )

ASN- ()
aax-eu.amazon-adsystem.com
2    23.106.69.73 (None, )

ASN- ()
gu.dyntrk.com
3    23.106.127.38 (None, )

ASN- ()
rtb-csync.smartadserver.com
3    185.84.60.21 (None, )

ASN- ()
c1.adform.net
1    35.214.174.31 (None, )

ASN- ()
csync.loopme.me
2    104.254.148.252 (None, )

ASN- ()
secure.adnxs.com
5    151.101.66.49 (None, )

ASN- ()
sync-tm.everesttech.net
2    54.187.141.88 (None, )

ASN- ()
dpm.demdex.net
17    54.238.120.71 (None, )

ASN- ()
usersync.gumgum.com
1    52.200.71.191 (None, )

ASN- ()
sync.ipredictive.com
1    141.148.45.191 (None, )

ASN- ()
sync.technoratimedia.com
1    38.91.45.7 (None, )

ASN- ()
match.deepintent.com
2    18.140.149.174 (None, )

ASN- ()
ad.360yield.com
1    74.214.196.131 (None, )

ASN- ()
bh.contextweb.com
2    185.184.8.90 (None, )

ASN- ()
creativecdn.com
1    67.199.150.81 (None, )

ASN- ()
image6.pubmatic.com
1    69.173.151.100 (None, )

ASN- ()
pixel-us-east.rubiconproject.com
4    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
4    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
1    18.138.18.111 (None, )

ASN- ()
cm.ambientdsp.com
1    103.231.98.195 (None, )

ASN- ()
image4.pubmatic.com
Apex Domain
Subdomains		 Transfer
96 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 104
430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com
66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 147
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
817 KB
76 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 188
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
cm.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 317
650 KB
29 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1042
fastlane.rubiconproject.com — Cisco Umbrella Rank: 492
eus.rubiconproject.com — Cisco Umbrella Rank: 596
pixel.rubiconproject.com — Cisco Umbrella Rank: 347
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com
53 KB
21 bg3.co
www.bg3.co — Cisco Umbrella Rank: 643495
static.bg3.co
141 KB
20 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542
htlb.casalemedia.com — Cisco Umbrella Rank: 519
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 439
14 KB
18 gumgum.com
g2.gumgum.com
usersync.gumgum.com
6 KB
16 pubmatic.com
ads.pubmatic.com
image8.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com Failed
42 KB
16 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1663
public.servenobid.com — Cisco Umbrella Rank: 3473
10 KB
16 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13910
us-u.openx.net — Cisco Umbrella Rank: 409
u.openx.net — Cisco Umbrella Rank: 664
jp-u.openx.net — Cisco Umbrella Rank: 10520
3 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 78
www.google.com — Cisco Umbrella Rank: 2
4 KB
14 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 294
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 426
7 KB
14 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 273
306 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 232
acdn.adnxs.com — Cisco Umbrella Rank: 618
secure.adnxs.com
42 KB
13 criteo.net
static.criteo.net — Cisco Umbrella Rank: 680
pix.as.criteo.net — Cisco Umbrella Rank: 16753
csm.as.criteo.net — Cisco Umbrella Rank: 17352
97 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15799
e3.adpushup.com — Cisco Umbrella Rank: 17189
aplogger.adpushup.com — Cisco Umbrella Rank: 16696
217 KB
12 media.net
prebid.media.net — Cisco Umbrella Rank: 1238
contextual.media.net — Cisco Umbrella Rank: 570
cs.media.net
17 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 356
6 KB
10 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com
7 KB
10 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 585
eb2.3lift.com — Cisco Umbrella Rank: 373
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 363
217 KB
8 1rx.io
sync.1rx.io
5 KB
8 criteo.com
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22845
ads.as.criteo.com — Cisco Umbrella Rank: 17079
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17724
bidder.criteo.com — Cisco Umbrella Rank: 763
gum.criteo.com — Cisco Umbrella Rank: 425
dis.criteo.com
47 KB
6 zemanta.com
b1sync.zemanta.com
4 KB
6 yandex.ru
an.yandex.ru — Cisco Umbrella Rank: 2202
2 KB
6 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 863
rtb-csync.smartadserver.com
3 KB
6 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 924
17 KB
6 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 462
4 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28151
sync.aralego.com — Cisco Umbrella Rank: 2910
4 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 599
ce.lijit.com
3 KB
5 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1004
x.bidswitch.net — Cisco Umbrella Rank: 303 Failed
2 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1269
sync.teads.tv — Cisco Umbrella Rank: 1137
1 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 193
233 KB
5 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 109731
1 KB
4 bidr.io
match.prod.bidr.io
2 KB
4 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 948
pixel.quantserve.com — Cisco Umbrella Rank: 516
cms.quantserve.com
11 KB
4 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5015
gu.dyntrk.com
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8566
45 KB
3 adform.net
c1.adform.net
1 KB
3 yieldlift.com
x.yieldlift.com
557 B
3 unrulymedia.com
sync.targeting.unrulymedia.com
1 KB
3 bluekai.com
stags.bluekai.com
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 375
1 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 777
2 KB
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 723
1 KB
3 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 765
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
519 B
2 creativecdn.com
creativecdn.com
700 B
2 360yield.com
ad.360yield.com
623 B
2 demdex.net
dpm.demdex.net
2 KB
2 emxdgt.com
cs.emxdgt.com
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com
1 KB
2 rfihub.com
p.rfihub.com
1 KB
2 adroll.com
d.adroll.com — Cisco Umbrella Rank: 1484
361 B
2 adsymptotic.com
p.adsymptotic.com
479 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 24354
1 KB
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1201
2 KB
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 766
866 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 608
cdn.indexww.com — Cisco Umbrella Rank: 1375
2 KB
2 blismedia.com
tr.blismedia.com — Cisco Umbrella Rank: 2392
294 B
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5415
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 841
1 KB
2 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4187
visitor.omnitagjs.com
944 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 888
1005 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 61
77 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 677
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 15630
10 KB
1 ambientdsp.com
cm.ambientdsp.com
650 B
1 contextweb.com
bh.contextweb.com
664 B
1 deepintent.com
match.deepintent.com
44 B
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 ipredictive.com
sync.ipredictive.com
465 B
1 loopme.me
csync.loopme.me
40 B
1 sonobi.com
sync.go.sonobi.com
655 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 236
668 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 876
633 B
1 gstatic.com
fonts.gstatic.com
44 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 44
1 KB
1 mediago.io
trace.mediago.io — Cisco Umbrella Rank: 1507
492 B
1 fw-ad.jp
google.dap.fw-ad.jp — Cisco Umbrella Rank: 111852
569 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6970
540 B
1 microad.jp
aid.send.microad.jp — Cisco Umbrella Rank: 3920
641 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 394
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
5 KB
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 12697
561 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 3057
218 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 16094
555 B
1 ampproject.net
d-18355537582446915420.ampproject.net
0 pippio.com Failed
pippio.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
457 90
Domain Requested by
47 cm.g.doubleclick.net 19 redirects googleads.g.doubleclick.net
www.bg3.co
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
u.openx.net
eb2.3lift.com
g2.gumgum.com
45 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
pagead2.googlesyndication.com
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
45 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
www.bg3.co
tpc.googlesyndication.com
www.googletagservices.com
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
20 static.bg3.co www.bg3.co
17 usersync.gumgum.com g2.gumgum.com
eus.rubiconproject.com
15 ads.servenobid.com cdn.adpushup.com
contextual.media.net
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
eus.rubiconproject.com
14 s0.2mdn.net googleads.g.doubleclick.net
www.bg3.co
s0.2mdn.net
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
14 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
12 googleads.g.doubleclick.net pagead2.googlesyndication.com
cdn.ampproject.org
googleads.g.doubleclick.net
www.bg3.co
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
11 match.adsrvr.org 10 redirects cdn.adpushup.com
11 ib.adnxs.com 7 redirects googleads.g.doubleclick.net
cdn.adpushup.com
acdn.adnxs.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 www.google.com 1 redirects googleads.g.doubleclick.net
tpc.googlesyndication.com
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 pixel.rubiconproject.com 6 redirects www.bg3.co
9 contextual.media.net cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
9 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
9 us-u.openx.net 4 redirects googleads.g.doubleclick.net
u.openx.net
9 static.criteo.net ads.as.criteo.com
cdn.adpushup.com
static.criteo.net
8 sync.1rx.io 8 redirects
8 eus.rubiconproject.com cdn.adpushup.com
eus.rubiconproject.com
contextual.media.net
public.servenobid.com
g2.gumgum.com
8 pr-bh.ybp.yahoo.com 5 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
7 s.amazon-adsystem.com 4 redirects eb2.3lift.com
ssum-sec.casalemedia.com
www.bg3.co
6 b1sync.zemanta.com 6 redirects
6 an.yandex.ru 4 redirects www.bg3.co
6 ups.analytics.yahoo.com 6 redirects
6 prebid.a-mo.net 3 redirects cdn.adpushup.com
www.bg3.co
6 googleads4.g.doubleclick.net googleads.g.doubleclick.net
www.bg3.co
6 sync.mathtag.com 6 redirects
6 e3.adpushup.com www.bg3.co
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
cdn.ampproject.org
5 sync-tm.everesttech.net 5 redirects
5 ads.pubmatic.com contextual.media.net
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
5 www.googletagservices.com googleads.g.doubleclick.net
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
5 adservice.google.com.au securepubads.g.doubleclick.net
pagead2.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 image2.pubmatic.com ads.pubmatic.com
4 simage2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 4 redirects
4 match.prod.bidr.io 4 redirects
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
ssum-sec.casalemedia.com
public.servenobid.com
4 x.bidswitch.net www.bg3.co
eb2.3lift.com
contextual.media.net
4 sync.teads.tv 2 redirects googleads.g.doubleclick.net
4 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 c1.adform.net 2 redirects ads.pubmatic.com
3 rtb-csync.smartadserver.com ssbsync.smartadserver.com
3 aax-eu.amazon-adsystem.com 2 redirects www.bg3.co
3 x.yieldlift.com 1 redirects public.servenobid.com
ads.pubmatic.com
3 sync.targeting.unrulymedia.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 stags.bluekai.com 3 redirects
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 ap.lijit.com 2 redirects www.bg3.co
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 pix.as.criteo.net ads.as.criteo.com
3 ssbsync.smartadserver.com 2 redirects public.servenobid.com
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 sync.srv.stackadapt.com 3 redirects
3 pm.w55c.net 3 redirects
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 creativecdn.com 2 redirects
2 ad.360yield.com 2 redirects
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 cms.quantserve.com 2 redirects
2 secure.adnxs.com 2 redirects
2 gu.dyntrk.com 2 redirects
2 ce.lijit.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 cs.media.net contextual.media.net
2 p.rfihub.com 2 redirects
2 d.adroll.com ssum-sec.casalemedia.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tg.socdm.com 2 redirects
2 ad.turn.com 2 redirects
2 tr.blismedia.com 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
2 aplogger.adpushup.com cdn.adpushup.com
2 rtb2-useast.e-volution.ai 2 redirects
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 htlb.casalemedia.com cdn.adpushup.com
2 c.eu1.dyntrk.com 2 redirects
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 image4.pubmatic.com ads.pubmatic.com
1 cm.ambientdsp.com 1 redirects
1 pixel-us-east.rubiconproject.com 1 redirects
1 image6.pubmatic.com ads.pubmatic.com
1 bh.contextweb.com 1 redirects
1 match.deepintent.com g2.gumgum.com
1 sync.technoratimedia.com g2.gumgum.com
1 sync.ipredictive.com 1 redirects
1 csync.loopme.me ssbsync.smartadserver.com
1 visitor.omnitagjs.com 1 redirects
1 image8.pubmatic.com public.servenobid.com
1 sync.go.sonobi.com 1 redirects public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 dis.criteo.com contextual.media.net
1 cdn.indexww.com ssum-sec.casalemedia.com
1 c.bing.com eb2.3lift.com
1 js-sec.indexww.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 pixel.quantserve.com www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com cdnjs.cloudflare.com
1 csm.as.criteo.net ads.as.criteo.com
1 trace.mediago.io 1 redirects
1 google.dap.fw-ad.jp 1 redirects
1 dsp.adkernel.com 1 redirects
1 aid.send.microad.jp googleads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 im.bluevoox.com 1 redirects
1 y.one.impact-ad.jp googleads.g.doubleclick.net
1 ds.uncn.jp 1 redirects
1 ads.as.criteo.com googleads.g.doubleclick.net
1 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
1 d-18355537582446915420.ampproject.net cdn.ampproject.org
1 66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 www.bg3.co
0 simage4.pubmatic.com Failed ads.pubmatic.com
0 pippio.com Failed ads.pubmatic.com
0 sync.outbrain.com Failed g2.gumgum.com
457 144

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2022-10-19 -
2023-11-19		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-18 -
2023-01-15		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-10 -
2023-01-10		 3 months crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.send.microad.jp
GlobalSign RSA OV SSL CA 2018		 2022-10-05 -
2023-11-06		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
tr.blismedia.com
GTS CA 1D4		 2022-10-16 -
2023-01-14		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
loopme.com
R3		 2022-09-26 -
2022-12-25		 3 months crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ad-server.k8s.jp.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
x.yieldlift.com
R3		 2022-10-12 -
2023-01-10		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh

This page contains 74 frames:

Primary Page: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Frame ID: 699463F5EF9BFAB07429A89E8E82DAB5
Requests: 101 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 5FB5D71EE34D248914B52DF8F9E1860E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 14C60D9C42769B15E8A4CFAE59EA0E72
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: E5D8B3CDCA366FE1EADCD2A0EE1AF465
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 0DDE1311E71A565A4E36A4ABE9843111
Requests: 9 HTTP requests in this frame

Frame: https://430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E648FBE9CEF47B77344EFD2BA44C87B6
Requests: 1 HTTP requests in this frame

Frame: https://66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 2DA2DF47A90AF716097F360A72185DBB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Frame ID: B091F82D017CD46BF52932966EBC7040
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Frame ID: 1447B667048ED6614540C7917E52A5D6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-40128288522668978555&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3138&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=320005209&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&ga_hid=5209&dt=1666511305973&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&bdt=4870&dtd=101&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: A1083F4D142DE225BFFEA71F02B33835
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDOhePxAxix_InSATAB&v=APEucNWpD04tEMYI3R9v56HO2QqvaNLP_Ri5O9jFTs2vaXgSwaBGSYUORR7J8tiSB8yG80FrGdBndZRSDyKDWGfQo-CrQK90UQ
Frame ID: 71A32F08D81AB403AE2FF0D961E3FCF4
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Frame ID: 22CE9CF673624E7CD79F618E8ECA0032
Requests: 14 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: FA13D85EA1A18E65E403F0D9857B8BEF
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F042CD796CA6B7A792A24220BD414103
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 138B566E5D1643C81A5447F24379C247
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 22FD96281DE4B7CD0D37530E504BBB4A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77BC9462A3A1791D0800C0E5DAF79AC0
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AFF397CCE24E8EA9FC073587DDAFC33C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2D907BA8B1759505F947E2EE21126B63
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 439447064BED9A3EE7F3B1362C1E8115
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: DB124DE8BA69C010038370C13955AEB7
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52704CA6B436E76CBE2DAE747D99452A
Requests: 2 HTTP requests in this frame

Frame: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: E6A49FC841F4C3C36E0242436BEECF44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: BD95A6158293F90C67A1299038F94A9E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A1E7C0C533CD554E349B512CB74CA396
Requests: 2 HTTP requests in this frame

Frame: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 55F294EF0ED92F09E05450397207E0B8
Requests: 15 HTTP requests in this frame

Frame: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 85FCEA95169259E0D4CE24269EC1869E
Requests: 15 HTTP requests in this frame

Frame: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 841329AC9F5FE7832A5723D2002C36E8
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVX4eXiJ8h_2JsFYTm4SczWGHtjNNUll39rIVubCYgvNfySG0LnMoS9LofZrbRe24iC_1PHxZ7aMmfBIpq6ZTHLuYpOtw
Frame ID: 3824E0BBDC3A081739F437029771C0B8
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXyRQvJbuPx-Ehd0RcE0hhWc2wBWDSnrU71AYZWSxZ-xviKUzl58cxsnhajriVmgSNrhoUrVfpbtS-RyQR2n-DCwsnkvw
Frame ID: 0CBCFDA5BB2D6568FB600F20EDA807FE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Frame ID: 46A9AF07AD2C51BD54D8B94B6029726E
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5ABFF03B639FE3339BFD6F84BE39193E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 89676315C5F42834D6A0C050D1554259
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 79F3964B263C8CA681A5DF6AB35D71E3
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C3565FAB1BCD9A089FA3A26D1484B808
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 1E9E2E56A33697773396022A8FBBE15B
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
Frame ID: C298CC9E2FA805F30F96278560D90307
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Frame ID: B8D2241B154F4E905071C98D451C439D
Requests: 9 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1666511308352
Frame ID: 036F3B9A5E352B8DB0943D2CE1C57DF7
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 08DFC86592D61D8FF96B7771BEC7713B
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: C4F25AE86874E1B45BA3791A7DD37E5F
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A0908CF5274C62E30CB79D93B1EF6220
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 421C4F585D6C0A992D1B01F0B1469737
Requests: 14 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 7D935B8585F154C08201C35027FFBB39
Requests: 13 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 89067FBB5A9E51E0A6648C587F549702
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 3CBE4936549AB75B5CEED427597B583C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 8E7824482BFB1882E3040F96E9B09697
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 14A2B0CE4D36ECF6B12F7A686675A66A
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=rkt&refUrl=&vid=65113134353095129136830460000V10&ovsid=2019090386969966868
Frame ID: 7468A9E6B3B58DD4AE3BF74C9E42A98F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dpba%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3DPM_UID
Frame ID: 01ECDAE207353EF89876C7746F1DAF5F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 046D306B881CCC2E180E112843B86100
Requests: 11 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 44F13BC1E86FD608085645A3D63B169D
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 198F05F3113D5280D4AD7437A5FA2BF8
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: F700F85AE772047640C67D3501F61C62
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 76E77E67A7D4F0641F135BEC39B79877
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 4077B5C16FC54E34A1C5D5668E5479BE
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 709269227D066EE2FF29DC6DA4F15856
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Frame ID: 464B16AE4A46858960FBBBA860DAD691
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr
Frame ID: 9384A60DE0663F603FAA339BC58F7077
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wY2IyYTQ5Yy1hMDRiLTQwYTMtYTJkNi1jYzk4YjJiNDZmMTM=&gdpr=0&gdpr_consent=
Frame ID: 25121D8380E6C393C6A676231550D820
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 439B827D5F1FC0217EA4EC7E35761595
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=8181f220-b174-4e80-bb88-6a1af451a19c
Frame ID: 4B67BC199D50D515CE0836A18CD160A5
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 914B5CF5D3E52CCA66B86C4D3546490F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y1Tx0sCo5s4AAP-RI-kAAAAA
Frame ID: EFD3C3FBDC891C9BA58240C22E130A01
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Frame ID: 3615E74455BAEBAA4117B4BB43E67ECA
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=nQY4NTO02CTjkxQH6l62&pi=gumgum&tc=1
Frame ID: FB74F93115484154ABFFB73BD709D21D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 37FA487BF535816A705803928ED52311
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=49EB46CE-63BE-4527-A579-DABE1267F1AD
Frame ID: 361C240603499E6C82CC57B6DD1FFEA2
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Frame ID: 83528ABFC9DF13062887ACE4EBB65067
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=
Frame ID: EC016A2A87E5B0658E96D7D4AED193A6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DsQfW17GSQoVlktcCJMHDlrESQoVxx5bD8dhmhgJ
Frame ID: CB80BF1C1C797767DC8C76450342D711
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xjcu2tif0gw
Frame ID: E39E8F1CD916A258B5EBE341880B716E
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6432641794665890972&gdpr=0&gdpr_consent=
Frame ID: 4E4FDDA80E2FEDB0EC747C099EFE7FEA
Requests: 1 HTTP requests in this frame

Frame: https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=49EB46CE-63BE-4527-A579-DABE1267F1AD
Frame ID: 9522AB113BCB41AB57B607301B072AF3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

金鐘獎/吳慷仁「粉紅條紋衫」有洋蔥! 後臺約見女友邵雨薇 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

457
Requests

75 %
HTTPS

0 %
IPv6

90
Domains

144
Subdomains

97
IPs

10
Countries

3194 kB
Transfer

8730 kB
Size

81
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 105
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cver=1&google_push=AZmPxg_AEJcwbqkitJR3-8LfpsBFbU5QlAOpWzSKxPs66VrED0YtkFEVzHFFZeju_wyfX62EQFkwZxQFV4ERSgRwNfeX-dHkvb7t4BnIkCpMlToqU1PXuP6Apdt-QAsNKHhV0-gYHv0aFA HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cver=1&google_push=AZmPxg_AEJcwbqkitJR3-8LfpsBFbU5QlAOpWzSKxPs66VrED0YtkFEVzHFFZeju_wyfX62EQFkwZxQFV4ERSgRwNfeX-dHkvb7t4BnIkCpMlToqU1PXuP6Apdt-QAsNKHhV0-gYHv0aFA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anY0ZTJWbkwxT012SUQ1&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cver=1&google_push=AZmPxg_AEJcwbqkitJR3-8LfpsBFbU5QlAOpWzSKxPs66VrED0YtkFEVzHFFZeju_wyfX62EQFkwZxQFV4ERSgRwNfeX-dHkvb7t4BnIkCpMlToqU1PXuP6Apdt-QAsNKHhV0-gYHv0aFA
Request Chain 106
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELN31CYLN3gq2RswAhxVrVY&google_cver=1&google_push=AZmPxg_Q7ol2uzHqX9qC5KZd0_uzn0d8yp0T9yiPNCdBVIGZLPfVQfMRsWhuCqagYv0zX1WHn_L3gxx1GPW4Ezv-I3Q4EubEBU9Q1TuqeYZn9_PsMAYIeFJwvaEWX-bGxqHOyMG75yOgZzI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_Q7ol2uzHqX9qC5KZd0_uzn0d8yp0T9yiPNCdBVIGZLPfVQfMRsWhuCqagYv0zX1WHn_L3gxx1GPW4Ezv-I3Q4EubEBU9Q1TuqeYZn9_PsMAYIeFJwvaEWX-bGxqHOyMG75yOgZzI
Request Chain 107
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELp18JYAKq5DyBwF8tSZnK0&google_cver=1&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791mn3ggbCg_nyFaEUC-RIQU_dW461kLIm-MNGN-QJsj_kzQ9CWU3KyPYBM2X_0A HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELp18JYAKq5DyBwF8tSZnK0&google_cver=1&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791mn3ggbCg_nyFaEUC-RIQU_dW461kLIm-MNGN-QJsj_kzQ9CWU3KyPYBM2X_0A&prevuid=05030001_6354f1cc0e4d9&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791mn3ggbCg_nyFaEUC-RIQU_dW461kLIm-MNGN-QJsj_kzQ9CWU3KyPYBM2X_0A&google_hm=MDUwMzAwMDFfNjM1NGYxY2MwZTRkOQ%3D%3D
Request Chain 108
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEL4ixpSIU1nau_Sz2F6ZI5E&google_cver=1&google_push=AZmPxg-tuEyOKZ29V994MBrhU_yQeHWZAOEpFKVp_77vvTwzY_nqEQOXyWoaO3MnmKqoFFr_KNJJXGDZdnFsNYvxz7z7YN9_CXV1u0IqGDzDZkUxNln5_Mxoc03kaes6ZYQ1rSPy1AkAqIQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=f_U_VywjTiR_Dlvjn41Uza310XA&google_push=AZmPxg-tuEyOKZ29V994MBrhU_yQeHWZAOEpFKVp_77vvTwzY_nqEQOXyWoaO3MnmKqoFFr_KNJJXGDZdnFsNYvxz7z7YN9_CXV1u0IqGDzDZkUxNln5_Mxoc03kaes6ZYQ1rSPy1AkAqIQ
Request Chain 109
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEK121FJ8L5EuQZVaY9Oeb4o&google_cver=1&google_push=AZmPxg_cbg_h3VvuPYxO4y5Wl2mqfebJXZHgY3lQXRaw3PevGCKoKr2wq6RPNjDcjDQQglgZJEzy42vXjgjo_0NnjggrHjc1ykVpWmgVSj-vlLSaa09YWNAF0r2I2vaX869sw4oFm4x_LS0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_cbg_h3VvuPYxO4y5Wl2mqfebJXZHgY3lQXRaw3PevGCKoKr2wq6RPNjDcjDQQglgZJEzy42vXjgjo_0NnjggrHjc1ykVpWmgVSj-vlLSaa09YWNAF0r2I2vaX869sw4oFm4x_LS0&google_hm=AefteoCf10q2oObO2W4nWxg
Request Chain 111
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBhLtQBk37z29anVmD4WlO0&google_cver=1&google_push=AZmPxg8r4mKAO8KQ4CpK4YvgeXkdgtrJiGif7iew_I2o2PsZpwtRIi9h6XJSjUJ5NL9IYhrMb-c45PWWsQJIS6YYkW1pCfNpJ5mxhb_ZLtdYVTWuk7Bd58rH2rY13X1ZvA22pViBJfZe55Jo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8r4mKAO8KQ4CpK4YvgeXkdgtrJiGif7iew_I2o2PsZpwtRIi9h6XJSjUJ5NL9IYhrMb-c45PWWsQJIS6YYkW1pCfNpJ5mxhb_ZLtdYVTWuk7Bd58rH2rY13X1ZvA22pViBJfZe55Jo&google_hm=QlMuZGUxNC0zMzU1LTQ3MDctYTkwOA==
Request Chain 114
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1&C=1
Request Chain 115
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1TxzCpMEbR5cQvGHSaiOwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1
Request Chain 116
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIY_ykmQcqWBXqro3KTJLkI&google_cver=1 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIY_ykmQcqWBXqro3KTJLkI%26google_cver%3D1
Request Chain 117
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1ODA0MjIyMDUxMTgyMTYzNA%3D%3D
Request Chain 160
  • https://um.simpli.fi/gp_match?google_gid=CAESEPfQP9OeQ-A-fNs3NA8zMuw&google_cver=1&google_push=AZmPxg914q3vxG6AaILXaNGhn4YnJF9rT41gkCy8rmrVwzIBEbfWx7a5pjlsA5f9UmKj8gXhiZS85XEBZxl7crTpldejcsxfAIj6diQZEdsykuugVPmtiA3Sa9hdaOCJWPecF8lpOIkhbrN-4wLupTsu6A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F57B823842704DEC82B8DCFA07ADE4AE&google_push=AZmPxg914q3vxG6AaILXaNGhn4YnJF9rT41gkCy8rmrVwzIBEbfWx7a5pjlsA5f9UmKj8gXhiZS85XEBZxl7crTpldejcsxfAIj6diQZEdsykuugVPmtiA3Sa9hdaOCJWPecF8lpOIkhbrN-4wLupTsu6A
Request Chain 162
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECnFy3RqXiBPAeM6sMrUz0Q&google_cver=1&google_push=AZmPxg9tcHtff9UVVOptH4e4cTfpMENHMN_WAn1LqRolmrl24blsdrS18c_3pejW0m1icBbrIMt4jeg1r9XBBqcgsbF5sgag0OcDrUdftrJHheypEVjZQi67bLjYi_7BH8Ng_4yqlNvJueNQs40A1Tfq_2o HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg9tcHtff9UVVOptH4e4cTfpMENHMN_WAn1LqRolmrl24blsdrS18c_3pejW0m1icBbrIMt4jeg1r9XBBqcgsbF5sgag0OcDrUdftrJHheypEVjZQi67bLjYi_7BH8Ng_4yqlNvJueNQs40A1Tfq_2o&google_hm=MjE5MTk3MzEwNDU3MDA3MTQ%3D
Request Chain 163
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMIN6jV0LirURZSuimBSSdQ&google_cver=1&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE_i5xCYFyl3MUDtIcI8iXwIfve9BzLVIteg2c_-S4tOEDjiEZhyDo0pwia_wsNQwjWI6lWb34TOY HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMIN6jV0LirURZSuimBSSdQ%26google_cver%3D1%26google_push%3DAZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE_i5xCYFyl3MUDtIcI8iXwIfve9BzLVIteg2c_-S4tOEDjiEZhyDo0pwia_wsNQwjWI6lWb34TOY HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4471303157650948019&exchange=193&google_gid=CAESEMIN6jV0LirURZSuimBSSdQ&google_cver=1&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE_i5xCYFyl3MUDtIcI8iXwIfve9BzLVIteg2c_-S4tOEDjiEZhyDo0pwia_wsNQwjWI6lWb34TOY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0NzEzMDMxNTc2NTA5NDgwMTk&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE_i5xCYFyl3MUDtIcI8iXwIfve9BzLVIteg2c_-S4tOEDjiEZhyDo0pwia_wsNQwjWI6lWb34TOY
Request Chain 164
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEFdkWW8frzF3KckPi691bRM&google_cver=1&google_push=AZmPxg_JXqURAhEvL2vbvAJ5clHtuHW-6IPikK523IlAUa76wa4fyEBfkeNuDBgRDXHTz6uuQW7DZECAU964iTpl0kTeft-aWxHCkgXmoxN0hAOn4r8Rqx2QcTX2NftrGNUvxoD7q-D7VAVQOpGM3IVBZIFq HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg_JXqURAhEvL2vbvAJ5clHtuHW-6IPikK523IlAUa76wa4fyEBfkeNuDBgRDXHTz6uuQW7DZECAU964iTpl0kTeft-aWxHCkgXmoxN0hAOn4r8Rqx2QcTX2NftrGNUvxoD7q-D7VAVQOpGM3IVBZIFq&google_hm=NmRmYmRkZDEtNmEyOC0zMTBiLWFjMjMtMWVlYzNiNTYyM2Qw
Request Chain 165
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKW3u42JOqkUBk65It-5vV8&google_cver=1&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0QmoUzjNTz5NAxGc5-TEuRAyOORM1xhomIH4FagZcI6HVEe77YIRm4MRUH_rwr6fFNfpre2EEbtablbRFlXz HTTP 302
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKW3u42JOqkUBk65It-5vV8&google_cver=1&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0QmoUzjNTz5NAxGc5-TEuRAyOORM1xhomIH4FagZcI6HVEe77YIRm4MRUH_rwr6fFNfpre2EEbtablbRFlXz&verify=true HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iQkp4MEhwRTJ1R0xRZjllMmpTWVhMY1gxZmNOeEU0cn5B&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0QmoUzjNTz5NAxGc5-TEuRAyOORM1xhomIH4FagZcI6HVEe77YIRm4MRUH_rwr6fFNfpre2EEbtablbRFlXz
Request Chain 166
  • https://trace.mediago.io/cs/google?google_gid=CAESEKZpisZ1XB3CbeJuHrK7PC4&google_cver=1&google_push=AZmPxg_IzvaB8DvXAmM5inpwBy4SW6VlCnJqBzL_yD_m-g6Z2tHxMkeoanTsDCdIfxQyGDEaOt8qUzarsZSB5ZrKnmxXcDV6_Is8gSD5z93kU4ZrcAIeIV9mUAdsSj8hukgIFoYnkgcVbhOj0HBKmA8Iggg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_IzvaB8DvXAmM5inpwBy4SW6VlCnJqBzL_yD_m-g6Z2tHxMkeoanTsDCdIfxQyGDEaOt8qUzarsZSB5ZrKnmxXcDV6_Is8gSD5z93kU4ZrcAIeIV9mUAdsSj8hukgIFoYnkgcVbhOj0HBKmA8Iggg&google_hm=2d58beb1a849dee42b783414dfe7a209
Request Chain 238
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
Request Chain 239
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
Request Chain 240
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
Request Chain 241
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
Request Chain 242
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
Request Chain 243
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
Request Chain 245
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
Request Chain 259
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 279
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHL2FyuNLxb1dXiyZl1LMIU&google_cver=1&google_push=AZmPxg9W08r8MlqXJjbJARJy-T27x-vRSoxJo4I2-l6FGTAATV96BSkK1BLPy_9IVpFbqV3e-61i1to26RRvRjnLTfztGw51h3Jo_g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9W08r8MlqXJjbJARJy-T27x-vRSoxJo4I2-l6FGTAATV96BSkK1BLPy_9IVpFbqV3e-61i1to26RRvRjnLTfztGw51h3Jo_g&google_hm=Nzg4ODQ2MzQyNjM0MDE2NzkxNg%3D%3D
Request Chain 280
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?ext-param=AZmPxg8Iio87n9aNK6XswPpIaMfFCiFQTwbytoQXacnGwNZ7vqa91kDXgRwOD72k9CBkPjOLv653XjGvV6iaCB-OTyEr9geVagU-Sg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?redir-setuniq=1&ext-param=AZmPxg8Iio87n9aNK6XswPpIaMfFCiFQTwbytoQXacnGwNZ7vqa91kDXgRwOD72k9CBkPjOLv653XjGvV6iaCB-OTyEr9geVagU-Sg&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAR_JwGLzErh-q25mOn7Py4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 284
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHL2FyuNLxb1dXiyZl1LMIU&google_cver=1&google_push=AZmPxg-dy9faLrsVBfwy63elvhq2T1KiBw01ST5f3Dj7Q-0fgkMrFre0S_A89z4YthuRyUJBOF4nFdWmdRPjQqUkaCwVH8yaexGfV15Ja6NO92j7zcCmVgRSpRtqdaOvBODvGorEabs3GUuhs33gyrlTig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-dy9faLrsVBfwy63elvhq2T1KiBw01ST5f3Dj7Q-0fgkMrFre0S_A89z4YthuRyUJBOF4nFdWmdRPjQqUkaCwVH8yaexGfV15Ja6NO92j7zcCmVgRSpRtqdaOvBODvGorEabs3GUuhs33gyrlTig&google_hm=Nzg4ODQ2MzQyNjM0MDE2NzkxNg%3D%3D
Request Chain 285
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?ext-param=AZmPxg-PLsaJdWQ-Jy1ki57U0N3lfGDeQRMDV2P1Y8mitREEHJUTzFpA2IHPC9wa5kY0eMersgZTjY0oO21vwS2lp8V3AIChVsragf8a3LCXcqvSGzfH2s9OkbRwDXS8donVz96a86qVEyjhlK_KCKjUNHaY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?redir-setuniq=1&ext-param=AZmPxg-PLsaJdWQ-Jy1ki57U0N3lfGDeQRMDV2P1Y8mitREEHJUTzFpA2IHPC9wa5kY0eMersgZTjY0oO21vwS2lp8V3AIChVsragf8a3LCXcqvSGzfH2s9OkbRwDXS8donVz96a86qVEyjhlK_KCKjUNHaY&partner-tag=yandex_ag&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAR_JwGLzErh-q25mOn7Py4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif HTTP 302
  • https://an.yandex.ru/resource/spacer.gif
Request Chain 305
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 311
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=33df9250-78ac-4ebd-a2de-f284803e48fc HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A&gdpr=0&gdpr_consent=
Request Chain 312
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1---
Request Chain 313
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=33df9250-78ac-4ebd-a2de-f284803e48fc&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=33df9250-78ac-4ebd-a2de-f284803e48fc&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e63cc242-f8e2-4c4a-963c-648969a8ff0e&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525123437749381604&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525123437749381604&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dcbff5eb-81f6-43c7-8173-cfd68dde1ea5&ssp=adaptmx&gdpr_consent=&gdpr=0 HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525123437749381604&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231963304313004792488&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525123437749381604&ssp=adaptmx&gdpr=0&gdpr_consent=
Request Chain 314
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D33df9250-78ac-4ebd-a2de-f284803e48fc&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1051%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zM2RmOTI1MC03OGFjLTRlYmQtYTJkZS1mMjg0ODAzZTQ4ZmM%253D%26uid%3D%24UID
Request Chain 316
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8272855404275733541&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 317
  • https://match.adsrvr.org/track/cmf/openx?oxid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/openx?oxid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8181f220-b174-4e80-bb88-6a1af451a19c&ttd_puid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0&gdpr_consent=
Request Chain 318
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1Tx0cCo5s4AAP-RIfcAAAAA
Request Chain 319
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbEcPFqwNvx6ks8ADv_jCDJdm88AAAGEA9Ca1g
Request Chain 321
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
Request Chain 333
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8181f220-b174-4e80-bb88-6a1af451a19c&dongle=0cfd
Request Chain 334
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE1NjY0MDUzMzYxMzk2MDgyMzg0Mw%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 335
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPxPBxWKwU0L5FFjWvCJPWY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 336
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE1NjY0MDUzMzYxMzk2MDgyMzg0Mw%3D%3D
Request Chain 337
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1156640533613960823843&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1156640533613960823843&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=802632e4-dfd2-4113-84a9-3d8416f7ed9a&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=802632e4-dfd2-4113-84a9-3d8416f7ed9a&_noobservation=1&_expected_cookie=9b84b955ac0d8384f9f868c93917ff66
Request Chain 339
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1156640533613960823843?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-of_QYoBE2oS6pnGjE8ReUyA16usndGLnavhr6.mwaQ--~A&dongle=0883
Request Chain 340
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1156640533613960823843 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1156640533613960823843&dcc=t
Request Chain 342
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=mYmPRxfDKsrl9BtvdO9l&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVMW2UCSPBTEIS3TOJWDSQTUOZSE6OLM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVMW2UCSPBTEIS3TOJWDSQTUOZSE6OLM HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mYmPRxfDKsrl9BtvdO9l
Request Chain 343
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8181f220-b174-4e80-bb88-6a1af451a19c&expiration=1669103313&gdpr=0&gdpr_consent=
Request Chain 344
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&dcc=t
Request Chain 345
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFWZEsQTSNbM5k9ahgLTb9c&google_cver=1
Request Chain 347
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
Request Chain 348
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7a246354-f1cb-4200-9264-77f3fea74251
Request Chain 350
  • https://sync.srv.stackadapt.com/sync?nid=68 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=f_U_VywjTiR_Dlvjn41Uza310XA
Request Chain 355
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 356
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Drkt%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=rkt&refUrl=&vid=65113134353095129136830460000V10&ovsid=2019090386969966868
Request Chain 358
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dapx%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=apx&refUrl=&vid=65113134353095129136830460000V10&ovsid=6432641794665890972
Request Chain 359
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dopx%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=opx&refUrl=&vid=65113134353095129136830460000V10&ovsid=870012a2-5fcf-43c1-9471-bc959da8ec73
Request Chain 360
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dmma%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=mma&refUrl=&vid=65113134353095129136830460000V10&ovsid=7a246354-f1cb-4200-9264-77f3fea74251
Request Chain 361
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dr1%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dr1%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%5BRX_UUID%5D&cb=1666511313933 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6948722242 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8181f220-b174-4e80-bb88-6a1af451a19c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA5NTEyOTEzNjgzMDQ2MDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGz7Zy96SJzHiJ0ef8BHzok&google_cver=1
Request Chain 363
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Ddxu%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=dxu&refUrl=&vid=65113134353095129136830460000V10&ovsid=jv4e2VnL1OMvID5
Request Chain 366
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dzem%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=bEXzBJIyPKQ3z_uqBpbn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLCIVMHUQSKJF4VAS2RGN5F65LRIJYGE3RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DKMJRGMYTGNBTGUZTAOJVGEZDSMJTGY4DGMBUGYYDAMBQKYYTAJTWONUWIPJTGA4TKMJSHEYTGNRYGMYDINRQGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLCIVMHUQSKJF4VAS2RGN5F65LRIJYGE3RGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU3DKMJRGMYTGNBTGUZTAOJVGEZDSMJTGY4DGMBUGYYDAMBQKYYTAJTWONUWIPJTGA4TKMJSHEYTGNRYGMYDINRQGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=bEXzBJIyPKQ3z_uqBpbn&refUrl=&type=zem&vid=65113134353095129136830460000V10&vsid=3095129136830460000V10
Request Chain 367
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3095129136830460000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3095129136830460000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=6bb94706-1861-4a24-9606-0dbc82bd842d&cs=1
Request Chain 369
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8181f220-b174-4e80-bb88-6a1af451a19c
Request Chain 375
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 377
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1YN-
Request Chain 378
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=6432641794665890972
Request Chain 379
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FhyUCRZH617-XMg1RvqO2y5t
Request Chain 380
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FhyUCLZHImP2eqNJQAKlddPI
Request Chain 381
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=030fd5ab-a680-4afc-9da0-aa306c6b1c16
Request Chain 382
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666511313933 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=797513429 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/8181f220-b174-4e80-bb88-6a1af451a19c HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
Request Chain 383
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394487628131
Request Chain 384
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=3712868a-14aa-4979-9d44-5db28d438993
Request Chain 385
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F272%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dappnexus%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/0/272?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=33df9250-78ac-4ebd-a2de-f284803e48fc&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=6432641794665890972 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F272%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D33df9250-78ac-4ebd-a2de-f284803e48fc%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Request Chain 386
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
Request Chain 387
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-c12c0b2b-2cd6-3eb7-8dcc-dacdd4c35199&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYzEyYzBiMmItMmNkNi0zZWI3LThkY2MtZGFjZGQ0YzM1MTk5MgIMBjgB HTTP 302
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FhyUCRZH617-XMg1RvqO2y5t&r=Cid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYzEyYzBiMmItMmNkNi0zZWI3LThkY2MtZGFjZGQ0YzM1MTk5MgIMBjgB HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYzEyYzBiMmItMmNkNi0zZWI3LThkY2MtZGFjZGQ0YzM1MTk5MgIMBjgC%26buyeruid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1882%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dindex_rtb%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFqTVRKak1HSXlZaTB5WTJRMkxUTmxZamN0T0dSall5MWtZV05rWkRSak16VXhPVGtxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFl6RXlZekJpTW1JdE1tTmtOaTB6WldJM0xUaGtZMk10WkdGalpHUTBZek0xTVRrNU1nSU1CamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D HTTP 302
  • https://prebid.a-mo.net/cchain/0/1882?gdpr=0&gdpr_consent=&us_privacy=&A=33df9250-78ac-4ebd-a2de-f284803e48fc&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFqTVRKak1HSXlZaTB5WTJRMkxUTmxZamN0T0dSall5MWtZV05rWkRSak16VXhPVGtxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFl6RXlZekJpTW1JdE1tTmtOaTB6WldJM0xUaGtZMk10WkdGalpHUTBZek0xTVRrNU1nSU1CamdDJmJ1eWVydWlkPQ%3D%3D&uid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975 HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F1882%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFqTVRKak1HSXlZaTB5WTJRMkxUTmxZamN0T0dSall5MWtZV05rWkRSak16VXhPVGtxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFl6RXlZekJpTW1JdE1tTmtOaTB6WldJM0xUaGtZMk10WkdGalpHUTBZek0xTVRrNU1nSU1CamdDJmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID HTTP 302
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkq3gNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMi8xODgyP2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9JkE9MzNkZjkyNTAtNzhhYy00ZWJkLWEyZGUtZjI4NDgwM2U0OGZjJmJpZGRlcj16ZXRhJmNieD1hSFIwY0hNNkx5OXpjM0F1WkdsemNYVnpMbU52YlM5dFlYUmphRDlpYVdSa1pYSTlOaVp5UFVOcFpERlpVekZxVFZSS2FrMUhTWGxaYVRCNVdUSlJNa3hVVG14WmFtTjBUMGRTYWxsNU1XdFpWMDVyV2tSU2FrMTZWWGhQVkd0eFZUSm9NR1JJUW5wUGFUaDJXVmRTZWt4dVRteGpibHBzWW0wNWFXRlhVWFZaTWpsMFRETk9OV0p0VFY5alIyeHJVRlJOTUU1cFdqRmhWMUU1WkZkRmRGbDZSWGxaZWtKcFRXMUpkRTF0VG10T2FUQjZXbGRKTTB4VWFHdFpNazEwV2tkR2FscEhVVEJaZWsweFRWUnJOVTFuU1UxQ2FtZERKbUoxZVdWeWRXbGtQUSUzRCUzRCZ1aWQ9dWEtYzEyYzBiMmItMmNkNi0zZWI3LThkY2MtZGFjZGQ0YzM1MTk5MgESOAE=
Request Chain 388
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
Request Chain 389
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRkMGE2YzQxZmRjNmZkZjdiZjVhZjIwNWYwOTcxYTUxZjY4ZWE4Yg
Request Chain 390
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8181f220-b174-4e80-bb88-6a1af451a19c&gdpr=0&gdpr_consent=&expires=30
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEX2jz_XWcV-BScGrWnnH6Y&google_cver=1
Request Chain 392
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wj0mMdM4sG8ZoOIFUIZPu8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7888463426340167916
Request Chain 393
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9L1SZ9R-28-2M6N
Request Chain 394
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMMVNaOVItMjgtMk02Tg==
Request Chain 395
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GjWoNnBdSZOJTsvS0BhdDg&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GjWoNnBdSZOJTsvS0BhdDg
Request Chain 396
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OxXrHjNTQLW6G-K48Wfu2g&rk=usync-other HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxXrHjNTQLW6G-K48Wfu2g
Request Chain 399
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=05030001_6354f1cc0e4d9&knw=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_6354f1cc0e4d9&gdpr=0&gdpr_consent=
Request Chain 400
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7237976742445119844&gdpr=0&gdpr_consent=
Request Chain 401
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=042f2c9b4dc19b9bb2a78afa0cd4ab39&gdpr=0&gdpr_consent=0
Request Chain 403
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6432641794665890972
Request Chain 404
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
Request Chain 405
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1Tx0gACgf-GIgAO HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1Tx0gACgf-GIgAO&_test=Y1Tx0gACgf-GIgAO
Request Chain 406
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8272855404275733541
Request Chain 408
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YXIP6DFwWbl6IFvvZyUXvTVyWbl6cQ7oYHEvf1fO
Request Chain 409
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
Request Chain 410
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Request Chain 412
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=6432641794665890972
Request Chain 413
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e63cc242-f8e2-4c4a-963c-648969a8ff0e HTTP 302
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e63cc242-f8e2-4c4a-963c-648969a8ff0e HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=94823392-6625-43f1-82ec-811eb4022886&user_group=1&ssp=gumgum2&bsw_param=e63cc242-f8e2-4c4a-963c-648969a8ff0e HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=e63cc242-f8e2-4c4a-963c-648969a8ff0e
Request Chain 414
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28qk2Svf6zDDyfjqa4Xz39TBtKd-oRGJ-B4ublPUajbRiq5Yfh5nTIeOIeGjhtN8iX%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28qk2Svf6zDDyfjqa4Xz39TBtKd-oRGJ-B4ublPUajbRiq5Yfh5nTIeOIeGjhtN8iX%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13&obuid=ENC(qk2Svf6zDDyfjqa4Xz39TBtKd-oRGJ-B4ublPUajbRiq5Yfh5nTIeOIeGjhtN8iX) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nQY4NTO02CTjkxQH6l62&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Request Chain 415
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=b811df4d-dcda-4177-9045-d216e7177fe9
Request Chain 416
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7ff53f57-2c23-4e24-7f0e-5be39f8d54cd$ip$173.245.209.112
Request Chain 417
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3j6aZKBE2pdpoj4MTYaGi9YROElBNRYY7LeB~A
Request Chain 418
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=c3f412b7-41c5-47c9-b509-1f6d780cd6d4
Request Chain 421
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=mYmPRxfDKsrl9BtvdO9l&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KZNVIFE6DGIRFXG4TMHFBHI5TEJ44WYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KZNVIFE6DGIRFXG4TMHFBHI5TEJ44WYJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mYmPRxfDKsrl9BtvdO9l&us_privacy=1---
Request Chain 422
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=a3dac7fc-a4ef-45b9-98ed-64963f28f296
Request Chain 423
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004&rndcb=4691924812 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e63cc242-f8e2-4c4a-963c-648969a8ff0e&google_hm=ZTYzY2MyNDItZjhlMi00YzRhLTk2M2MtNjQ4OTY5YThmZjBl HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENgmhz6PfWXRBFvnp3ncJu8&google_cver=1&ssp=adconductor&bsw_param=e63cc242-f8e2-4c4a-963c-648969a8ff0e HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/e63cc242-f8e2-4c4a-963c-648969a8ff0e?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
Request Chain 424
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=UC0EFDFN50up&ev=1&pid=558355
Request Chain 425
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=21919731045700714
Request Chain 429
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Request Chain 430
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr
Request Chain 433
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=8181f220-b174-4e80-bb88-6a1af451a19c
Request Chain 435
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1Tx0sCo5s4AAP-RI-kAAAAA
Request Chain 436
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Request Chain 437
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=nQY4NTO02CTjkxQH6l62&pi=gumgum&tc=1
Request Chain 438
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 440
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L9L1SZ9R-28-2M6N HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9L1SZ9R-28-2M6N
Request Chain 441
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L9L1SZ9R-28-2M6N HTTP 302
  • https://ads.servenobid.com/sync?pid=323&uid=L9L1SZ9R-28-2M6N
Request Chain 446
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=
Request Chain 448
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DsQfW17GSQoVlktcCJMHDlrESQoVxx5bD8dhmhgJ
Request Chain 449
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xjcu2tif0gw
Request Chain 450
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6432641794665890972&gdpr=0&gdpr_consent=
Request Chain 452
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SetGzmO-RSeledq-EmfxrQ%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 453
  • https://idsync.rlcdn.com/420486.gif?partner_uid=49EB46CE-63BE-4527-A579-DABE1267F1AD HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDQ5RUI0NkNFLTYzQkUtNDUyNy1BNTc5LURBQkUxMjY3RjFBRBAAGg0I0-PTmgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9b9020b919624e9f68633bead83ea84acaa742761c8b380542ff370ff7d83326791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5YjkwMjBiOTE5NjI0ZTlmNjg2MzNiZWFkODNlYTg0YWNhYTc0Mjc2MWM4YjM4MDU0MmZmMzcwZmY3ZDgzMzI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1OPTmgYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5YjkwMjBiOTE5NjI0ZTlmNjg2MzNiZWFkODNlYTg0YWNhYTc0Mjc2MWM4YjM4MDU0MmZmMzcwZmY3ZDgzMzI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1OPTmgYSBAgCEABCAEoA&google_gid=CAESEGGiB6APz-s51zBqMKIExdQ&google_cver=1
Request Chain 454
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a246354-f1cb-4200-9264-77f3fea74251
Request Chain 455
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDlFQjQ2Q0UtNjNCRS00NTI3LUE1NzktREFCRTEyNjdGMUFE&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 456
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH0l8f4N8Y2usaTCwYYU8XY&google_cver=1
Request Chain 459
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8181f220-b174-4e80-bb88-6a1af451a19c
Request Chain 460
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9L1SZ9R-28-2M6N HTTP 302
  • https://usersync.gumgum.com/usersync?b=mag&i=L9L1SZ9R-28-2M6N

457 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
www.bg3.co/a/ 		58 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
577ca3a56b65c020c9934ce3a0e2b516156bd07e77a30321ee2baca9b3f43da9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Oct 2022 07:48:20 GMT
ETag
"e642-O6E1QGvdUr8FTJithtK5f5vL3No"
Expires
Sun, 23 Oct 2022 08:48:20 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 23 Oct 2022 07:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72627
x-xss-protection
0
server
sffe
etag
"94dc74ec042f425a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 23 Oct 2022 07:48:21 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 23 Oct 2022 07:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9676
x-xss-protection
0
server
sffe
etag
"89bc2298b0b5dac0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 23 Oct 2022 07:48:21 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 23 Oct 2022 07:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7580
x-xss-protection
0
server
sffe
etag
"fa5fea1d25453090"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 23 Oct 2022 07:48:21 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 23 Oct 2022 07:48:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
etag
"4e6c8ca7bdbf4727"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 23 Oct 2022 07:48:21 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1632
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=39Lw6cmnKDlE01LyajWqTjN183TB2W%2Bu8Z%2FOnvnzg2Xa86tBzeGiN42zDlP5IUPH3txh7xJ0w4%2BXTkIDKMs%2B1YYu1ovL3p2BcabjedeD2XrzrPm3IU%2BbCh9pdNWbBL5EtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
75e8deb77b0fdfab-SYD

Redirect headers

location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
connection
close
content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		34 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.81 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-81.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:22 GMT
content-encoding
br
last-modified
Sun, 23 Oct 2022 07:00:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=12, origin; dur=231
x-cf-geodata
AU
content-length
9035
expires
Sun, 23 Oct 2022 08:48:22 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:22 GMT
content-encoding
br
last-modified
Wed, 05 Oct 2022 09:36:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=28
x-cf-geodata
AU
content-length
105274
expires
Sun, 23 Oct 2022 08:48:22 GMT
b1f06a7a381d090b7948b173c948fd3b.jpg
static.bg3.co/imgs/202106/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b1f06a7a381d090b7948b173c948fd3b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b67d2a1971b4c10db3e672e5498a949afc7f9b74d8185c99e7885490464bc6d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 08:28:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B1F06A7A381D090B7948B173C948FD3B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCMRUb%2FIMBtcPuOVKZ2uJ9i4%2FkP7KmtxksAsqHIv42BSr%2BdwAvvXle7nKJ9qna5jI09oH%2BkNfUcHGnzU%2BV4V7Rw0gz9uaDwWbwtexChW3%2F3PImCvJmCyZytD6tZPZNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bbfa880-SYD
content-length
5578
expires
Sun, 30 Oct 2022 07:48:22 GMT
e0e8577408832414227153330875dbf1.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e0e8577408832414227153330875dbf1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
95587f2b50d861a10874e37db683d0ff82a3632ecc3fceaf38908c6ff74e8dfd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 01:08:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E0E8577408832414227153330875DBF1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wk1PC2rWVV8K3V2j6p2Wqu3zFjhn2kU6YtjiSbvtXFkI2xhLMY1Zf1Zx8h2BVDiisKMnl%2F5GJYz6Gof1R2ib30w9MxLbSUL8uvgcBcrtp1X%2B5G%2FbYArknUDFGHkW%2FOU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb92c25a880-SYD
content-length
5771
expires
Sun, 30 Oct 2022 07:48:23 GMT
60e6d2c4782b8e6154efa86b878ddb43.jpg
static.bg3.co/imgs/202110/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202110/60e6d2c4782b8e6154efa86b878ddb43.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cc0f4bbddf36ccaddb0de4bc1a744df980de2b85404534c99c9d324e3144d00

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
cf-cache-status
MISS
last-modified
Mon, 11 Oct 2021 13:28:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"60E6D2C4782B8E6154EFA86B878DDB43"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oaSuZCBlOJDeLSmDASsYVM881VwOaHgfZlvKt9tDICf81KiV3wMQh1ZxpTVqvWt1Tw7J9303VBzYDXq0EiTzjWm%2BUgVRQP0kJ3qDXPK3Tw28%2F59mrZqva0qxU%2BCeT7g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bc1a880-SYD
content-length
7319
expires
Sun, 30 Oct 2022 07:48:22 GMT
f0dc996e205b5d5d828a1a6869bc929f.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f0dc996e205b5d5d828a1a6869bc929f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca3770f50e897a311552432d00b7fdbee35c687f8a86f39e212bc8d1e8e45c01

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 12:18:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F0DC996E205B5D5D828A1A6869BC929F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3h5wiKeu%2FrmPWBiCyCXVOhm0YF3g%2FeimeIf2zT64I%2Bw%2BS427TsAE3g7Bd%2Br3GNVQpBP5IcfewLL8PCpvBFUWrbtEnUn%2FoXpcQT2WqgfRkNW7iAlGQ8TW14iaz2oZbeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bb9a880-SYD
content-length
8201
expires
Sun, 30 Oct 2022 07:48:22 GMT
f39b8e6f18e4cbd54cf75cd92a264fd6.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f39b8e6f18e4cbd54cf75cd92a264fd6.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25e54e7e5f83935a72e5303f00da83d4b6297daec8d99eb6cc6846580794ad92

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 10:56:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F39B8E6F18E4CBD54CF75CD92A264FD6"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sskIk2Hgje%2FBakS6UBhSHm2pFRZbXpQfeoyY1mbL9AZFBp0xToYi5Jv2q0MyAKpl0dOHnp4gDY%2F91vpSo710CW8g9%2BtfpsDdH3QC1IUyM%2BSP9wbGwLYVx929QYQL7Xg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bbaa880-SYD
content-length
2918
expires
Sun, 30 Oct 2022 07:48:22 GMT
f26ad64ea2f308ef973ca465fa1670a3.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/f26ad64ea2f308ef973ca465fa1670a3.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c90d03e0885743e79960670428d8bd08c277ab00ed9ef8b398a38b0b58cd4554

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 09:26:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F26AD64EA2F308EF973CA465FA1670A3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AcAtTNraUBlSgmSjRUHLZb80sGomRGHJVOm94x7VIA%2BAnDLy2BLpzZhuWRf6%2F%2FTBfH6BRA9jMjAYJYShmVJ3ApcTGsIHFpBYQpjHBtJMQjZA%2ByOeKqO1i8oh725fAv8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bbea880-SYD
content-length
10716
expires
Sun, 30 Oct 2022 07:48:23 GMT
502563e5c1568c24e967e21896bf0b73.jpg
static.bg3.co/imgs/202203/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202203/502563e5c1568c24e967e21896bf0b73.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56e325573230c206a08820c195546b6a0af94e50126a9febb54f300b8b9d161a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
cf-cache-status
MISS
last-modified
Sat, 26 Mar 2022 13:07:38 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"502563E5C1568C24E967E21896BF0B73"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vcbaaJZfbVatX%2FiF%2FasZNNUOjc9qtmFj0T%2FPaODqtBLYk65oeH2msS1IsbsCeXw%2BCLyAVrywKhmmqkfpfwhN75xciPJvDTPYsVbPeaM4lF3LsfnjpCohPgZXj5vGfEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bbda880-SYD
content-length
8272
expires
Sun, 30 Oct 2022 07:48:22 GMT
fdd32293e80481e2de3ce7942b14a123.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fdd32293e80481e2de3ce7942b14a123.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
02370c70ea349d4b8332b5ed84f0759ed904116ea3e3f353da04a4190bb6565b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 10:00:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"FDD32293E80481E2DE3CE7942B14A123"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cjJPuR42XROmcVXvwCvLVOeBr76%2BQfRXMWQuMJaUQHmV0zX2CIKovzwnCHEZf5uVealdRaun6htDiqz4skP%2BXQnL9fpX5PpB%2FXoTCWEJLKWhvDLTCfsNiFtF1m4LoG0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bbba880-SYD
content-length
5391
expires
Sun, 30 Oct 2022 07:48:22 GMT
a750ec5136c57587760773f2839b632b.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a750ec5136c57587760773f2839b632b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
312b9527a1d68058e4d9a65330b3e7ed630544899688fe11029b5993de9d94bc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 21:25:59 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A750EC5136C57587760773F2839B632B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLPtSkCureo4O09DsQS7FLiw%2F5%2FLN32wBEYf4sCESksdjCzvuuV1Pwd6sqUxZ9SewOlhrV6Nx4lY0QmF0BvopdLGAHKTJz3%2BxSetthVgs9ZbPygTP2a0zFzvb9T6ong%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8deb88bc0a880-SYD
content-length
4739
expires
Sun, 30 Oct 2022 07:48:22 GMT
9e7d9587ba1ef7c82c3b0d1cc0748201.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9e7d9587ba1ef7c82c3b0d1cc0748201.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23da311753cf3734d3ee547d781311fb3229b8088a0337a0bf7edc63d0a8ed34

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 04:48:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9E7D9587BA1EF7C82C3B0D1CC0748201"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqZIxoogLKG1IA%2F0JDHBEgv6XOD019pANTaqdKv5HfYSCm3qW2XcjfwXHajzEl%2Fm%2BmyI3zyw5SSKK1hABUwryS4eRP%2Fuy8pyh7OJZ%2Bsj5OxvUVqR1zYWz1amjNYHFyo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec0ab37a880-SYD
content-length
4347
expires
Sun, 30 Oct 2022 07:48:24 GMT
dff15c6aa99ac725fab00a88cdb77b22.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/dff15c6aa99ac725fab00a88cdb77b22.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9e5e9bc7111ba8920318226b16101367447d11aff0b28b7db632418b0ec7f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 14:18:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"DFF15C6AA99AC725FAB00A88CDB77B22"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hDPnj0hdGRAusV5uY6kU6ZY9imDl1FTxv4GJQqyZD9Sk6A5u3Ur8Nv%2FE9YOhZWSxKP8UscJbMo%2BJgB6u8hYvG6k1420yRksAwnGLsweMhweI9%2FNoCwZAMxePffeUOk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec0ab38a880-SYD
content-length
7735
expires
Sun, 30 Oct 2022 07:48:24 GMT
ad50f642908312d48cac76e112646b3d.jpg
static.bg3.co/imgs/202201/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/ad50f642908312d48cac76e112646b3d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a61b2b9b5eda099cb8cc38359c5fec66bca33e57c0203fb546bf0f5265e309f1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Sat, 29 Jan 2022 05:05:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"AD50F642908312D48CAC76E112646B3D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xBiPgjKEVgv3LPCONviIN66tyn%2F0IWDHIcID%2BZVE68rekjhSg51peMMCULUHQy4Mk%2F3S1AOYyzvY6ziKxervzf5tOm6YLw3ofRyzsiTdjq%2Bovk1FfPXzol5b48f3YhY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec0fb88a880-SYD
content-length
4997
expires
Sun, 30 Oct 2022 07:48:24 GMT
45826df87b5eed9ca143afcc71df972c.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/45826df87b5eed9ca143afcc71df972c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
105a01e04901cb632dd8856a708228ba3c4461db90168ed03a2b1614d91628f0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 04:39:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"45826DF87B5EED9CA143AFCC71DF972C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=doO22RgCjZZmJbByOIbBvKo0qoWkRIrW8%2FBrzGfAnII2mGwnT7lbcX6ZN4eYt1Uzjzh%2FVwboQd2cy%2FzHP1m%2BMwe89UloFVev8F0aIcIpniD%2FlHFvVKBnU4Z43WZNXQs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec0fb8ba880-SYD
content-length
3144
expires
Sun, 30 Oct 2022 07:48:24 GMT
a796a3aab46ffda3d91232ba31ad1eeb.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a796a3aab46ffda3d91232ba31ad1eeb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7858905663c88e10cd5022fbce701b454be0c8bff73e1a25bbe51ee795af1f97

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 10:59:40 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A796A3AAB46FFDA3D91232BA31AD1EEB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zyy2qrGNqPwo42hAceZTFoVNTE2v%2FPeknnVId6P9jJnQRD9sDENxEr3zy0H7GZHDHiK8rOL4yzHZZXYDherZicQSwzimDpuGq4vHXKuuXxGpFY71lnew7O2wf7JUxG8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec0fb8ca880-SYD
content-length
3468
expires
Sun, 30 Oct 2022 07:48:24 GMT
f99b215123234e9f7f361ddebdf61e3f.jpg
static.bg3.co/imgs/202106/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f99b215123234e9f7f361ddebdf61e3f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d57f235ced6c7612d5826229dedcb052a6108d1745c63e3660bc2849efb8472

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Wed, 16 Jun 2021 08:25:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F99B215123234E9F7F361DDEBDF61E3F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aBNMpsiCfOS4yvFLK7Fy%2B5PN%2FKyKVwBDr0%2Bm3mWSjxuwYKNqAvRiBIbvPg3nhVYdU4gSMG0gMwsYwkUIojcXA%2BHSZzXyLNan%2BUDRvSTf1LqJTTsaJ31iwgjoND%2B%2Bxnk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec47f2aa880-SYD
content-length
3166
expires
Sun, 30 Oct 2022 07:48:24 GMT
bbc9d106107c5e5697686c4e8aa5089b.jpg
static.bg3.co/imgs/202112/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/bbc9d106107c5e5697686c4e8aa5089b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab470f376d3330f77f091b26352e9f66693a7834f7154fa9757c1ccaff85da2d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Dec 2021 07:46:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"BBC9D106107C5E5697686C4E8AA5089B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DpSLxSGJeEu7dVBFx%2FEBIJ0Gph%2Fv6nqUhRov1r2%2FqBHmsjGFwa0nQUmWnN5waclL5FH7fEOo%2B%2Br6I8QZXfSZwx5uyzI7rtWqabMsMOfToC2v6CjqvzXzY5ine%2FVjw4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec47f32a880-SYD
content-length
3311
expires
Sun, 30 Oct 2022 07:48:24 GMT
dc4109d8a3c9f6f7bbef5f816636f282.jpg
static.bg3.co/imgs/202106/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/dc4109d8a3c9f6f7bbef5f816636f282.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e14042a106fa928ceb740c2eeb982ff73add8de599a59ac7c09ce39bd6ca133

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 16:32:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"DC4109D8A3C9F6F7BBEF5F816636F282"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pd41lpflutradpCDvVMH4SbLj4PLcOB6x5jVbMMfd2ulMmB%2BHnszDKhntzMZ80bUX8spQp8bbldK4tRpVBcdh47ntLzR7tTSaTiAyoFXKpJ%2B8vdwrbwuVno7Cti5nKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec49f46a880-SYD
content-length
2697
expires
Sun, 30 Oct 2022 07:48:24 GMT
70a022d25b45ce420175a861d41c9e8e.jpg
static.bg3.co/imgs/202105/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/70a022d25b45ce420175a861d41c9e8e.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3942901fae29e66fd764e1ca8d40702c3e96d2935fd6cf2313802103ff03009

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Thu, 20 May 2021 12:21:21 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"70A022D25B45CE420175A861D41C9E8E"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CqOr0K5TdSe4OpaJ1UO%2Belwms9kdvi%2B5uAWigKffbj3uKuH1BGyI%2FmE2FHOFljbHoR36%2BTMcKnA4wS%2FuLqODz%2Fa7cVFXoS8GwUWRDjBx%2BsfAghOKpVkefu1OlloD0ak%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec49f48a880-SYD
content-length
9966
expires
Sun, 30 Oct 2022 07:48:24 GMT
d517f221da5ded74bf850b0edbb2eb7c.jpg
static.bg3.co/imgs/202106/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/d517f221da5ded74bf850b0edbb2eb7c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f1ee36f4a5035aa29fc3a7c5fc503cb02ce8bc0d0ddd155643fdafc97d430891

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 07:11:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"D517F221DA5DED74BF850B0EDBB2EB7C"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nfEK3U5f7PuKWIhX5PeAGuDa%2BvEiWHckwlTqjTzJGdelYpI1eYWOuUegLLIzL%2F9rJD0QPOWOXaqTBKep5qz81L3oQTpHPGW7HvIMa9xzBFX5LONsurWfpWN6qRrN5%2Bg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec49f49a880-SYD
content-length
13716
expires
Sun, 30 Oct 2022 07:48:24 GMT
6347dd9785043fbdee72e035fd1d458b.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6347dd9785043fbdee72e035fd1d458b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.2.91 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8abd844406736ce23d96a3689ee4cd1a811370ca90d55125243f2d2ebeef7b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 20:02:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6347DD9785043FBDEE72E035FD1D458B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0Ypal3hDHuRzIIpr6UWlLheXvYNndx%2BE%2B7pCnEXjBZqOg%2F%2BroZoIwjv3Mss0Z6S0Mv5d64rKZhYuHDv30qCpsPp2O68PW95G24rmb4CeZnMIKMdHeEaPc5eOY3HHLr4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
75e8dec4cf6da880-SYD
content-length
3905
expires
Sun, 30 Oct 2022 07:48:24 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Oct 2022 10:15:16 GMT
age
77588
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2993
x-xss-protection
0
server
sffe
etag
"a122783c89e19dfb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 22 Oct 2023 10:15:16 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Oct 2022 16:03:03 GMT
age
56721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23041
x-xss-protection
0
server
sffe
etag
"ea9f23854f5e71da"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 22 Oct 2023 16:03:03 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		5 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
b9441e02a38f1ea83d5e5a54fd792f5b757600322cc22634b99d9aa650176024
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
587
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Oct 2022 12:15:14 GMT
age
70390
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3839
x-xss-protection
0
server
sffe
etag
"cadad0096bbc82de"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 22 Oct 2023 12:15:14 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
619 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5826
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=komzOzpp1DAEZ4MalSggSEnNUot6nLMo27UHIai2Nzb%2F0s%2F1JVB1sWmuKeOV%2FxjuHA8HUugDzxpM0%2FD6BsPq2I3VOFL8bcDYSQdPTJ1a7%2B5mHX0D7OLktIfH2gZ%2FgtA4oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
75e8deb82c00dfab-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
9cf2bfa32849994e40eb345fe31a4431129f31ff10618283ba2923008e8d5095

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:23 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
9cf2bfa32849994e40eb345fe31a4431129f31ff10618283ba2923008e8d5095

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:23 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.9921674808686427&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:22 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.10710268517769217&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.108.102.145 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
x-width
336
x-height
280
x-adstyle
banner
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
vary
Accept-Encoding
access-control-allow-credentials
true
x-adsource
PSA
x-adtype
html
connection
close
content-length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1666511305.dop203.la3.t,1666511305.cds220.la3.hn,1666511305.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1666511305.dop203.la3.t,1666511305.cds220.la3.hn,1666511305.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Oct 2022 21:54:54 GMT
age
122010
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10232
x-xss-protection
0
server
sffe
etag
"c8f64f42400c7620"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 21 Oct 2023 21:54:54 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 5FB5 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
c4663eb033ddb86e8ce1322a6c531c4945cb52526ccc378333a43d0703b77bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39986
x-xss-protection
0
server
cafe
etag
17231672904359178457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 07:48:23 GMT
gtag.json
cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 22 Oct 2022 12:51:19 GMT
age
68224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"af0e5541a4a7e61b"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 22 Oct 2023 12:51:19 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 14C6 		121 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
c4663eb033ddb86e8ce1322a6c531c4945cb52526ccc378333a43d0703b77bae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:23 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39986
x-xss-protection
0
server
cafe
etag
17231672904359178457
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 07:48:23 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame E5D8 		714 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75e8debf6c22a96d-SYD
content-encoding
br
content-type
text/html
date
Sun, 23 Oct 2022 07:48:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X31AZPvdWVYWQvcOOTx%2BaWJgX%2BX3lcIX47a0CjKV0LizJ%2FDmWeOQqmum2g9I98kCnlWtbLvnxD5KQcdkAM%2BvnFwipOzJ%2BAAFIvMdk1GyB6NJso%2F9TcpTKRICrwlDMI00AQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:25 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ Frame 5FB5 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
a3e5dbd164e610779422df37e3abe70ed5462c98c3c434a9f58bd132fe3d2ea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118761
x-xss-protection
0
server
cafe
etag
7381931050904030941
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 07:48:25 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame E5D8 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
0db5efcc9ca7e4f155c62b6f7b00be173cb4361b782ab0f832582ba93510db08
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27349
x-xss-protection
0
server
sffe
etag
"1372 / 560 of 1000 / last-modified: 1666390088"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 23 Oct 2022 07:48:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/ Frame 14C6 		353 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
dc3abe11ab99857518dc9683b7073dfdcc132b0cf88f9df779615420f52769ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
118761
x-xss-protection
0
server
cafe
etag
1989361697437530116
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 07:48:25 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 0DDE 		714 B
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4571
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75e8dec11e0da96d-SYD
content-encoding
br
content-type
text/html
date
Sun, 23 Oct 2022 07:48:23 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaG7JaoLagV7YwcMC1ASBW9CxSoSmdcFoNbGU3rf88z6tLVBDn8KUduUAneE0EH17WqialQV8I2yQ%2Ff5%2B8%2Fjw%2FCbOezzkbyPyEz%2FyMAG7BbeMJrJVcBrr7Ivgj2bO1QVFg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 0DDE 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
c5b72e184af0ba62e6858319e4104676f2e4bdd893981c99a03a4b1a1baa2ee6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27348
x-xss-protection
0
server
sffe
etag
"1372 / 300 of 1000 / last-modified: 1666390088"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 23 Oct 2022 07:48:24 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E9%87%91%E9%90%98%E7%8D%8E%EF%BC%8F%E5%90%B3%E6%85%B7%E4%BB%81%E3%80%8C%E7%B2%89%E7%B4%85%E6%A2%9D%E7%B4%8B%E8%A1%AB%E3%80%8D%E6%9C%89%E6%B4%8B%E8%94%A5%EF%BC%81%E3%80%80%E5%BE%8C%E8%87%BA%E7%B4%84%E8%A6%8B%E5%A5%B3%E5%8F%8B%E9%82%B5%E9%9B%A8%E8%96%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-3lii_U2kiAUHNqHWB0Mygg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.6037388325523454&gjid=0.35720171339083095&_r=1&a=5209&z=0.8469197867396925&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:25 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022101901.js
securepubads.g.doubleclick.net/gpt/ Frame 0DDE 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 21:45:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
36180
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130799
x-xss-protection
0
last-modified
Wed, 19 Oct 2022 08:34:46 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 22 Oct 2023 21:45:24 GMT
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ Frame E5D8 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 15:30:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
317881
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 15:30:23 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012210010655000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f132.1e100.net
Software
sffe /
Resource Hash
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 21 Oct 2022 21:54:20 GMT
age
122045
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57866
x-xss-protection
0
server
sffe
etag
"a079e55eff1cbcb0"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 21 Oct 2023 21:54:20 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 0DDE 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 0DDE 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 0DDE 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3329293712666974&correlator=2923137530565807&eid=31070494&output=ldjh&gdfp_req=1&vrg=2022101901&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666511304975&lmt=1644386353&dlt=1666511303909&idt=1043&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=lsciktpg20gt&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=801236436.1666511305&ga_sid=1666511305&ga_hid=1215348834&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
6edc6a52155c1df80419ba5d3d32aef8e38102fca85928b8c948933c0a84f85f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E648 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:25 GMT
expires
Mon, 23 Oct 2023 07:48:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame E5D8 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame E5D8 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame E5D8 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2684128129037456&correlator=4294272735048315&eid=31068501%2C31070472&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1666511305087&lmt=1644386353&dlt=1666511303645&idt=1423&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=gtvsx8xayhiu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=6801192.1666511305&ga_sid=1666511305&ga_hid=1699555616&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
3229cc3f42e3c00d3737ba83afe82b37391b3c3bd047891b46dfa1fc21aef09f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2DA2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:25 GMT
expires
Mon, 23 Oct 2023 07:48:25 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 5FB5 		379 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
0d277a31f39423d74489130ca3f11812fbb44d3a14f20e54f9b1f58fbb53ff6d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
245
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 5FB5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 5FB5 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B091 		21 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
4c95292096c3414324a82b3b47e4b653901a62a0bb55f2489fb679f1cc7c3143
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
10522
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:26 GMT
expires
Sun, 23 Oct 2022 07:48:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 14C6 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f154.1e100.net
Software
cafe /
Resource Hash
12c0c1ef2ab2a65042e650c5332f479fbcb93df3c8587490b2557790b4a31b5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 14C6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 14C6 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 1447 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
16514189532a816704193834fc49dd030aab4a3c714e08b884d8784b08c00e46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
12114
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:26 GMT
expires
Sun, 23 Oct 2022 07:48:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
integrator.json
adservice.google.com/adsid/ 		86 B
219 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-18355537582446915420.ampproject.net/2210010655000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-18355537582446915420.ampproject.net/2210010655000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame 0DDE 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9714e5753febbe94f92953992640bb4ce83f03971bea694b29820376bf0a8682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11112
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame E5D8 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022101801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
0b0873641a2c9560aec6f0df9b98db06c902161bd64c010bc92df6efda98e7c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11238
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A108 		603 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-40128288522668978555&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3138&oid=2&is_amp=5&amp_v=2210010655000&d_imp=1&c=320005209&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&ga_hid=5209&dt=1666511305973&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&bdt=4870&dtd=101&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012210010655000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:26 GMT
expires
Sun, 23 Oct 2022 07:48:26 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=11
content-length
94168
expires
Mon, 23 Oct 2023 07:48:27 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=13
content-length
211
expires
Mon, 23 Oct 2023 07:48:27 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=18
content-length
17440
expires
Sun, 23 Oct 2022 08:48:27 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
d723ddc89dc7b299c50e4af810131ae511e709fda9650ce69ce047e592d143a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27347
x-xss-protection
0
server
sffe
etag
"1372 / 987 of 1000 / last-modified: 1666390018"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 23 Oct 2022 07:48:26 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:26 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjY1MTEzMDY0NTUsInBhY2tldElkIjoiMDAwMEE3MDEtNWNkMGE4NDMtMjE0NC00Nzc2LWExZTgtMWVkYmYxNzBlMGRlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi16aG9uZy1qaWFuZy13dS1rYW5nLXJlbi1mZW4taG9uZy10aWFvLXdlbi1zaGFuLXlvdS15YW5nLWNvbmctaG91LXRhaS15dWUtamlhbi1udS15b3Utc2hhby15dS13ZWkuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6871.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjY1MTEzMDY0NTYsInBhY2tldElkIjoiMDAwMEE3MDEtNWNkMGE4NDMtMjE0NC00Nzc2LWExZTgtMWVkYmYxNzBlMGRlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi16aG9uZy1qaWFuZy13dS1rYW5nLXJlbi1mZW4taG9uZy10aWFvLXdlbi1zaGFuLXlvdS15YW5nLWNvbmctaG91LXRhaS15dWUtamlhbi1udS15b3Utc2hhby15dS13ZWkuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=6872.200000286102
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY1MTEzMDY0NTYsInBhY2tldElkIjoiMDAwMEE3MDEtNWNkMGE4NDMtMjE0NC00Nzc2LWExZTgtMWVkYmYxNzBlMGRlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi16aG9uZy1qaWFuZy13dS1rYW5nLXJlbi1mZW4taG9uZy10aWFvLXdlbi1zaGFuLXlvdS15YW5nLWNvbmctaG91LXRhaS15dWUtamlhbi1udS15b3Utc2hhby15dS13ZWkuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=6872.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY1MTEzMDY0NjAsInBhY2tldElkIjoiMDAwMEE3MDEtNWNkMGE4NDMtMjE0NC00Nzc2LWExZTgtMWVkYmYxNzBlMGRlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi16aG9uZy1qaWFuZy13dS1rYW5nLXJlbi1mZW4taG9uZy10aWFvLXdlbi1zaGFuLXlvdS15YW5nLWNvbmctaG91LXRhaS15dWUtamlhbi1udS15b3Utc2hhby15dS13ZWkuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=6876.400000095367
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:26 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjY1MTEzMDY0NjIsInBhY2tldElkIjoiMDAwMEE3MDEtNWNkMGE4NDMtMjE0NC00Nzc2LWExZTgtMWVkYmYxNzBlMGRlIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2ppbi16aG9uZy1qaWFuZy13dS1rYW5nLXJlbi1mZW4taG9uZy10aWFvLXdlbi1zaGFuLXlvdS15YW5nLWNvbmctaG91LXRhaS15dWUtamlhbi1udS15b3Utc2hhby15dS13ZWkuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=6878.800000190735
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:27 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1666511306477
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.59.168.81 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-59-168-81.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:27 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5
accept-ranges
bytes
content-length
631
expires
Sun, 23 Oct 2022 08:48:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 0DDE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101901.js?cb=31070494
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:27 GMT
pubads_impl_2022101801.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 21:32:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
296161
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130840
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 08:35:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 19 Oct 2023 21:32:26 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Sun, 23 Oct 2022 07:48:26 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame E5D8 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js?cb=31070472
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:27 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 71A3 		624 B
348 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDOhePxAxix_InSATAB&v=APEucNWpD04tEMYI3R9v56HO2QqvaNLP_Ri5O9jFTs2vaXgSwaBGSYUORR7J8tiSB8yG80FrGdBndZRSDyKDWGfQo-CrQK90UQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 22CE 		70 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
94d09d5f65eb25f9b96e271ff98b456caef79dbd9d2a8c8a8161ca7ac93f9f52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33356
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 22CE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:07:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 22CE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
29291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 23:40:16 GMT
l
www.google.com/ads/measurement/ Frame 22CE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQGWWrYzTWUwlNRswa7iu_2iGQgegnw36JtuJGYRDj4qarfgBHyRTV3mt1Yh7MvO7Jgx3tdCWYheQNfdVnrW886Q-MHJA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 22CE 		152 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 22CE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bwb5CDsyzA5uXE8AZGyQEF9HTnqEEipOpjyLLKCpsiVQWJTWWiD4Y3v1BpkQdwM3xONcjYxvxK3s4MOip_rHYxp5ZE8cYYG6v0h8WUlIpyrQm-ob0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 1447 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CCcmUyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoEwQJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rkpDCat6WdHzq_NTWtUivt51pYRCc5tcivnGsr64rUHXkVcSteS6uABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQIAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi00NDg1MjM5NDI1OTI0Nzg3GOLMGQ&sigh=HKic2Fq2-MU&uach_m=[UACH]&cid=CAQSKQDq26N9amL6p1EnzxOZ-KgwMbd05ka_ghtauyF3ULZzyAh2nz9dsxnuGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Oct 2022 07:48:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 1447 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k-eyE5zIC9ACmAJi-C0SAgAAACE5AQwCW-6IAHiIk2U3JEEQyvFUY1-ohuDeGi7aWapDABIAAA&wp=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
179497
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame FA13 		140 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
0c5e28b4776de6558de9fd23f084172f472921a5e63d1a43f3dba20f522bd4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:27 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=HW8X7r3biZGP1byaupvNvldZCYQNBkdN_I9DarI4XQ5Dlix1DKfQsUs8yJ2KLKoUGmMspXdA5y2ZCkLtfQadZA0sH7FL3CE5VcQqsNP-2e0BEa93FeFOnspZtIt3IYq2GO--h1nx3qyQtX0LhpIpFCigRpiS0Mb_AjvMXNtAL606KcdXI2S4Yzt3ofWcWjxRsqLhjZWuugPwat3-o5iBv2zI5kL_hmcNCnQY7gt3BLR6OoCegC27o5tbAFKGAKAWsE6ljq4pzXXBzB8y"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
85062398
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 1447 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74475
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:07:12 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame F042 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9368
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 05:12:18 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 05:12:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 1447 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
29291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 23:40:16 GMT
l
www.google.com/ads/measurement/ Frame 1447 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS1LSnLiMJKyvCy6w6FunJIXa7Bf0JlYnrz2d3dKKB4tcDdcpO9kvzpSbvm3iDEz3Z_4R7q13YMIhlfsfkwCJr-MOv6UQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1447 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f157.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:28 GMT
pixel
cm.g.doubleclick.net/ Frame F042
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anY0ZTJWbkwxT012SUQ1&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cver=1&google_push=AZmPxg_AEJcwbqkitJR3-8LfpsBFbU5QlAOpWzSKxPs66Vr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anY0ZTJWbkwxT012SUQ1&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cver=1&google_push=AZmPxg_AEJcwbqkitJR3-8LfpsBFbU5QlAOpWzSKxPs66VrED0YtkFEVzHFFZeju_wyfX62EQFkwZxQFV4ERSgRwNfeX-dHkvb7t4BnIkCpMlToqU1PXuP6Apdt-QAsNKHhV0-gYHv0aFA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:27 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=anY0ZTJWbkwxT012SUQ1&google_gid=CAESEPQKFTWbJmORKW5Vw5_mTE0&google_cver=1&google_push=AZmPxg_AEJcwbqkitJR3-8LfpsBFbU5QlAOpWzSKxPs66VrED0YtkFEVzHFFZeju_wyfX62EQFkwZxQFV4ERSgRwNfeX-dHkvb7t4BnIkCpMlToqU1PXuP6Apdt-QAsNKHhV0-gYHv0aFA
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F042
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESELN31CYLN3gq2RswAhxVrVY&google_cver=1&google_push=AZmPxg_Q7ol2uzHqX9qC5KZd0_uzn0d8yp0T9yiPNCdBVIGZLPfVQfMRsWhuCqagYv0zX1WHn_L3gxx1GPW4Ezv-...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_Q7ol2uzHqX9qC5KZd0_uzn0d8yp0T9yiPNCdBVIGZLPfVQfMRsWhuCqagYv0zX1WHn_L3gxx1GPW4Ezv-I3Q4EubEBU9Q1TuqeYZn9_PsMAYIeF...
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_Q7ol2uzHqX9qC5KZd0_uzn0d8yp0T9yiPNCdBVIGZLPfVQfMRsWhuCqagYv0zX1WHn_L3gxx1GPW4Ezv-I3Q4EubEBU9Q1TuqeYZn9_PsMAYIeFJwvaEWX-bGxqHOyMG75yOgZzI
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 23 Oct 2022 07:48:27 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg_Q7ol2uzHqX9qC5KZd0_uzn0d8yp0T9yiPNCdBVIGZLPfVQfMRsWhuCqagYv0zX1WHn_L3gxx1GPW4Ezv-I3Q4EubEBU9Q1TuqeYZn9_PsMAYIeFJwvaEWX-bGxqHOyMG75yOgZzI
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 23 Oct 2022 07:48:26 GMT
pixel
cm.g.doubleclick.net/ Frame F042
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELp18JYAKq5DyBwF8tSZnK0&google_cver=1&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791m...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESELp18JYAKq5DyBwF8tSZnK0&google_cver=1&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791m...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791mn3ggbCg_nyFaEUC-RIQU_dW461kLIm-MNGN-QJsj_kzQ9CWU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791mn3ggbCg_nyFaEUC-RIQU_dW461kLIm-MNGN-QJsj_kzQ9CWU3KyPYBM2X_0A&google_hm=MDUwMzAwMDFfNjM1NGYxY2MwZTRkOQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:28 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-v-pJodqR-tSE2V59smpisKj6InSXp1-LqEVTSJeZtAMzNa02euB1iCV98YMZzhB7u9oW_FN791mn3ggbCg_nyFaEUC-RIQU_dW461kLIm-MNGN-QJsj_kzQ9CWU3KyPYBM2X_0A&google_hm=MDUwMzAwMDFfNjM1NGYxY2MwZTRkOQ%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame F042
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEL4ixpSIU1nau_Sz2F6ZI5E&google_cver=1&google_push=AZmPxg-tuEyOKZ29V994MBrhU_yQeHWZAOEpFKVp_77vvTwzY_nqEQOXyWoaO3MnmKqoFFr_KNJJXGDZdnFsNYv...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=f_U_VywjTiR_Dlvjn41Uza310XA&google_push=AZmPxg-tuEyOKZ29V994MBrhU_yQeHWZAOEpFKVp_77vvTwzY_nqEQOXyWoaO3MnmKqoFFr_KNJJXGDZdnFsNY...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=f_U_VywjTiR_Dlvjn41Uza310XA&google_push=AZmPxg-tuEyOKZ29V994MBrhU_yQeHWZAOEpFKVp_77vvTwzY_nqEQOXyWoaO3MnmKqoFFr_KNJJXGDZdnFsNYvxz7z7YN9_CXV1u0IqGDzDZkUxNln5_Mxoc03kaes6ZYQ1rSPy1AkAqIQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=f_U_VywjTiR_Dlvjn41Uza310XA&google_push=AZmPxg-tuEyOKZ29V994MBrhU_yQeHWZAOEpFKVp_77vvTwzY_nqEQOXyWoaO3MnmKqoFFr_KNJJXGDZdnFsNYvxz7z7YN9_CXV1u0IqGDzDZkUxNln5_Mxoc03kaes6ZYQ1rSPy1AkAqIQ
Date
Sun, 23 Oct 2022 07:48:28 GMT
Connection
keep-alive
Content-Length
285
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame F042
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEK121FJ8L5EuQZVaY9Oeb4o&google_cver=1&google_push=AZmPxg_cbg_h3VvuPYxO4y5Wl2mqfebJXZHgY3lQXRaw3PevGCKoKr2wq6RPNjDcjDQQglgZJEzy42vXjgjo_0Nnj...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_cbg_h3VvuPYxO4y5Wl2mqfebJXZHgY3lQXRaw3PevGCKoKr2wq6RPNjDcjDQQglgZJEzy42vXjgjo_0NnjggrHjc1ykVpWmgVSj-vlLSaa09YWNAF0r2I2vaX869...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_cbg_h3VvuPYxO4y5Wl2mqfebJXZHgY3lQXRaw3PevGCKoKr2wq6RPNjDcjDQQglgZJEzy42vXjgjo_0NnjggrHjc1ykVpWmgVSj-vlLSaa09YWNAF0r2I2vaX869sw4oFm4x_LS0&google_hm=AefteoCf10q2oObO2W4nWxg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AZmPxg_cbg_h3VvuPYxO4y5Wl2mqfebJXZHgY3lQXRaw3PevGCKoKr2wq6RPNjDcjDQQglgZJEzy42vXjgjo_0NnjggrHjc1ykVpWmgVSj-vlLSaa09YWNAF0r2I2vaX869sw4oFm4x_LS0&google_hm=AefteoCf10q2oObO2W4nWxg
Date
Sun, 23 Oct 2022 07:48:28 GMT
Server
Apache
Connection
keep-alive
Content-Length
274
Content-Type
text/html; charset=utf-8
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame F042 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEEli6H4SffwhIJ-KDfC7bXs&google_cver=1&google_push=AZmPxg_Ak4RBS23ufYhQTmUBPRn47kx1lBTDQ0Hl05q-yDVYQK7VTfRUH8lo4-BRLGnGEZhffBQLL5W43g75xG_7ntmuGbzabiCoxSxMlGfvXyDZ6NRASP5oi0nVlAhDCZRPDY32ECfBDfQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:28 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame F042
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEBhLtQBk37z29anVmD4WlO0&google_cver=1&google_push=AZmPxg8r4mKAO8KQ4CpK4YvgeXkdgtrJiGif7iew_I2o2PsZpwtRIi9h6...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8r4mKAO8KQ4CpK4YvgeXkdgtrJiGif7iew_I2o2PsZpwtRIi9h6XJSjUJ5NL9IYhrMb-c45PWWsQJIS6YYkW1pCfNpJ5mxhb_ZLtdYVTWuk7Bd58rH2rY13X1Zv...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8r4mKAO8KQ4CpK4YvgeXkdgtrJiGif7iew_I2o2PsZpwtRIi9h6XJSjUJ5NL9IYhrMb-c45PWWsQJIS6YYkW1pCfNpJ5mxhb_ZLtdYVTWuk7Bd58rH2rY13X1ZvA22pViBJfZe55Jo&google_hm=QlMuZGUxNC0zMzU1LTQ3MDctYTkwOA==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg8r4mKAO8KQ4CpK4YvgeXkdgtrJiGif7iew_I2o2PsZpwtRIi9h6XJSjUJ5NL9IYhrMb-c45PWWsQJIS6YYkW1pCfNpJ5mxhb_ZLtdYVTWuk7Bd58rH2rY13X1ZvA22pViBJfZe55Jo&google_hm=QlMuZGUxNC0zMzU1LTQ3MDctYTkwOA==
Date
Sun, 23 Oct 2022 07:48:27 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame F042 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KKx1kkgCIYmmATQh5XfzehmeQVAITfCl9YYom_wDkIJf4IHb1cfSECO7rqNaUeqSQeOPV78g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame 1447 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a4ed278ef75e82f89333a034ce650e7ddcadbd13c9f96cbd43678bd7ab53138d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 71A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDOhePxAxix_InSATAB&v=APEucNWpD04tEMYI3R9v56HO2QqvaNLP_Ri5O9jFTs2vaXgSwaBGSYUORR7J8tiSB8yG80FrGdBndZRSDyKDWGfQo-CrQK90UQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
rum
dsum-sec.casalemedia.com/ Frame 71A3
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y1TxzCpMEbR5cQvGHSaiOwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDOhePxAxix_InSATAB&v=APEucNWpD04tEMYI3R9v56HO2QqvaNLP_Ri5O9jFTs2vaXgSwaBGSYUORR7J8tiSB8yG80FrGdBndZRSDyKDWGfQo-CrQK90UQ
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEEyEBKFk8nk3uJO9ScQ7lCk&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bounce
ib.adnxs.com/ Frame 71A3
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEIY_ykmQcqWBXqro3KTJLkI&google_cver=1
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIY_ykmQcqWBXqro3KTJLkI%26google_cver%3D1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIY_ykmQcqWBXqro3KTJLkI%26google_cver%3D1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDOhePxAxix_InSATAB&v=APEucNWpD04tEMYI3R9v56HO2QqvaNLP_Ri5O9jFTs2vaXgSwaBGSYUORR7J8tiSB8yG80FrGdBndZRSDyKDWGfQo-CrQK90UQ
Protocol
HTTP/1.1
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:28 GMT
AN-X-Request-Uuid
52ccf582-e4f7-4a1f-8aeb-50d13458c5b0
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:28 GMT
AN-X-Request-Uuid
77d07390-2bf2-4c94-a479-d9da7df64322
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEIY_ykmQcqWBXqro3KTJLkI%26google_cver%3D1
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 71A3
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1ODA0MjIyMDUxMTgyMTYzNA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1ODA0MjIyMDUxMTgyMTYzNA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKyHPxDOhePxAxix_InSATAB&v=APEucNWpD04tEMYI3R9v56HO2QqvaNLP_Ri5O9jFTs2vaXgSwaBGSYUORR7J8tiSB8yG80FrGdBndZRSDyKDWGfQo-CrQK90UQ
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:28 GMT
AN-X-Request-Uuid
c4f88be4-cfa6-430e-bae4-d69eb8a8117d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTM1ODA0MjIyMDUxMTgyMTYzNA%3D%3D
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 138B 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
267765
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 05:25:42 GMT
expires
Fri, 20 Oct 2023 05:25:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 22FD 		783 B
1002 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
3a972bdb6f7a9ba5148f48b51946cf5f2963602b49e5445ddd20050eb243f1b4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Z9TInhzC4zA2em3uNN3G2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Z9TInhzC4zA2em3uNN3G2A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:27 GMT
expires
Sun, 23 Oct 2022 07:48:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 22CE 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 18:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 18:41:27 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame 22CE 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
72302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:43:25 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 22CE 		0
622 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstj1HkMrXkcbe4JGrE0I9m2mMYOP7dmQYL01r6yPuIFpU0I_IeYQ5AJlIs136e8CwCH3TN-xwi_pEbY6WtmMyzG-VA25nzOtJeu0pRBZ-GeCWp8MCAhSYrQ7YMypyq1WF_GRimbmKorSanieKetUIJ61QCQkU5u-mEgslToU4zkHD7y0qLgXy1spB6X7F2reLMUx1ZV-xcb7JuXD-xxU98W2eSNNwUeizQ6pqa2IoC6nsUS_RDZu3Zpm8HErRFF9u67m8PkJLw3WqfQuhqX0pA07IRZdYxezIJZFc4ISaISKnpaHcuPVlSQfcNb3n8eQ7lmLvJBsLPsKI2gMCJByH0zZ0GDkYk2p4t-wpzdCJSDiFk2k3mZYGstpW8_4cBzLjp2U9YG1al1x6vAkCMlegjjaeALB-Ufiy3p07iM9b56SxjIXjfn2xzif1u4MJiE1VsX8mPhCrs94h3FxgOu0RZ5u1oljlRvp8nYTxM0uez5PZf0jUv0_SXwe33no-beVj5SDsnBYLVIlIjbm1d57iSbSsV5rN19LPrqRjCdDlnjALDrzIBcj0_Wfh_XI7SPl1DhyVYPrjVhcG-ETEdL_yhHfie3is0tixwvsFJE85JKjGoY9OqcD2Rz4Yjyay_-n1PsIRFV-g0L8Lgm9prIpVB9tCGwiaiVJDtfzuHNGpSwv_9DbbUciXy9Zs4kPv4gd_vipbg7aos697TdL0o-PcDmQHlD8lSNr6DtrXDWBFbnqDZCcCHHbH09pUXCKOzgKP_cjE76Mm0zEZSf6Eaf38Bc1VmrOm-3W9gJ5f1T4S7AyMi6DMBfIVZWxwWgOeoPROxhw3UA5TzvRNruMXrPcUICGEQuZDo1sfxdFEiwyAe2Z7odaWm0bq9er5wdOfyPsm3OJfBm0MUGE523eXw5Ngx3Yo5j7Sg6lUayDrzgXMfGJ3qhownRt5TEif-HUERYhglok-UQjUZJzpauQ1mDe0GrxSg8zX6w_b39aL3fyGFrkMm_QLwVt_k9sEmlVqirw_UjqWHbqZEnfHn-mqZBGidXojT-dc06-2iQpGn3d4cKk5soNZNfRXVeKpwAWm7HQwgBEE8XAIjROd-PLvzS2gUzRcTJcQAZ_2HrHJHdi9PlDl3zigB64yYZ9gpOaSStoIR9vGGuZSis1d_0fmCK4QSzKqv21xOmMcNCnvbSZ4ty50up86kYUkOTPylo_eXY9u6S8r0tsVnVWT9StfdZbkHAyYiYkuHTm3ywGtjDsA&sai=AMfl-YS75UCIbWzl48tPLmue7EWw9TA-CyTsvVfun459hnt0x1OXJyOZ2m4tbSwYhM4ugm42iF82xH8J-Z8GozrpF7HA-ytV6dFlkyMEfbmEUONV0p2lATPtv29lsFuuq1GcEkTvKbY0_07h43BPySNWF8C_Xbg0RzUVB27e7djjmxvbX8w-y4kdTSwl50rjHkxUnaGSQM0PW5WlGxa6A0I&sig=Cg0ArKJSzHDZYn3F7dlxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20221019.58754&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Oct 2022 07:48:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 22CE 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 00:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458141
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 00:32:46 GMT
15551784982545091618
s0.2mdn.net/simgad/ Frame 22CE 		88 KB
88 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/15551784982545091618
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
853216c77599efbc37933c681934af9c66bfb844089c14517e129791187a96e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89908
x-xss-protection
0
last-modified
Fri, 26 Aug 2022 09:09:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:27 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 77BC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
267765
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 05:25:42 GMT
expires
Fri, 20 Oct 2023 05:25:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AFF3 		783 B
739 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
4dfd2a89758975d4ff1b8d3985ea77fe356581c69f98e078b8d6df611fbd011b
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce--W3aTX_1kuCUEA6OHRmTHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce--W3aTX_1kuCUEA6OHRmTHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:27 GMT
expires
Sun, 23 Oct 2022 07:48:27 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
privacy_small.svg
static.criteo.net/flash/icon/ Frame FA13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:48:27 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame FA13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:48:27 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame FA13 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 18 Oct 2023 07:48:27 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame FA13 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 18 Oct 2023 07:48:27 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame FA13 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=lUTNJdiAdhwCp3bp3ACXCyZKuKqXMrnhkrpE60hBVaEcOhTffEWVWMIW2LYn-Wtq8DhF0IX2D7Obo1Z_Sc4XoJT8VIQvq09Xhq__RsFE-nAU1SlVtR640VfG475SEKByzg_qNgGykHAub9dk94jpPebBH7D0skvhKuhjUovUJnGBJytzrNASaHtl2BfwLanjZJxT0MUtdZteJcJC6fFFrK2giOOulrTuyO-UBQKWT-4Yu_nz8usaG55kdgHFessUk-FEvVk_XOx8fvvTLoNl6C1-5GXgY7S7U8DwPPd1I5OW-E8SKdmORSmRrTlEq3TZsGKxVKnJm2TjFwlVA5YPZVYKVMSwKa-OQ-AMQZ07ESwsYD8Ix7dhmhWNUD7iWxeS_HFXWWyqyrhgKcxRzC90a42fRcqfBKr2_RjrnD5rs65BlHQswWgUkSRATvr-sl5y068Mxg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2619972
expires
Mon, 26 Jul 1997 05:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 22FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101901&jk=3329293712666974&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2D90 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9369
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 05:12:18 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 05:12:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 22CE 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9eefa45bb1c6bee12bdbc6231dc60bd43cdf46486bece4a81090860392bea1d5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame AFF3 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022101801&jk=2684128129037456&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame FA13 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
901232
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
75e8dedd3c8da949-SYD
expires
Fri, 13 Oct 2023 07:48:28 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221023
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.87.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5927dbfa9c960da8440ff6ad99f539d8b4a5579a3a29dd1566554c32481456b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
17172
x-jsd-version
1.0.1501
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4550-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"667-TTPioPXgLdS0fCHH9+SZ0wYB73Y"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
75e8dedacda7a89b-SYD
c
prebid.a-mo.net/a/ 		31 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
00888ecceba25e1aaafd2e1f45fb7728d5369aa89c88920f96a1b74fe57c176f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
157
content-length
15591
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.183.230 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-183-230.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
520 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 23 Oct 2022 07:48:29 GMT
arj
adpushup-d.openx.net/w/1.0/ 		173 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=13d4175a-33e3-46c0-b032-d573b0fb4aa2%2C0400a0fe-217a-49fb-a9f9-40d3eb70ec93%2C162c533c-68d0-4389-b670-edab938ef9cb&nocache=1666511307742&pubcid=9c804464-5d48-46d6-ade8-0a134b604d52&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
17eb457b2c513d9a4c2ef3bfa0b7fc6fd382545f3adc376f983bd2715757f85b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=994c0172-1a5a-4288-9fd0-bdb8a038b505&nocache=1666511307743&pubcid=9c804464-5d48-46d6-ade8-0a134b604d52&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=09370612-1381-457b-b601-0a9deb66555f&nocache=1666511307743&pubcid=9c804464-5d48-46d6-ade8-0a134b604d52&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8e281eda-9bf2-4306-8a9b-9bb010255aa0&nocache=1666511307743&pubcid=9c804464-5d48-46d6-ade8-0a134b604d52&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
438823f6d393bfd98852d2785a0232ffc72b8fe356cec229d5030d9f3fe8bfe8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
ca45483120bda9dbec0a869a663d8dcb35b09fcc3ddb5172914de86da42b2b70

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.182.192.59 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-182-192-59.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d39232dfbdbdb4dde3100e6240a014e45389e3519d012dd80c3e8f6929c5b089

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
x-prebid
pbs-java/1.102.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=9c804464-5d48-46d6-ade8-0a134b604d52%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=1fea3828-c369-40b2-bead-b369f2973663%3Bfbfbee2c-d7fd-45d5-b000-db60dc2cb720%3B30801235-6335-42ae-b73b-d9c32cd6f4d3&l_pb_bid_id=2919a04ea98c53c%3B3061165cb0ccd19%3B3149457263e6b87&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6466063618095772
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
03709640fca8eaa5c3d045bf5467ff27f4f77a288f7f403b668206e9b1bfa691

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.38.91.115 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-38-91-115.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
7
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
ib.adnxs.com/ut/v3/ 		50 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
64ceea97a2ee7f10fce190478b19d8e6d735690c6432391475532862ae658900
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 23 Oct 2022 07:48:28 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
7f94e18c-fbcf-45d9-b025-d4315dc16520
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adreq
ads.servenobid.com/ 		656 B
626 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=5165
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
4c46f7fadb683c44c08212442b5b1af83da52fd88bda523456fc4e6d72dc70a8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
prebid
prebid.media.net/rtb/ 		1 KB
925 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
5281d0aca7da31a4fefbc4225e37da1e26d520d041d32690c07cc336b9ded857

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
524
alt-svc
clear
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d27714da98a808cd21e3a4e2daee4772aefadb22a36ad819a1694823bbf7c5b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 23 Oct 2022 07:48:28 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cygnus
htlb.casalemedia.com/ 		37 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225806db3160a7285%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2265c50df74bc4f2c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22684ea991fbbd11e%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2269f5edfcb324131%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229c804464-5d48-46d6-ade8-0a134b604d52%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c34099885facecd650032b6dd24dd92a2147f01bc58754daddf690eccc1143

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75e8dedb2c4caad8-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225806db3160a7285%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22684ea991fbbd11e%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2269f5edfcb324131%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%229c804464-5d48-46d6-ade8-0a134b604d52%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71c34099885facecd650032b6dd24dd92a2147f01bc58754daddf690eccc1143

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
75e8dedb2c4daad8-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=6379208616
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
etag
"cbFpuah7ilcpMTJLYeCgng=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 30 Oct 2022 07:48:29 GMT
animejs.js
static.criteo.net/animejs/ Frame FA13 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:48:28 GMT
pixel
cm.g.doubleclick.net/ Frame 2D90
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEPfQP9OeQ-A-fNs3NA8zMuw&google_cver=1&google_push=AZmPxg914q3vxG6AaILXaNGhn4YnJF9rT41gkCy8rmrVwzIBEbfWx7a5pjlsA5f9UmKj8gXhiZS85XEBZxl7crTpldejcsxfAIj6di...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F57B823842704DEC82B8DCFA07ADE4AE&google_push=AZmPxg914q3vxG6AaILXaNGhn4YnJF9rT41gkCy8rmrVwzIBEbfWx7a5pjlsA5f9UmKj8gXhiZS85XEBZxl7crT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F57B823842704DEC82B8DCFA07ADE4AE&google_push=AZmPxg914q3vxG6AaILXaNGhn4YnJF9rT41gkCy8rmrVwzIBEbfWx7a5pjlsA5f9UmKj8gXhiZS85XEBZxl7crTpldejcsxfAIj6diQZEdsykuugVPmtiA3Sa9hdaOCJWPecF8lpOIkhbrN-4wLupTsu6A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:28 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=F57B823842704DEC82B8DCFA07ADE4AE&google_push=AZmPxg914q3vxG6AaILXaNGhn4YnJF9rT41gkCy8rmrVwzIBEbfWx7a5pjlsA5f9UmKj8gXhiZS85XEBZxl7crTpldejcsxfAIj6diQZEdsykuugVPmtiA3Sa9hdaOCJWPecF8lpOIkhbrN-4wLupTsu6A
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 22 Oct 2022 07:48:28 GMT
asr
aid.send.microad.jp/g/ Frame 2D90 		43 B
641 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aid.send.microad.jp/g/asr?google_gid=CAESENV9MNnornFkUI32l0qKXHs&google_cver=1&google_push=AZmPxg9z68ynS-1hPWTzjhqK6X3w0H6F48qht7HonSYzCjL8luZ5Jt1MgFrXqwr1OM5VGqDQr9ZNO8xTb86zmvVg_EJ_lWXJxKZSm_bBFGWNE7Hg3pcNHAHIPau2UK0tG4VRXj4JHOYPOsis-7ZenPJnsxk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
202.233.84.1 , Japan, ASN131957 (MICROAD MicroAd, Inc., JP),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=3600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:28 GMT
Strict-Transport-Security
max-age=3600
Server
Apache
P3P
policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE"
Access-Control-Allow-Origin
*
Content-Type
image/gif
Connection
close
Access-Control-Allow-Headers
origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
Content-Length
43
pixel
cm.g.doubleclick.net/ Frame 2D90
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESECnFy3RqXiBPAeM6sMrUz0Q&google_cver=1&google_push=AZmPxg9tcHtff9UVVOptH4e4cTfpMENHMN_WAn1LqRolmrl24blsdrS18c_3pejW0m1icBbrIMt4je...
  • https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg9tcHtff9UVVOptH4e4cTfpMENHMN_WAn1LqRolmrl24blsdrS18c_3pejW0m1icBbrIMt4jeg1r9XBBqcgsbF5sgag0OcDrUdftrJHheypEVjZQi67b...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg9tcHtff9UVVOptH4e4cTfpMENHMN_WAn1LqRolmrl24blsdrS18c_3pejW0m1icBbrIMt4jeg1r9XBBqcgsbF5sgag0OcDrUdftrJHheypEVjZQi67bLjYi_7BH8Ng_4yqlNvJueNQs40A1Tfq_2o&google_hm=MjE5MTk3MzEwNDU3MDA3MTQ%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=smart_adserver_eb&google_push=AZmPxg9tcHtff9UVVOptH4e4cTfpMENHMN_WAn1LqRolmrl24blsdrS18c_3pejW0m1icBbrIMt4jeg1r9XBBqcgsbF5sgag0OcDrUdftrJHheypEVjZQi67bLjYi_7BH8Ng_4yqlNvJueNQs40A1Tfq_2o&google_hm=MjE5MTk3MzEwNDU3MDA3MTQ%3D
date
Sun, 23 Oct 2022 07:48:27 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2D90
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEMIN6jV0LirURZSuimBSSdQ&google_cver=1&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEMIN6jV0LirURZSuimBSSdQ%26google_cver%3D1%26google_push%3DAZmPxg9LHXMvk9slR19IcZ...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A4471303157650948019&exchange=193&google_gid=CAESEMIN6jV0LirURZSuimBSSdQ&google_cver=1&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3n...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0NzEzMDMxNTc2NTA5NDgwMTk&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16e...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0NzEzMDMxNTc2NTA5NDgwMTk&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE_i5xCYFyl3MUDtIcI8iXwIfve9BzLVIteg2c_-S4tOEDjiEZhyDo0pwia_wsNQwjWI6lWb34TOY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTQ0NzEzMDMxNTc2NTA5NDgwMTk&google_push=AZmPxg9LHXMvk9slR19IcZb6GjcYQMKyL_gwsqd6j1fmz4WMDI3nzWwtskGzavWqLCQOEFQzV96j16eE_i5xCYFyl3MUDtIcI8iXwIfve9BzLVIteg2c_-S4tOEDjiEZhyDo0pwia_wsNQwjWI6lWb34TOY
Date
Sun, 23 Oct 2022 07:48:29 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2D90
Redirect Chain
  • https://google.dap.fw-ad.jp/dsp/google/pixel?google_gid=CAESEFdkWW8frzF3KckPi691bRM&google_cver=1&google_push=AZmPxg_JXqURAhEvL2vbvAJ5clHtuHW-6IPikK523IlAUa76wa4fyEBfkeNuDBgRDXHTz6uuQW7DZECAU964iTp...
  • https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg_JXqURAhEvL2vbvAJ5clHtuHW-6IPikK523IlAUa76wa4fyEBfkeNuDBgRDXHTz6uuQW7DZECAU964iTpl0kTeft-aWxHCkgXmoxN0hAOn4r8Rqx2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg_JXqURAhEvL2vbvAJ5clHtuHW-6IPikK523IlAUa76wa4fyEBfkeNuDBgRDXHTz6uuQW7DZECAU964iTpl0kTeft-aWxHCkgXmoxN0hAOn4r8Rqx2QcTX2NftrGNUvxoD7q-D7VAVQOpGM3IVBZIFq&google_hm=NmRmYmRkZDEtNmEyOC0zMTBiLWFjMjMtMWVlYzNiNTYyM2Qw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=docomo_ads_platform&google_push=AZmPxg_JXqURAhEvL2vbvAJ5clHtuHW-6IPikK523IlAUa76wa4fyEBfkeNuDBgRDXHTz6uuQW7DZECAU964iTpl0kTeft-aWxHCkgXmoxN0hAOn4r8Rqx2QcTX2NftrGNUvxoD7q-D7VAVQOpGM3IVBZIFq&google_hm=NmRmYmRkZDEtNmEyOC0zMTBiLWFjMjMtMWVlYzNiNTYyM2Qw
date
Sun, 23 Oct 2022 07:48:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-store
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2D90
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKW3u42JOqkUBk65It-5vV8&google_cver=1&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0Q...
  • https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEKW3u42JOqkUBk65It-5vV8&google_cver=1&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0Q...
  • https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iQkp4MEhwRTJ1R0xRZjllMmpTWVhMY1gxZmNOeEU0cn5B&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_Ve...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iQkp4MEhwRTJ1R0xRZjllMmpTWVhMY1gxZmNOeEU0cn5B&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0QmoUzjNTz5NAxGc5-TEuRAyOORM1xhomIH4FagZcI6HVEe77YIRm4MRUH_rwr6fFNfpre2EEbtablbRFlXz
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1iQkp4MEhwRTJ1R0xRZjllMmpTWVhMY1gxZmNOeEU0cn5B&google_push=AZmPxg-HJEysBm4eiX1leU4aI6gmo1gE4-716fAymOpXaXqUJeikLL_VeTTXU7ZFwqDJIkW-0QmoUzjNTz5NAxGc5-TEuRAyOORM1xhomIH4FagZcI6HVEe77YIRm4MRUH_rwr6fFNfpre2EEbtablbRFlXz
date
Sun, 23 Oct 2022 07:48:28 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 2D90
Redirect Chain
  • https://trace.mediago.io/cs/google?google_gid=CAESEKZpisZ1XB3CbeJuHrK7PC4&google_cver=1&google_push=AZmPxg_IzvaB8DvXAmM5inpwBy4SW6VlCnJqBzL_yD_m-g6Z2tHxMkeoanTsDCdIfxQyGDEaOt8qUzarsZSB5ZrKnmxXcDV6_...
  • https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_IzvaB8DvXAmM5inpwBy4SW6VlCnJqBzL_yD_m-g6Z2tHxMkeoanTsDCdIfxQyGDEaOt8qUzarsZSB5ZrKnmxXcDV6_Is8gSD5z93kU4ZrcAIeIV9mUAdsS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_IzvaB8DvXAmM5inpwBy4SW6VlCnJqBzL_yD_m-g6Z2tHxMkeoanTsDCdIfxQyGDEaOt8qUzarsZSB5ZrKnmxXcDV6_Is8gSD5z93kU4ZrcAIeIV9mUAdsSj8hukgIFoYnkgcVbhOj0HBKmA8Iggg&google_hm=2d58beb1a849dee42b783414dfe7a209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=baidu_mediago&google_push=AZmPxg_IzvaB8DvXAmM5inpwBy4SW6VlCnJqBzL_yD_m-g6Z2tHxMkeoanTsDCdIfxQyGDEaOt8qUzarsZSB5ZrKnmxXcDV6_Is8gSD5z93kU4ZrcAIeIV9mUAdsSj8hukgIFoYnkgcVbhOj0HBKmA8Iggg&google_hm=2d58beb1a849dee42b783414dfe7a209
date
Sun, 23 Oct 2022 07:48:28 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
content-type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 2D90 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IqRIH4SrUDj-Z_62ntMATif8M9fLb8p34S5Sv5kToP8td7ck67N1NR-IOAegcY91zgkWdh5CvMYw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
img
pix.as.criteo.net/img/ Frame FA13 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=92&m=0&partner=36786&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F36786%2F171227%2F289f25abf2b14f9594c6ddbda235d727_logo_all_horizontal.png&v=3&w=668&s=44TZO2TCkDPAz0Gqgj9tL44B
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
6f14640c6ae0c2418df8965417897092a6cb04ca630e33b5406af772c858bc49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=26503322
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10062
expires
Sat, 26 Aug 2023 01:50:31 GMT
img
pix.as.criteo.net/img/ Frame FA13 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=36786&q=80&r=0&u=https%3A%2F%2Fwww.klika.com.au%2Fmedia%2Fcatalog%2Fproduct%2Fg%2Fa%2Fgaz-wed-6x12-wh_1.jpg&v=3&w=400&s=OtcBZow1h1mRpxipjntBbltI&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
c56d91910ce8eaceb14d9e85529c05bd9923b0eda84b640091549e6c4867af59
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=26854998
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
5260
expires
Wed, 30 Aug 2023 03:31:47 GMT
img
pix.as.criteo.net/img/ Frame FA13 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=36786&q=80&r=0&u=https%3A%2F%2Fwww.klika.com.au%2Fmedia%2Fcatalog%2Fproduct%2Fg%2Fo%2Fgolf_encl_cover_2.jpg&v=3&w=400&s=Eleu5-8Zavoy_4WLYKDyh1rv&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
be86cf5bbc8ae44203ed4a4703c9a5ff1c916ae572880dacbd2280dac6789059
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:27 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29259015
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12322
expires
Tue, 26 Sep 2023 23:18:44 GMT
all
csm.as.criteo.net/ Frame FA13 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=HW8X7r3biZGP1byaupvNvldZCYQNBkdN_I9DarI4XQ5Dlix1DKfQsUs8yJ2KLKoUGmMspXdA5y2ZCkLtfQadZA0sH7FL3CE5VcQqsNP-2e0BEa93FeFOnspZtIt3IYq2GO--h1nx3qyQtX0LhpIpFCigRpiS0Mb_AjvMXNtAL606KcdXI2S4Yzt3ofWcWjxRsqLhjZWuugPwat3-o5iBv2zI5kL_hmcNCnQY7gt3BLR6OoCegC27o5tbAFKGAKAWsE6ljq4pzXXBzB8y&sds=2&rev=83153&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 23 Oct 2022 07:48:28 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame FA13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:48:28 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame FA13 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y1TxygAEqRkBc-U9AAl_lgWZWMwfF2zXAn3Yag&u=%7CK%2BdXWTOW%2FOtU5DFOQXcTfuT7YHVK2NMjWAlh0K7s6R4%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bcLFbFsfP8MHJXkG-Q0x9WKjEvaYz3vZ82FOpI6al0vPAEpDU-4E1wlOX9kquIN3c2B0pS_zdf8n-BnhYJaO5yGTmablm_SQO9pqsE3oZCUQIJ69ZbqegeUwHNV-t2i1DnISwbkKVI1VOyDSGrzIYIJGBKo5cMRleas75AxSy217D_SuJ_-V4xCE21BzcloPRX-HY0nIU6wuahysRaFTFhccx-dlx_wLqJ1aDwkVlRbkwQwdsr4jQ4MjRnGzT3AtrsOwHr93DI3WERngtqpFAF_CH8XGsCLOYHdiWquZCxjFvEckoT0Rrv5JDpzLxixjOXrh2mCmVsr3gVR8UCaO8mGq2dSSpJCnChV0yCP19U_0VuvP7iL4W4-aAlpQQp37DNE7k6Mp8axfequBZAcMMj315DX6P4atxESISy4Gl2vPi8sBHaCochYkCA3nC3YnLhf0IUDuF2UiBfSmGNb9uPZM2Yff5UUX6yiNx9D9mVgCw_FFMsyzxvSvTxuzHydch2DC4ny8DjUOPnmQD-cUFdjSvgPOi-MCnOsmyo9za-S8dg566o4_HvLdqHWaYMy5Jhp0KtU9TDLHA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCILWJyvFUY5nSEr3Kz7sPlv-lmAOY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3yAEJqQJn6H7wJWelPqgDAaoExAJP0KeOVcRX_Os42mkPX2ETJdUOXfQFG3ukyuOEp037jFH2Q371Xn4O0wxnl4cgf1z9rH3docniKM1dH1qLg_0xuXyR-jgh2zfpXDOdSHoaAHWzTcSKgCgpWQw7n5gahUrE4XaLr1bBml2YrOPe_6puK3Dr7SyoWj3AEIjK9h-OyWWbZC8ZZMOvBHiUxgwJTytMm4SSxuhtkPxWI2d-htFB6SfPQCzHjTNS-wf1iZupbIfiRzfCYP5Tk8IRjlDZqqMZPXcto0s3lLWndA762conCXcyW4XmlpTtwuSv8mWuxSzFTyTzAbG6Jna-aGrA03Nvl3ei3cXdDOfgDp7R4PMbbztLehiFbMv4VOoJz7Pg2jRHNSamB--Ln3rk5jK7JUBTlkRAvEQzuX13JHNMTrAzm9BHFJh9cUNqA1UNlsDPNVSit2iABpXix6OkvoOAiwGgBiGoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggNCIBhEAEyAooCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3tG6_DR3HdFLPrrsDElTa6fdWceQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 18 Oct 2023 07:48:28 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 138B 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124016
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 4394 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
10151
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 04:59:16 GMT
expires
Mon, 23 Oct 2023 04:59:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 77BC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
generate_204
tpc.googlesyndication.com/ Frame 138B 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dQXcTw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 4394 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124017
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
generate_204
tpc.googlesyndication.com/ Frame 77BC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?pG4uWQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame 22CE 		0
63 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstj1HkMrXkcbe4JGrE0I9m2mMYOP7dmQYL01r6yPuIFpU0I_IeYQ5AJlIs136e8CwCH3TN-xwi_pEbY6WtmMyzG-VA25nzOtJeu0pRBZ-GeCWp8MCAhSYrQ7YMypyq1WF_GRimbmKorSanieKetUIJ61QCQkU5u-mEgslToU4zkHD7y0qLgXy1spB6X7F2reLMUx1ZV-xcb7JuXD-xxU98W2eSNNwUeizQ6pqa2IoC6nsUS_RDZu3Zpm8HErRFF9u67m8PkJLw3WqfQuhqX0pA07IRZdYxezIJZFc4ISaISKnpaHcuPVlSQfcNb3n8eQ7lmLvJBsLPsKI2gMCJByH0zZ0GDkYk2p4t-wpzdCJSDiFk2k3mZYGstpW8_4cBzLjp2U9YG1al1x6vAkCMlegjjaeALB-Ufiy3p07iM9b56SxjIXjfn2xzif1u4MJiE1VsX8mPhCrs94h3FxgOu0RZ5u1oljlRvp8nYTxM0uez5PZf0jUv0_SXwe33no-beVj5SDsnBYLVIlIjbm1d57iSbSsV5rN19LPrqRjCdDlnjALDrzIBcj0_Wfh_XI7SPl1DhyVYPrjVhcG-ETEdL_yhHfie3is0tixwvsFJE85JKjGoY9OqcD2Rz4Yjyay_-n1PsIRFV-g0L8Lgm9prIpVB9tCGwiaiVJDtfzuHNGpSwv_9DbbUciXy9Zs4kPv4gd_vipbg7aos697TdL0o-PcDmQHlD8lSNr6DtrXDWBFbnqDZCcCHHbH09pUXCKOzgKP_cjE76Mm0zEZSf6Eaf38Bc1VmrOm-3W9gJ5f1T4S7AyMi6DMBfIVZWxwWgOeoPROxhw3UA5TzvRNruMXrPcUICGEQuZDo1sfxdFEiwyAe2Z7odaWm0bq9er5wdOfyPsm3OJfBm0MUGE523eXw5Ngx3Yo5j7Sg6lUayDrzgXMfGJ3qhownRt5TEif-HUERYhglok-UQjUZJzpauQ1mDe0GrxSg8zX6w_b39aL3fyGFrkMm_QLwVt_k9sEmlVqirw_UjqWHbqZEnfHn-mqZBGidXojT-dc06-2iQpGn3d4cKk5soNZNfRXVeKpwAWm7HQwgBEE8XAIjROd-PLvzS2gUzRcTJcQAZ_2HrHJHdi9PlDl3zigB64yYZ9gpOaSStoIR9vGGuZSis1d_0fmCK4QSzKqv21xOmMcNCnvbSZ4ty50up86kYUkOTPylo_eXY9u6S8r0tsVnVWT9StfdZbkHAyYiYkuHTm3ywGtjDsA&sai=AMfl-YS75UCIbWzl48tPLmue7EWw9TA-CyTsvVfun459hnt0x1OXJyOZ2m4tbSwYhM4ugm42iF82xH8J-Z8GozrpF7HA-ytV6dFlkyMEfbmEUONV0p2lATPtv29lsFuuq1GcEkTvKbY0_07h43BPySNWF8C_Xbg0RzUVB27e7djjmxvbX8w-y4kdTSwl50rjHkxUnaGSQM0PW5WlGxa6A0I&sig=Cg0ArKJSzHDZYn3F7dlxEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1019&vt=11&dtpt=1018&dett=2&cstd=0&cisv=r20221019.58754&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DlHE770kT5GCeJC2vb-2PKllJzY3c59E3f9UC7lgZZ29zg43DV1NAi0FBP15ftTeKL_zs4lRLInfue6qdchqVGrABbYyqhfCxhPbbW7h761aPSMgZ55jFGuI8N_8fv7LsQkXlMBoq9pV75MewRWu-3L6cCCvbNZaJxrXYl-zD9dPjjiD8&cry=1&dbm_d=AKAmf-CEfP3XHGWrcrQv4V6sRN68YQQ0MCDNbgjuEBhuDtodwBh7cZ8rcV1W5BWg5g2jfR0Ad38ECG_U_17JAjlYw-prl2BFe8npmVVUpK0i58G3klr3pJIEXX4_AEIz0O0CfHWtCD5K0B-ZEY41hY_8A6AEEqdNTAJSDLkeP-gJbm1UymoJgIkATD9dkrOUZXBtmktECwhyMrj-YAG8QWpb6_sfrwR_xNYejh-UB-yn_3g1rmgmmN3lOFevBmXPrAfz0eHTnCEM6jZ5PO9ZVhfJrSISswZfCZOBqdYfmXSbNUobYHsICDovy9cOO9gOLyqa6sCqTsA6jazuPDXs44LK_YRQwfUfYk5vHqKZOUjsBtT5IL9JgK8TqtOjE9tXXjcwXbfm36eHkkE2sI_yd8HK65H8hzMRX-fGBQWkxZMF4TReKPS8jfGCb6FnbHzg3GCnBzmWkZqZLwCAIScDHKtR0LsNnvzy2AGfbrZow6nMNJ4vh2vn7WMR1z3WuvQ-lExLlNsCn5JUnlInrYK2vaCcCDFcJhyS3JFmxVljTSWU3btdvt9A7u6ygHr7JJaKajZX1MGseYIGr2nSWVUN57HJDQkVrcxoK3yRus9_XquTURz0icI9WMrGLcxrqXmPuKGwXOasj0Xxv7Q21MmwtV0LidO1AxfzodFrctGEcVGB88J_xgzdQXKOpMiHHbIq8c8GkZOKgzJup-8TYhg5YZU4H978UWRCpgMrRDGb_do9drUvHup3tkQPdeMQHerNoZbBaOSAkhpaxnBEy8iuKkiXKVEcJrhB5qiuEg9UA9Ak3UaaHeh446M3Lx-69GbF6nLBLN8c21sqDyqDeCtNrNg1-qbBvx9Xu95R-XUcjzAdXAStJh2xO8csR-WZ02rW92_YICbW3LFhZRPVDF7blDM8bg3WQYWuY-9wHhNPQLHwZ3J1eXs3cjVhPNliqleYLxQIQzEig3HlZSG1DOSGDDjwkKZMAeqVfFN7v7rZ7ZThmBBi2uOqwvSWwuKXs458K5I8uwybruP8PTwiDQ-FDQ-FIt15rwoSM3xdM_MJkbjmIAnpWlLEtAVv7iz9_D5stQUPLHiQlSsULrIxi3i5REyMuim4vg8_74VmD7wsvIowD7TfP1DCyDRpdwzx53CQOxrkfcP-Rf37SitRNV4euCLLg_rdEKwXM4-K2joFDXQKUllblf2MINgSIHZt3aDu2kIj9S7qj8hbbUuHf-mg0YCHGZlj77RSbL0OkkU7sBr4lrrZm2YoR_P36POBHzX72YmWwqKdIEPydd4jTwQm6PqWj-N_PkX3aeRITm75IvYAPjO_fICltObLVFoj77WTOjllyVOeaYpUpxuFpk-3c4z5A5qbQ7nGoEjPlmRFfRuPSKCxEb74QH3iBqrd7fsLgkWEcItUfIlnllnq-zDxq_GDgKGWFqK7ULHtPs5M0CUY2FwRywXyWjuI-ys56N1JXvtCi-xdyVw2y5jDBA2HZGYTxQfm5TW3GuoK2t8orDTW6XuGKsp2EgsnXV_hfeqxeaf949W3-pOS5Ldosj5ZkHHjef-0aUJl13ak5zovZaI-UCbB4dAhDYZYwLU9uUOZOGT3tE9m-6ZSVk7TwlE-J4j-HzQf9fVRckFwu-5yctvrD7ym-A6pyx3qmOTVyTxY2xWQagIYBn8J0-SNxz2_X2Ksnrx1g2ppJbNdXiqxsyvohfSyLCZ2NC97IIlSlvDGDKevVpMRKR-YplftNqfn2J-vjo27IuUfAHtE5ynzHUOWyhnvd2GYoPZY-Q6JfykP9YVEfHlNLq2LafUEwBxPEtal_rfhNCe8NksNaQTkuE17JhwKskq26XQlmtIXRrX3bQ7dFZDxDGqAc74pR7x2XTH7A1Uhm1ob0gvp2x6hQX-D_9OYBY46PyxMbvXvmYsWiztcPdNAavuMCfdZimY24xM9Kxh1Vh0LFzr41XUR3AJ_4Pvn5ML2Z-FSMUQgPs7TJDnhyS-9mNJanz08usD4o4bY8Z_5vdpaliEkmFlRSCYrtHUUwq3LEQAKbqxi365uWMcVRXl2KqX-thSoeawk4GYYEOvGNikoELrQsNtydTwafue3O--EBO-1pGS2bk8q56EewsOKyisssXt263ys8J8EWtFIp7PX3ValnI9tZAg9nJgSjRt5B7OSo5KU7J-knTHf95AQCZERrTZV-pspGwxBtVj9ynRG0SRGM59FiciZIhOAE5OgcVyAgewbGSO1OUYdkf1AUaumyt0LFdlRMp8MxOZ9NvWk1Mi1hCVjfzU28djlQRfu32-ArE4pscBG7ckv_gZkPBlG5sBYy2gY6UqeelDUeUw_vmDqrTxceXyEHsGMk_LhXDjvID8l5IaFt3AhhDeyvFPad5KPQ1u-79-rhVrpCIVbEF2UCsJj8HmxXFhvFdNOlDiu7kAP5Qg3EzY6a_1P8XrxTC1h5G_ewIb0RYLDzzkFD0yRnEDjF2Pb8Vf7bGa-YVQkDOI5dM88PC4CLZyq8e9kiUv92WjpG4rROTceCIDD1k3Ca4bkawEGaWJGwTbpGvFCxMgr05M1h-FoNYRxCY1xtSjlf9SaD5WNKv6hZvgxhGIsNNmPi3VyoP31AyI65GTCYXci6XeFg3AjpA2qp-kMncSI20-yxrCZUw98mF8BaposbCYI5vIUK7oWf1q-eEjNJtz7G7V5LnmS_mk63SngMCruVbiKNAXgooTaqRbLTcrsAASgFrtEG5Pa4IQMb8FEN0Bh-XMH6NUvyTJee87DHGBaYyJqc-8QASquU9782N4Tv9Ye_vDDbcxIgQQH20YwbA8A2nmYpHhrBSIE4zycJuIHFBzL2Sc0sYhg2AiThMyOKEuqzs_1bv963AFqxxee9ALxRjcMoLkjezuMaDze2wHPXGzBwYEAotxdVkjwSBl8jTSKEFZLQsB_P4-3anhQd5O0MrubyCv8VmJqeVUloveUs7HQG3lcZrlbijHT7y3o1sJxZaK8LJZ6MDuCDVo_UE3lN5ZUZfjW9uGXXFLZOjCe-jW805RF0E-ioKVBGNwpxuSX_2SSW-mdQQ6-bzFbEUbmDZslDFGHYrgInrLq11MR7nCWT8p45MREezH22auzJB0kFdI6rrY0C5xXmoqFFk46R8ORCYtilqEEGDWgvSJOUzOEEgHg-m6qoMSsSnuDQlgv4a4rtFs7qa8MqjLRMcZ_5KWB5Ix1qCNP6ncbMCMZQ8bEcqQs8HzoQ0N9xAgRk5HrccGirX1nBgnqbCynBpVGg9wSLXE15wUEX0PjNk_qjUbwLxK_suHh8CkuUG_-u9gsrjkAozDWzh98t-D7yzvMFq40b9yJ5PMEEBPVonePuiGDjQ0YjeZRYdK14sP8i54pQl-mk8PGxLIf8qMKw6DCM4WSLkx6I0MwlT9wx37aF1Z6Vpfzc4MZ8ZHNPcBZ91QuG8SQsjLLl_6SenNM49hCjEJaJUEy7HMjs8y_v2UJYZ5Z2jsA2J8PfuSRk1glXAjYquruB6Iz7chykk3wHS6Ed9C9jmJqYdGmEkumzBPmcEgKKsG1en0z6Npx-A&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
css
fonts.googleapis.com/ Frame FA13 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f95.1e100.net
Software
ESF /
Resource Hash
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 23 Oct 2022 07:48:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 23 Oct 2022 07:48:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4394 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKjjUy_FUY_jhCdnb9QOu2beoAQAAAAA4AeAEAg&bg=!NzSlNHDNAAaaxvStusY7ACkAdvg8Wu00Tyeql6dcAAb8voViOIJ_i8fJ4ERwYzRsX7WIeq4Hk0wkZwIAAABYUgAAAAJoAQcKAImWWbqLq3SBy1Jd9WL-g4mV4A4fQHFVH5ioQwa_UWIeyYg3gS6nPbPV0BwPQD-jYyWXPsgT2QPZK-NdS6oM_GouXPSxBNGmb60ZrCKWoJj84sBxWnfVH7QaT0BpfkPDJXhZKqV_6WTvoCBc7uvOUyog0AivcaYjn0MKwU1exeDhS5Vi42-SOz35SJkC_PM1SV-yGnUL0CafClfWqwyB90YflWLcl8Zh90LPzG7pa3u8eroD9pDjXi6x69V6OCY5RaPfzF-lMWlfcRZa75HasXdeSTmK72-RLB5w9wDPpQdl5cgLe4_qyOOX7a44J29g9NRrDsIH3FhcQdmNv-ZtnJx-axgxMi8sR9L1Hln1gEAmv1CX2iy0sA3K-7bhoYF4dEiSR-qdwubf8Au9H6uuG72JaJpG71u343L-2rNNmwpsv0gSKha_pXDV0dpq_CFE3kZC4AUvzA_K3Utf6ntiKPWJuAfQe88eYHfzG-4uPMAo66Bzp-oLY7AlRlMdkbVfxe3aZObJNrtUpj_dqJWUEtcd8NCfzyIN176ZvJKgqYgxvoBTl7yGFgwMPrBT7rV_7-cuXMA6RanKKMYfHoODW4Tc6PS0AoXAGXiLrdtJEKGbEzl7icp4BeHDmU9A6U6c3BDkohbaQNBSduUUxlVRG98xumBlNvShYYxFOPbbaWIbP-pptmDRSWnaxmEGFLCbElAkW3YKi08XR7nWCHFjJLV1V3xw0W8ncLHzQc_H0D0fnb5Lp1AC2XgUTF1HmUBxE876v754IcAztT2zSduMy0zdJoF90fot3qcMbU4UiueU3SEYdnqk_-1yqLzyKs01qIbY-GtbBXplg8RmvuD0bLHcVx3lPHSxmkZ0A_t0a1LufwzbATcRZzayU7zMy7Ag6NnzjUVrN6TghJLy7JxdHqgB4LbF7MYiRXXYWpc2qS3kCdj5q-4n4O1tgCfo2ORA2RJ0dDnKUsdAvA9Kb5xI8Od_3_fodu0OFI5XRZ_WE_XZQ9jUDTfey7cNAI0nUheB6IBR4u_SrCtbuNOE27amatDgQM7jtm1yvRHhmBPbImm3_iK-Te3WuJxdYILtUcc-YoanR-Bz4oGrWf4Zd8BZcwCyIuK7gvx6rqhWP9FSNLCIKJxm8mP2nl2Ob0TfgSf2hYuOu4qzG0fLDhQRn1SwbWoAx-hs17-t81VVa34mDglT9oTOjqTh9x-W
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303585&bpp=13&bdt=1202&idt=1698&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=2&ga_vid=746681133.1666511306&ga_sid=1666511306&ga_hid=2136903896&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=60&biw=1600&bih=1200&isw=336&ish=280&ifk=2242066262&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31070424%2C31070425%2C44775016&oid=2&pvsid=2381695316214415&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ruiyj26cslv7&fsb=1&dtd=2223
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0DDE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101901&jk=3329293712666974&bg=!lpWlldHNAAaaxvStusY7ACkAdvg8Wr2H7FCY9ofvLwr9wAGlsvpaCPnaayAW55jxB68jd5wonRPo0QIAAACCUgAAAANoAQcKACAKWd52qvNzLdTIhGoKD5EQewMDS3QoqHQFpp-U7n10apkCtHwN37hLsFw4py--xOJNiMTMvHB9QwHI5jYHSsjYDVBuPLHj5YUkEH8dWjtGpi3doS8SutX88I1ygVnQ9Pu4iELUydiTAimtyB2h1XbGXnBV-biu6_PkphxLKdXFuKdcOsdK-rqtlGhl6ohsjxI5D6wVYJe_Dzes0RyjQ6Zdaxyt5RPcpeHiHGDm8BcquJ0OdBILAaiK48tg3R1R_l5tfjZmiVKFBGfVSXGbJ49SNaNLYE2TSHbBUmFO0xsU5rLQEROcYemVTAUB-S2mgVmikOMIVgtKMpRO6dPDgikXuUmLx5kejPDJRlG82sevkbu7yVtm5CgeeazKa0nfZjqfQI2Sdnz0C7VhwXAJfasVFt_LSxoow4MhUysqwm1yLz6rGNir0RYVR3Zh5LDCvXXAno9ZJ8kph_vhqeHUDrW3IfnC9uQFHULqiGTY8LZFjodvbiUkHNBibhpJmppfLDIvmg_7F-A1hNr3NogLaNU9ghZW6u2NrqESv9KzmM38PXnIkHhPWoA5DmKG1tsoxjWQAzYkmQcdOYMnHwjNGLHFsWM5PgUk1u6hLBtm-Qsb_knnhHyqXKlT_SgdTAa_FgburEOpSWcJ2FyvUM6Pl81K9rIE2j9mjPTC3YLclKzSoU0y-nTMNuKM22Hyv8YV0-yA4swNZ0OQ6h3jIXacmp1h28HjUQyJ1i3KfPWkAL2UETKO-8dlcRmZ4RYUv5o1dFH164BmKkijAj4pOlaQLjxhZl267dnlmIHoWW5AuT8PHbl6MMse2mRJW4DIZfDgEH1AEDmUbzGAw-Wwmnscix4y7QE5IN_cTSNTQ0zYyauEWBAU3gVRcBzIrkLI5SZrtYKGmIl02bM4Z_BitsNb0Jn7IwybtL6X7ROgak68vmKzUB81yH9jkPgf6fqLKv7upgXI1iDJRREi
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame E5D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022101801&jk=2684128129037456&bg=!YGOlYyfNAAaaxvStusY7ACkAdvg8Wt42Aq8b7An6Fe4ADQe_JPNStEZqiUw7NblF5knIED5RN2WmPQIAAABXUgAAAANoAQeZAr9mZfsklzTr-73vANpDFz4bhEM2LUDMhoWH78_vJZUWkMmQD8LAeX0oNO79DlIP5tzImBh4z7TvYC0SEVAFZZXI8RfzqBSfmL3sQ6biVKCkoALkl_1NkJ6VnTJgNZiHmXSuQ8yx4rQtrmsdg27bmYCw0bTamez7_sPSnB6VeYcbQ3cuZxdkcCQvWtxrHJOKTyjskqsttDMNnv05Hm8XycBBxcndNorlOlSRPX0uvj6ZFSHhaD3abo6sAJfsOa7UJjELqiQuayc_VreZYlfmw111F2n5bPzLBq2ah9zpuWwORpAF-WWiTQNhtpAZmQnyZPGexmQhwC6aGUcUWcjvCQws5BNBIyKoqkf2ImCYzIveRcHwhpFFvPp2Csnck6KTbk2r0qK1LFG3WAy9W9rl2UNr5m1gOydc_ysU8-GkN_c8ZKH-vYeKJNnRETuLta0D5GDMmMwbE240YbfJvw2rdt-if7np9wIrC70uAz1RHccZVFV2xdVW1RSgjl7F5ecScbxhmldHENaxYEmiA9OUBlwETPUARUSVazbw4CRPyofQK63To7stR_9PJj1sPHe8sHbBcr4gmoI21RFq0Qsn7Q3ySZ_wcoNQ2oYCyCMAnp7UELdeay8C6dSna0FjGEV7ZwtQvNlFlmAzcR4GUlsNDdRvneK6u1TMZ5wHJE43DFxqT8woHkc2x6ePEiSviP38Qqg7HjayjmCD7R8nhdkNh4RWRoU3yhLRxxMJufIf4CiVadpSv6egFAz32f1OMrzZhG6b7aDt42jRtapDgPD0O-cFBj8jhsSFx6K7HLpGEpHpmoLOL8f2Mfrif6yK_7A_XZpP0ZzOOnbmp9hdaL_DchNgbUpCirVmRlHvXF89yi7BtzYbhSKyv61nBZcPdKhxiDclGb6I2rNexuxPR1ZhrUHMb8LZqjN1filKnwOipS7M
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI4MjI1NjBfMTY2NjUxMTMwODc4OCIsInVzZXJJZCI6IjQxMjgzMF8xNjY2NTExMzA4Nzg5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMTAwMzAyXzE2NjY1MTEzMDg3ODkiLCJwYWdlUGF0aCI6IiUyRmElMkZqaW4temhvbmctamlhbmctd3Uta2FuZy1yZW4tZmVuLWhvbmctdGlhby13ZW4tc2hhbi15b3UteWFuZy1jb25nLWhvdS10YWkteXVlLWppYW4tbnUteW91LXNoYW8teXUtd2VpLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGamluLXpob25nLWppYW5nLXd1LWthbmctcmVuLWZlbi1ob25nLXRpYW8td2VuLXNoYW4teW91LXlhbmctY29uZy1ob3UtdGFpLXl1ZS1qaWFuLW51LXlvdS1zaGFvLXl1LXdlaS5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2NjUxMTMwODc4OX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvamluLXpob25nLWppYW5nLXd1LWthbmctcmVuLWZlbi1ob25nLXRpYW8td2VuLXNoYW4teW91LXlhbmctY29uZy1ob3UtdGFpLXl1ZS1qaWFuLW51LXlvdS1zaGFvLXl1LXdlaS5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvamluLXpob25nLWppYW5nLXd1LWthbmctcmVuLWZlbi1ob25nLXRpYW8td2VuLXNoYW4teW91LXlhbmctY29uZy1ob3UtdGFpLXl1ZS1qaWFuLW51LXlvdS1zaGFvLXl1LXdlaS5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.130 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-130.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 23 Oct 2022 07:48:29 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=11, origin; dur=219
content-length
555
expires
Sun, 23 Oct 2022 08:48:29 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 5FB5 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
143e7cdecd519cfed4126d6025fc3558c24f343840c4febf5e1cdaa08d78931d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11337
x-xss-protection
0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame FA13 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 14:38:20 GMT
x-content-type-options
nosniff
age
321009
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 14:38:20 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 14C6 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221019&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
0d3f8f4cd59f34b5d922da7703f3c2679c1600fe59675c0ff6a66953597adcf4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11438
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 5FB5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:29 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 14C6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202210130101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:29 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
7702a79581b1542e211d8dd70218a39bdc2c9243ca6403088f03cc150e9d4fec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77790
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 23 Oct 2022 07:48:29 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9qaW4temhvbmctamlhbmctd3Uta2FuZy1yZW4tZmVuLWhvbmctdGlhby13ZW4tc2hhbi15b3UteWFuZy1jb25nLWhvdS10YWkteXVlLWppYW4tbnUteW91LXNoYW8teXUtd2VpLmh0bWwiLCJ0aW1lIjoxNjY2NTExMzA5MjgxfQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
server
nginx/1.14.0 (Ubuntu)
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame DB12 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
267767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 05:25:42 GMT
expires
Fri, 20 Oct 2023 05:25:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5270 		783 B
765 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
816f05017eb6fb1e7b611f463d16f12d7a016881bda9f48e598ea143492d175a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DiI-gUukkN_yUNjfVRw7Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-DiI-gUukkN_yUNjfVRw7Lg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:29 GMT
expires
Sun, 23 Oct 2022 07:48:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com.au/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f157.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		151 KB
53 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2432930374738713&correlator=4130022479097111&eid=31062931&output=ldjh&gdfp_req=1&vrg=2022101801&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.01%26hb_ap_adid%3D74df4af36e4d777%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D757782a37139347%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D76bd13682bb6d89%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D07b1bcddef64eb0a-227346806fd7003d%3AT%3D1666511306%3ART%3D1666511306%3AS%3DALNI_MYJ3x96_emF4MU60H4nRVVP07Q8VQ&gpic=UID%3D00000b69b7e6cadf%3AT%3D1666511306%3ART%3D1666511306%3AS%3DALNI_MZzhtUkB4JK1IenC1itnYwp9ddoww&arp=1&abxe=1&dt=1666511309453&lmt=1666511309&dlt=1666511301103&idt=6145&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=788233906.1666511309&ga_sid=1666511309&ga_hid=5209&ga_fc=false&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
1bd590b66a1bd74fcfa62febc12fb43fdef48042cc1bd7e524707ca918c41839
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-a_7Tu9foCFXVHnQkdR3IKtQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/4389438816028964892/index.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP-a_7Tu9foCFXVHnQkdR3IKtQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/4389438816028964892/index.html
date
Sun, 23 Oct 2022 07:48:30 GMT
x-content-type-options
nosniff
content-encoding
br
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54372
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E6A4 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:29 GMT
expires
Mon, 23 Oct 2023 07:48:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame BD95 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
267767
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 20 Oct 2022 05:25:42 GMT
expires
Fri, 20 Oct 2023 05:25:42 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A1E7 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
GSE /
Resource Hash
62fef3156e1c9aa00eedd48f3cad7427e1b27f6e2dca210d8b51d91b4ea45f01
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rszOjFrWMh9SuZNoT4SvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-rszOjFrWMh9SuZNoT4SvqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:29 GMT
expires
Sun, 23 Oct 2022 07:48:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame DB12 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame BD95 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
generate_204
tpc.googlesyndication.com/ Frame DB12 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?illGaw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 22CE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu-VzhhEriefGegfg0D1T4JaUKWs5uUy-bNdIyccfnIi1RhuHUOl4lUGbQSsqEi4LHm426g-EHD--D9xl4E7Zgyg7ZO0-9P0ceUq7XAALhByqKMMXXsgPLshw&sai=AMfl-YR2g8I53zNZuyushqH9I8KL4v9mdh9CXbiupCbv9uy2GolQPldXj4vZfF8x9_H0L1PBQNJ1cUpbJH7MljwPcVLx7TPFLy8Ks8QQLw&sig=Cg0ArKJSzImcu4_xTPAwEAE&cid=CAQSKQDq26N9zMAVSk7x2_KixStf0T9zpX4dAlNBMskaxwkXq7S-PCn83I1cGAEgDg&id=lidar2&mcvt=1009&p=0,0,250,300&mtos=1009,1009,1009,1009,1009&tos=1009,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666511306720&rpt=2073&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:29 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5270 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=2381695316214415&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-43.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:05:34 GMT
via
1.1 500f4e37798a0a47047ecfa48f4fd932.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
2577
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 15:29:19 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
GmHXcCzvd2YQmNicBkYDpA4cDr0C-TcPCY-1k6qv7p4h4uKsp9nYIA==
sodar
pagead2.googlesyndication.com/pagead/ Frame A1E7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221019&jk=2277460202082333&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame BD95 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?nB0kmg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaj0&_p=5209&cid=788233906.1666511309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1666511310&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&dt=%E9%87%91%E9%90%98%E7%8D%8E%EF%BC%8F%E5%90%B3%E6%85%B7%E4%BB%81%E3%80%8C%E7%B2%89%E7%B4%85%E6%A2%9D%E7%B4%8B%E8%A1%AB%E3%80%8D%E6%9C%89%E6%B4%8B%E8%94%A5%EF%BC%81%E3%80%80%E5%BE%8C%E8%87%BA%E7%B4%84%E8%A6%8B%E5%A5%B3%E5%8F%8B%E9%82%B5%E9%9B%A8%E8%96%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 55F2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:29 GMT
expires
Mon, 23 Oct 2023 07:48:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 85FC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:29 GMT
expires
Mon, 23 Oct 2023 07:48:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8413 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022101801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:29 GMT
expires
Mon, 23 Oct 2023 07:48:29 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 5FB5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=2381695316214415&bg=!s7ClsPTNAAaaxvStusY7ACkAdvg8WpS6N9gsagiIEo-MT25IU6wxlxVeE9wA0ju9HerOdCxGObLoUAIAAABGUgAAAAJoAQcKACmkfay2X7jYT71woDlbz6vKkmYd4Gy2liKeUZmsr7xaVL39qpS_DlOaVZkCpUMC_d4m_GgO4bgJ6COMskuIsKyu0d-F1qAYrBbvjUpNB9b3t4FES1QIOk5L5Vrd20VrdkhlM4FNxgUfkp5q5St7DHdmGcOOEJtsCXlnOAvqKs8ZzVWrJGJkreNFLics-hxHmL8BA12GZ_K6H08pywKBCmy7kjWKzpLl6fznNeHWP7VmegQwIStdvXw3F_i49wXXQtbn3TffFG6aGRzbILpkMeYFZmew54o1w2SwX5cjCu50A3-CqqRWzjy7mQEzSQWoVKWhr8I1-YENQ24rFmxKm_SS0qagYc8SZl2f0b1KMEfYsus5E0PKJiGan20MadTlnRxxfnWb0udbA298DUNphFfxbeH11nWJD2eTnPGZf7En-khuF4_eHKYIGkXXHPiaiGQsid6mfdkm3bFoGJLczkr_oLQS-2UjxLMOyBt3cp0BU6xPpr6X5aAQpYS2xMlvZjdUhRO7v6P3JCLeWTkSG2oqmvGgXMn8-QTjGJbt6MyXxEHkoF6mWj_hF7rZZBZlRfvp7lJiCTtRAnJ1e0Yehl-MDkY6nAVUFscrNHSeKEHLosklRounRDoKRBoNjux3U1YUaxv_emaHDz-ic17a9bq-FYxyIBBpDunvfBbEsODYjr63ZEqs2ksljFHsELHXNLIyCKLjqvtAT3jlWFDqHh6uBjcYPBtBYqdOOmwl4qsFTuyRArnldswBzf9SIlp91KlJ51mYCMEOO-Vto3L7t8K3zweZjOaDuoxYxUiM_6_1HY_lLqUchKAYZnmGGP_Lxdn3Q8oGuwy6cHfaRlo1HVmNUwjuKQS2J6MKxKe3l5xbH42ZwOCs-KHn6ElCi_sn8p4vXjazbuad1onsvBByIED9iJ4xqV1658IzfT1j8PWv7t3RNIDWXpXqt2i2Prze6DJh
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 14C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221019&jk=2277460202082333&bg=!dXaldjLNAAaaxvStusY7ACkAdvg8WmAB8SX5equbGche7A3DAPZEvwL0Avvh3iOl85vWZgQweepG3gIAAABVUgAAAAJoAQeZAsUTNit_PvdcNoQY6Y8uck8P_v8_2GTrtQvhqTFE52cCOEI44jXUEXxSGYMszYSGcuutfghmGza9H9TfoTqgnK-kdfxLUzuvqzUhwQaqW2hF9EC61buqxThKFc_RNBaVmqHTDIzSODdNi_fomGH6WQ_WJgYM_uFs6QOSmJYXjbB0FhgUGhIaB65Wy4a6PYbK2zDSJAxVkyNZ42NE-niIE4mht4-I_fIIdy6ekhiCzZsgKUc-d3kf5BpD1xzmeJ6dNjML4kDi5ZQPjSRaZRTVGCQPNIOklAytPjoYPJLbreToqoj-7F-QiU_egsjT_SQu3idwT2xKJpdw5axg4m3TVVmL0y7ltnRKAHQwk-___LyzfiwNkCXNt5V-p0PMAhJlyeyHPGNrkR7nrqR4x4gSrJD9AIpoYk9SewZkz2i2j_zSrYjAT0BQKpYKT6I26JgCnSWU0if4pgEoXsndDx6_o9_iL7OOe9bmP5Ry3NxhQA45LMeaJjFYFIhdXNlZPmNqxTswcPhmlZjUJ5D2NdKoQYPrxq8KkM-p85cadhgAYi0UXbnxThxVUkf0VJCcnsvjGRasZ9q2L8qrZwRMHj27FcCURYgdxXGwOIpT4U1tREY05g2wZM2isoY4rm8wW9zxV7OrFWMpaipGwHJ57JjMIM5qvw11_XHSyUnTEapbkG0PDMScNDsgLJTWJvq0TWB85uZOJkOK4KIuLnodX0y6K0MgMb0S19QXgLRMonJS9iWBv5RBSQN-jvXnZupy2tHg5B8d3bLWS9m2q3FgsCs7yTBDBTnlh_bjgza9Cpzw5YvRtaUZPiXdTNXaOpdRTpIc1O3sj18Jv8V8ptBnUXbrGL6Mci5S1X4bmjI6RVo6hWWDuo_x5U_QJsmWb5s720_EWxhmTmyD65c2irb728vbBPdo6evA0p7kfTE7iWVyPDQX8V9GjgZc
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel;r=520006046;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html;uh=e51ed67dfb8d...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=520006046;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1008184132-1666511310523;pbc=9c804464-5d48-46d6-ade8-0a134b604d52;ns=0;ce=1;qjs=1;qv=7a1cba14-20221011131736;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1666511310522;tzo=0;ogl=;ses=99c34d03-afd6-4d3d-8ec3-7fd5bc93718d
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.180 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 3824 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVX4eXiJ8h_2JsFYTm4SczWGHtjNNUll39rIVubCYgvNfySG0LnMoS9LofZrbRe24iC_1PHxZ7aMmfBIpq6ZTHLuYpOtw
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 55F2 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8Lw0IxdzVCYv3gl3mENv1gR4iCjSlnuQH_FzoijgPUuzttIfzuuDdzaZEW5qLZ6vBFX8lV0lv7Ma8gy_F0JJzmHFjbQ&cry=1&dbm_d=AKAmf-BZ1sLYSrE3cpjl4sLNu1zVJM44rl3H73Z3FJM2BE8fDWKNgBOf0dQhBGsskFimvMRa48XAzeAyB7Pwx1rjqOfBfOXSdfJs2GZ36DRTp4QkeJ5izdS_YrjQmbkfcTdVNbARVFjsDoBxQ9qyEBfmaxwX4noEK6SL5l2wheDLaRdduzB5a5DBSyThToOSbXzENmXhZL06b4ipKUaLWlWChCaK8GrG8A3vks306vmgAdCCQP8wZ39g47t7wCgPybRziQCrhEYxWjTLVjnOSuvRdLa0SQJLEgrWdoN2CTuGGOolSxmVCuBTPaTGM0abmWJcqVHSMU6ILyn-OwzWsQf-kFisBqSYvMa9QNRCh2x3-348XJNE7U6TB4qSaBZaXG95a5H1UBaV7biQxULvgnFp7oH2Jlwh4y6ktjTfGhBEOl8m8jQYpjckt0MXWjhN1dYckXKwmDSyTVkSCglGWoOTcNArie3pA5PwiDeLdN5w7jbG_b_SAX14-lEnt2BdWhMIiP9kIxwDW4NUKNOR1g6ouDdtURxoFVB42_lzn3A5IAu9hNG_jI1mbMTw4ChsU6qVL05bk2KBRZkNvv1TZWIFVbm2swmnx6yLlhRTkf1tjwzLi3r7xyZBPL8-Zr0uJtTpXONTbpW2TLh8GRtpN0A8x63vHQfT67GRd7lGTyJeA_EVW_4rh5tIpNFjydDDuPzOWLKps60QOWgK_-rizyG-AM_YHwq2jAjHvQBE55ji2NgwhB8fN7obViyAWattNjcauO0XRu2ifYNfLIvNZ_5WMD58-E0iPg8fHVzGdyC5Ln4Bxt5jDtL2nbHb82zC5l1bRXfk0pJ_RwPkFFfeXgys8nLNPPm1ks_S8pWTNJhTGvaLhXOYUCvDoRF7Jsb9LV5VkB6EBCDaqmvSNJ1TzgSYvfPJtyh0cUWKD3vVxiKNeQWjOo3a0Vj9fTtXozBODO2umGHkKi3Svgk6nid_IopAJHBgrYaEs7VMzixu6n_ZRW4TcDarSIehumaTQbDDqFqxl4zZeNZcu6I4DlsrL2hcfgb8QMnu0fLN65zXlDZSrQMzX5QpSF5ZyhBpoND4d7p7L3ZrM0ea7WuNkkycrDHs7sWEODjCL_8lR1eQ_yptv_pcR9DxI1UZ1nSmtcmgv_IgWtw5KHkCaFPfisIINc6m0P7LqWyjhspEiBh7HjrVK31-Vrri2YHNFbo8VdYqeLiezrY75NpvpIdHihPblixevptuwjovRF8hGrr8bHIq4JCgzRyW9ZGzreWEfH_ogj074bPlFnNdegfDmzhyy3jCR44UGijqr2c0BZ7G2n-aReGU4yFbluRzPPsAOk3V4xh5cZ81cEYRyNuGQcg9kwJQB2E7vggGDb0lY-9RkyqX_e_neunKX8AdPEHRIsn0SxkZUKLBBkdmH-mJ967E2FklVNFltHWjfD4HheR-5oASpArbDuM62fhUVuhsFmFmIN2m9QomXX8bho48C5s3zp-eBE8J8-qH5XNZ_-DXWv9y-ybnslHxPbc_R89OR2SlL0hA0LIwhk0UKAT5NO768FXmNRx_KDOxrwk_XoN_ZAtXlsaUG0qmNc5wqHZ8YfdzY5Km_qIqIqZ9iFS0dguhWFL5c23OCo1yGeXCP4KTIU8X7TE2BadVR81OWToY9kcoqrbeEhv423L6mllZmv1s9lp2ZJmbSI-UL2G6iifaPsgAxZs6D3sk1UqOqcHkWNd3avlqjVqe16d9o6EOPETVo_WL8n4JTTfDy09oCelFdy-v94pD8Hd99IWzNz482UH7t1l94ESkRI71cPLhk7c5zP_5VM207a2qsjwLuiY02W4QvHEf1HTloNUAIEdb2n7PPN4hnC2T94SJslCRn4kvDXp65R5KeNEaWUVbyvjQT3ET2D4NDn5GZdWXHW7KC-Ff7dhDRC1RHOzbNw60HT8CQTM6ul5LaURAhE9CU-55rrgYn6Yzxi2N0TW2quQq9xwyDijWZCabhOvdpb9KasQJaFBonkkEkLOtbkzvxSxGj_B3RiBaajbfcDBG9GQUd7Y42cbvlh9zSf0bTaPDPTZGPAJTZDs7zSLUrozlht0bgKdMMvgiUx05RrVcwBSVFfqvyTxx0_O7vLV09ykcsEmagTzgZC8-wP2icIxXzDRouuiPitvpvk7dgqBgEApB8ISTOYAnOxF1QPOViQnNhOBufcC1TjJtPkM2mQAqDvTOg85VRi6F9UiKAbgc0pQQ_HjIZxGdU2xLmKj3WyxM6UEnqJpnSY3nvcaB0qCSuQzji7Q_hwkDWyXSq28SOmmtCMthwM15aJ1gb_HYUsJyYKP4bSHGKiwuGh92Vi8uvM4a_V1xVf_V0CqZPQAjoSRMzSnkNTEYnXqD-yBhqtsk4-EejrKFqdC4dbf4jplKWOsnBXkjb8l4QbA6maLTgYQ9vDE0bHWvogpsiPevLMifmMmpcY7wDwxZfMuIkTUwkvt24a_uV1X5PVQOuuR0xfM7xsidxH2HrBruLk1aCXCEeQFIBdmudvhSTrEI1m6dVvmoIU_0EfLSHwsdu7teb15o7ENTm4KZk41eHoGQx7GH_zyXN7X35rafsb8dDI5TQY5xq1z8UYS3alAl6hneNEIekxweOLVvr7NzlrffCaJrTew0pzOJyhDe0VVYKVvYfBx9GOeVzPJ9exxpzKu0aj2MsuXHRBraePzhNxaJiY6Y9dXSZRl-6co3OEfFJMCIqbeOCbXtzMVGB2GA18KprIu4j8y-uKiihvv2b58f7cmJqZYZEo0k2LvqkEbVuK5gLq8TitbDg5sM1hI3WMoKG6T9vEDX2gXmKWslRHAJj_no--6a3Ds4vwrG2geaPPAvHo8YLHXYNJeFhnXyU2FdEdIVMaVJgk13lehaD1-k7vEJZEMFxjQeRRqPasvkPdbtvmahQTKiIf8i2iGh-TFHklCz7fyvv7STTx5WkamxxLDC68c7RkjYQyCTQkNe1RKvRbv3Efw43Khu68A8I5UAZb84WIe-3Hlq1-iTvXJUcH9EXgWtCaTdKllFAZMyJqnF7v64Fhb7v_UHGz4-Ja7r5RCrilZ-HQXQo1v3uBo-LURq5v9JBscGuX613H2wTJGmPUTCQRm65KQKZPS-BUA-Vb7IaRZF9C1cSQ9ZWMoSTJm4RDTrX-3DzEb4hWNTKejEsp53Hv0DtdQ1Jq2pBdCJz9yAwfh0vJtLaDmQIwu-PGAjY1U9kVtiNnGJIXlG-A2oVsrR7w3W50ZdH8NjCe6pgspKpb312Q_8kCMC51a7Jxnm9TI0ctZGl9tYfGlcRECMS9DTZUqcB8jumLMOV3OPkt6wpwrtji732GY6JxUqtfFRPUvY1js_fZTdjROrZiY_-b3RSMQjB05Tvys6n6c6Uym82CXR8-bVpZizxPow2D7p-mSOy2lRUBosWQ-UjOCA4C7ScxYy4dcdtTZxBlFpKHCyflcC9lV7DkbR7GFz&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
ef0b7772670416130029db26255a5b9fea7ba925e75b14c9490265032ae1057d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34835
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 55F2 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CrXl7WIJ3fqG6YumlGWMXSZmIy86DP26fWL5mXPqKS4XSh5UZ5EQFCLuavMJfzcPOgYPQI9EfgBrVyO5hHA-fsGpyujVKI4UGlRUipltDtjvd_S0c
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 55F2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:07:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 55F2 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
29294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 23:40:16 GMT
l
www.google.com/ads/measurement/ Frame 55F2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSENOsTfqKjr09Vuglia_KcCdv_yDrwlCYf3FEwKP0Wnfkof5OkcIzHdVrPyAAw9IAETTyByAu-UKgDwtfkSA_5Cq3j1Q
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 55F2 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:30 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 0CBC 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXyRQvJbuPx-Ehd0RcE0hhWc2wBWDSnrU71AYZWSxZ-xviKUzl58cxsnhajriVmgSNrhoUrVfpbtS-RyQR2n-DCwsnkvw
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 85FC 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChvLNMP6tyEigynZPon8kjQFbYreqS6JHqTS0tpBWJTsVPFWln-c_iTTHaXdfgFf9_w5lYfzcEu4GOrBO3Qitt6vGXGA&cry=1&dbm_d=AKAmf-DdUYV253tnVSpCcU_z15xNQHmapK4DeL0rjip-1pQN4bFc4njFI7fXWuvHDQMDnN6ahnqBjzoJQ0Q6CxbfWQKYtFG8VrRAy0TjDEGwE6sAdQYNGwEXpDmWraWdjI2v32Yr5W8RTRdD_UALHoNDsWTHrk30dG0tmpQQCOQtw3arh-d_V9qes8_Tl2_SCuchrngWSYzQNbKZA4HUNzDj-kuqaSTPi8MvEjeNCHWzeaaTShFMq9repCq8DUW12xOHbshQlh4b6UCsEvi9ApsO3QjuzrGPHBlRJP-eeeasXLdKphZRtVZ1-B02V_3-jRwKp5hLeqyJD5znPjfX_rPaMt-9s7YGTsn6KcfDm4rGDdfIfg4oNkHKqfjPy2C8TWta4unrHhzYvujc3wUsZ3qP4ewEPq2mNlTUMjp-sOMj7t7vyjaHQgdEGQ_1xvdmn0pSEFzm2Ze-ZYwwvKkO0R4zjK8RgE8bfO662lQe6PT1e7EElaBYJH5B5JTVceaMi2sXRlMF1AWMGG303LO92w6u-AG00_Du3YPmTfFUEbMxumKKX9pEYqtetrUHZVIbZZoPk59IiCj9bgOfBQAmIIQLlroub1-ItmzCFwf8Ej1azghIfc3dN2oA8g9s-nhxc-Q8jrsyqWoQ85oKXw9a8jtmpkgLjAyVrA3QC5T7GjcuHBSO-sfxLCxXZGX0RIODaDEExyNE5mXnC9BvqXFbHw7Tg0IWvTX_GqCMewkxDGrBA5JHyeG6VD0dYyrnY3ROLO0LBfa4yaJl52xR2FWLnPcXBTK694ycX6YG5OltNErPbuWh60MAXVCtNBLrp6IWYm0wcD55uRReP6geE3rfpAghXlvZrOcPw-017vsrxg--6jUa168ryOgweMZif2emw4xdTyjG7PPVZLgDPto5as_xudD8W9abOT_t9U9RCXHERrg0ykQKh1T31YK-bN2BW-iLEXe_CoC6G2sQxJpsIUPyyX802FnJf7563SJg_Hj1LnUB6dg5zYD6uxX0ORcF12dlrSWEO1hcJmzV_2Q1XsUP4sJi10ypPj6TqSWlda-w5lw0OjxREVCSNNEEoLjTi1QdUE-kcTVyErLWoae0n40Bao_10f2PwvYvEiZjW9szUapOQ6mdHyN7kCJBhsj2JwFosmeaY0kk3ew5Q2UkIQbDYISRl1W4IbhAlDZlciywxnPt-XwYezZMJrqb95UPCALv7twm8A8XkLiFVmbAxSDLaQ0oYran-0pBJ1aGN-SonTv8uOCitPHT6uTg3UJW8oQZrzBlFOC4D_pdni2A08qhuI2XF15JYZDLVtsWVCQf7awBMhBD2if8hBQpoYNPR7kBMvvywXB3r_yYGjLjJpA-kruyTjs1JBd7_BtdgO402i3v2FziGtBqcejubuD4IJiPgxojQlbuyaHNiTmPuebMIxPqLfO3lpPs2VpKXpFvBNKp16CVoBUny4VM-S1TWWFO4Cj-mcuLzmD31oUeD9SGuqSQ1CZuvY3o9knc70xFUUJfwlm47gyF5EcNZb-2PbivojLThT6JyjfM9ZIgo3xDwC_9kDLgptnwTHdxQzCXpPl7PyIrxfbwY1OTf9miUKHWXUyk8jy1dfzkCQu8wSg6spU1q2KjDOUnZFJm98RA-5TeogFPgnIz3RnN0ZaI49mdLNCilnm-Dj5slioG9nbDL8QYgMQIVV1vhtR8nmziXgwW81JeIgFO0PyOvh0bwGR_mHUcG-KFjTF_MM8orqCyVyvDxXKHtwnH6KuB9vDbbbdpx499i7RdXhLeG9MwLBsfeTjE8m-A30HVBj2fUkFov5CDxp1RzNMUSmu2a2XfPlUCbPvPiQNI-RxoenXWC6q73ocSr0Wp5fjXUdDZD4CxT2bcbdP5fOj-qD3wAJjGZ4f3WU_CeDkuhVJEs7A2pqJeKam_hpeCVhInnYjt-FAo-p_XVpTo3wCPhavC0zZ6-lxv4EWraaAP8ikJhdafOR_amgMTFHmwQ6ZLr0mighEwCncTi5esSFy7a5frY-ufTk6VSzjrF1TSIQ7-GN6Bjhkq20cvVH2UBTDxYytiTp4HB_tIT-BnyK4zYAPQsy_DqJ93ypvCivOmiN82uBN-dMxaKtk-0ExGWFrngxrwy--DQ-E7lB2d9kB9RjRfS5rWobM7f8ciCkzkRQoPPIFL_6zZugZMeCFKwVImvCbrJYVzFto3GRiocdi3747efNCQ7kWUXHKSLbQCkkJ2bZp0_D2oJotWJf-G-Xse-qoqcm2PN3CtaF9kDPwacUGC3nx2MIEoAtaC6fq2jWpHyXA_72WvNGOfJHW5tJ5-8cKI4N7omeCZ8ysbnGq5l94sHJ9eJFztKwaxrV5Z6T3fjBqoFyd_DPXQ-U-c18egEDvLOuCLox2bL354aSzX_dJr4FDz0kx0V8I_m7OUDlzMg_So2OAZlGgLBFDov9r-pXlpGzhxd956wtHzwRSLDfSxCRJYl42MGDct3S0-dYX6cHOaDrG1QxnyHCx3pnZfG63xxbC7eFM81ekO_U86r317ChK3aGXOX4p1tEi5czhgPIpQg8XsdLzXzD1d8d4yUVT8EB4EOr7IxVJGPetVlH9Hcr4FRzIbx97VjSD1Ve7id6HabiSWIVeCPMs6LWuQRrWlDSVUJaFJRjQ_RBmKuipesBuRwGHwCML01H3uQWsVyPf35-Q0kAWjGxlwe9YByTIAgpvatDmFMG9MwPcEs4i3VDN9NXVCBqse_3GNueozNUQl4d54jUcKidbn8SiLzTOWDtN1jRW2m7AcYZyWYEjQoDFg7jNG5SRpNSCVlO4aZ45gVm_PPp3LYP9qp3DBowfETfkHLKmV0P0Rh4EyiYook0M1DhyA2JD_1iaZiXK-6YqKG8Iio4poFpSBj-76LzMOJHwI0QgTYHDZi-d0NWvSh2ldZAsSIurEE8_uvHlNV0MnW7jPoGVw9ACItlsiwE7wG_nP-4M1lKo_-GWSrAmh6QAJbfnMWKpth8T0ONh3buWzQLPldAKqF5QumM7HUpAHh1_pfDYAKvfGqT97Q_rZBL8jQ_BfjTYUwF8MSSSFCU-XnEEa6_5V3KMaeNGWssT-Y-E_zbb2Drv7OQVHp0wadgdu9sIDsHIcvwvNmDPiaVrGyRZ8MRocRQc1dmRrOdZFn5UwfIlc6C7msmfvaAxhX_sV4Gejvs-_TC6HAexS8no12IkmH46CoF7_oR71yF-_TrZU5-NpqO4AUSd2GM4PcGsw9_6ucjN4PHPjMfF_s-VErw87IX7nPGP0nByMPkSw-xrXsUIz0CjGLIct6rOeVsEa8kHMymSMfKueR9o0IX45Ltk-QtxO2FAgfP7HhJsFs4GyMOLBGp5UfiDdJ30OWZ_vtCYf1XQfy4Fho6q7K5nQZvz0bsF7dt9Hfg5Gtk1w_nEkLNTbZE25ELyMdiT8fG32mzj0zevb2uiZ2Ri9kWt1FKo2aCaOgz2_quVAgc4LU_SUwXyHu4_TYw&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
a5e956f114c7afe2e9ef69d1096fea30c66ef827fca46aa014b70ab4ba48a499
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34702
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 85FC 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CXYsrQCI4CqXAbHfX93j94nQNlCa6KkngAFGu4IvOx13vHsDQaTXcTcRbKV_Vea1EsfvtHDtF2XGJb22i3eIm7tMWxVsi-mU3S4kZoIEhSx2tt5IY
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 85FC 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74478
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:07:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 85FC 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
29294
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 23:40:16 GMT
l
www.google.com/ads/measurement/ Frame 85FC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRq_zbZMamDVJFZq5uNef0M8X7ar6RxH00jIvu-WAFTNdOVS08klIWsE8no7lkpoLhsdSyjGKFQJ4AT44foImw2_y5jFQ
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 85FC 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:30 GMT
index.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/ Frame 46A9 		18 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
3b50bbd46230e7f34e789af2c51828d5350d5274125fa0bbbcde4426be3fa85a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=0
content-encoding
gzip
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:30 GMT
expires
Sun, 23 Oct 2022 07:48:30 GMT
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 8413 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=ClJXqzfFUY7-AJvWO9fwPx-SpqAuKkNGEbcq51eTVEI2RzLbBMhABILqEwDNgpYCAgJABoAHbjqiPAcgBCakCZ-h-8CVnpT7gAgCoAwHIA0iqBIsDT9AvGUHPSfAsTZ9XZy9bxKAeHcTINk0b1xm2O3FUhSZGE2IPAVnsyWQPgUI2j0eS98JnZIESi2rX3uVewYWE6-REz41aQvmPWto9cI-YmccJB310CaWp6q7dj7bc3p5yKFz4LBTEhMB7prhIqVM6ZZtYXDxiPMxGA0X0Bqm-zuaDUnUtFXDheHBaefmFOqjr6PNQ2je1xVD8OS39fSrqsE_iNnm7nna2zVaoeF05Q3kJviIUtL87aJXk-hzikBj2KlGhiupW5xRwbUbG7u28651MuIOV0E5tIWtKSuSPTGj8kfKUdmUXLuzowQ33CsmODCTL5crwlJDu__IjYhPJS7U1UWl4tv_3mSR_ijNaDiPSmzSckw4CwruGl0ff9Q7anFqxBhZoDZtrRF3dyGF6bNodN5ycRuJAxa4hNMrVpAq9Rq3f6FPZCJc3P5gHkbscpXEACEcPn0ZppwUKYw746h00EwXjszRuBeDYGJLnuxp3DjtDXSqMnaWTBoe2nZXyADvX0p2bJOZsqj_ABOLuiMfgA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAeN8dfwAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEIO6A9IIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTCtAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=Q_LqMLirtNQ&uach_m=[UACH]&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 8413 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:30:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9571
x-xss-protection
0
server
cafe
etag
15799940544776262544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 19:30:25 GMT
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Oct 2022 07:48:30 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5ABF 		143 B
166 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
1000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=3600
content-encoding
gzip
content-length
145
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:31:51 GMT
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 8413 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/window_focus_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:07:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
74479
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:07:12 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/ Frame 8413 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221019/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 23:40:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
29295
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7335
x-xss-protection
0
server
cafe
etag
4237063375490391177
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 23:40:16 GMT
sd
us-u.openx.net/w/1.0/ Frame 3824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVX4eXiJ8h_2JsFYTm4SczWGHtjNNUll39rIVubCYgvNfySG0LnMoS9LofZrbRe24iC_1PHxZ7aMmfBIpq6ZTHLuYpOtw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3824
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVX4eXiJ8h_2JsFYTm4SczWGHtjNNUll39rIVubCYgvNfySG0LnMoS9LofZrbRe24iC_1PHxZ7aMmfBIpq6ZTHLuYpOtw
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 3824
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVX4eXiJ8h_2JsFYTm4SczWGHtjNNUll39rIVubCYgvNfySG0LnMoS9LofZrbRe24iC_1PHxZ7aMmfBIpq6ZTHLuYpOtw
Protocol
H2
Server
23.36.49.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-49-63.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 23 Oct 2022 07:48:32 GMT
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 3824
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY0cTRSzAB&v=APEucNVX4eXiJ8h_2JsFYTm4SczWGHtjNNUll39rIVubCYgvNfySG0LnMoS9LofZrbRe24iC_1PHxZ7aMmfBIpq6ZTHLuYpOtw
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 23 Oct 2022 07:48:32 GMT
sd
us-u.openx.net/w/1.0/ Frame 0CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXyRQvJbuPx-Ehd0RcE0hhWc2wBWDSnrU71AYZWSxZ-xviKUzl58cxsnhajriVmgSNrhoUrVfpbtS-RyQR2n-DCwsnkvw
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0CBC
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXyRQvJbuPx-Ehd0RcE0hhWc2wBWDSnrU71AYZWSxZ-xviKUzl58cxsnhajriVmgSNrhoUrVfpbtS-RyQR2n-DCwsnkvw
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:31 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
um
sync.teads.tv/ Frame 0CBC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXyRQvJbuPx-Ehd0RcE0hhWc2wBWDSnrU71AYZWSxZ-xviKUzl58cxsnhajriVmgSNrhoUrVfpbtS-RyQR2n-DCwsnkvw
Protocol
H2
Server
23.36.49.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-49-63.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires
Sun, 23 Oct 2022 07:48:32 GMT
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEOTMfQCSkdcUUFOxBTphcec&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 0CBC
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IY8sLRSzAB&v=APEucNXyRQvJbuPx-Ehd0RcE0hhWc2wBWDSnrU71AYZWSxZ-xviKUzl58cxsnhajriVmgSNrhoUrVfpbtS-RyQR2n-DCwsnkvw
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MzgzNDczOWItN2ZlMi00YWVlLWI3YWYtYzMyODQwNWM1Yzhi
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Sun, 23 Oct 2022 07:48:32 GMT
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/ Frame 46A9 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 05:49:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
7132
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2568
x-xss-protection
0
server
cafe
etag
6734328975651772599
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Mon, 24 Oct 2022 05:49:39 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 46A9 		34 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
cafe /
Resource Hash
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 19:49:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
43124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13035
x-xss-protection
0
server
cafe
etag
2319883687766034370
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sun, 23 Oct 2022 19:49:47 GMT
a6c68f6c0ccbb2b30afa487d1176ec10.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/ Frame 46A9 		73 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/a6c68f6c0ccbb2b30afa487d1176ec10.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
b488074ee39504505565d3001bf38ea9d07c4e433dc7a4667432e115671f8c53
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 24 Oct 2022 07:48:31 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 55F2 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Origin
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 22:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Oct 2022 22:13:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame 55F2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8Lw0IxdzVCYv3gl3mENv1gR4iCjSlnuQH_FzoijgPUuzttIfzuuDdzaZEW5qLZ6vBFX8lV0lv7Ma8gy_F0JJzmHFjbQ&cry=1&dbm_d=AKAmf-BZ1sLYSrE3cpjl4sLNu1zVJM44rl3H73Z3FJM2BE8fDWKNgBOf0dQhBGsskFimvMRa48XAzeAyB7Pwx1rjqOfBfOXSdfJs2GZ36DRTp4QkeJ5izdS_YrjQmbkfcTdVNbARVFjsDoBxQ9qyEBfmaxwX4noEK6SL5l2wheDLaRdduzB5a5DBSyThToOSbXzENmXhZL06b4ipKUaLWlWChCaK8GrG8A3vks306vmgAdCCQP8wZ39g47t7wCgPybRziQCrhEYxWjTLVjnOSuvRdLa0SQJLEgrWdoN2CTuGGOolSxmVCuBTPaTGM0abmWJcqVHSMU6ILyn-OwzWsQf-kFisBqSYvMa9QNRCh2x3-348XJNE7U6TB4qSaBZaXG95a5H1UBaV7biQxULvgnFp7oH2Jlwh4y6ktjTfGhBEOl8m8jQYpjckt0MXWjhN1dYckXKwmDSyTVkSCglGWoOTcNArie3pA5PwiDeLdN5w7jbG_b_SAX14-lEnt2BdWhMIiP9kIxwDW4NUKNOR1g6ouDdtURxoFVB42_lzn3A5IAu9hNG_jI1mbMTw4ChsU6qVL05bk2KBRZkNvv1TZWIFVbm2swmnx6yLlhRTkf1tjwzLi3r7xyZBPL8-Zr0uJtTpXONTbpW2TLh8GRtpN0A8x63vHQfT67GRd7lGTyJeA_EVW_4rh5tIpNFjydDDuPzOWLKps60QOWgK_-rizyG-AM_YHwq2jAjHvQBE55ji2NgwhB8fN7obViyAWattNjcauO0XRu2ifYNfLIvNZ_5WMD58-E0iPg8fHVzGdyC5Ln4Bxt5jDtL2nbHb82zC5l1bRXfk0pJ_RwPkFFfeXgys8nLNPPm1ks_S8pWTNJhTGvaLhXOYUCvDoRF7Jsb9LV5VkB6EBCDaqmvSNJ1TzgSYvfPJtyh0cUWKD3vVxiKNeQWjOo3a0Vj9fTtXozBODO2umGHkKi3Svgk6nid_IopAJHBgrYaEs7VMzixu6n_ZRW4TcDarSIehumaTQbDDqFqxl4zZeNZcu6I4DlsrL2hcfgb8QMnu0fLN65zXlDZSrQMzX5QpSF5ZyhBpoND4d7p7L3ZrM0ea7WuNkkycrDHs7sWEODjCL_8lR1eQ_yptv_pcR9DxI1UZ1nSmtcmgv_IgWtw5KHkCaFPfisIINc6m0P7LqWyjhspEiBh7HjrVK31-Vrri2YHNFbo8VdYqeLiezrY75NpvpIdHihPblixevptuwjovRF8hGrr8bHIq4JCgzRyW9ZGzreWEfH_ogj074bPlFnNdegfDmzhyy3jCR44UGijqr2c0BZ7G2n-aReGU4yFbluRzPPsAOk3V4xh5cZ81cEYRyNuGQcg9kwJQB2E7vggGDb0lY-9RkyqX_e_neunKX8AdPEHRIsn0SxkZUKLBBkdmH-mJ967E2FklVNFltHWjfD4HheR-5oASpArbDuM62fhUVuhsFmFmIN2m9QomXX8bho48C5s3zp-eBE8J8-qH5XNZ_-DXWv9y-ybnslHxPbc_R89OR2SlL0hA0LIwhk0UKAT5NO768FXmNRx_KDOxrwk_XoN_ZAtXlsaUG0qmNc5wqHZ8YfdzY5Km_qIqIqZ9iFS0dguhWFL5c23OCo1yGeXCP4KTIU8X7TE2BadVR81OWToY9kcoqrbeEhv423L6mllZmv1s9lp2ZJmbSI-UL2G6iifaPsgAxZs6D3sk1UqOqcHkWNd3avlqjVqe16d9o6EOPETVo_WL8n4JTTfDy09oCelFdy-v94pD8Hd99IWzNz482UH7t1l94ESkRI71cPLhk7c5zP_5VM207a2qsjwLuiY02W4QvHEf1HTloNUAIEdb2n7PPN4hnC2T94SJslCRn4kvDXp65R5KeNEaWUVbyvjQT3ET2D4NDn5GZdWXHW7KC-Ff7dhDRC1RHOzbNw60HT8CQTM6ul5LaURAhE9CU-55rrgYn6Yzxi2N0TW2quQq9xwyDijWZCabhOvdpb9KasQJaFBonkkEkLOtbkzvxSxGj_B3RiBaajbfcDBG9GQUd7Y42cbvlh9zSf0bTaPDPTZGPAJTZDs7zSLUrozlht0bgKdMMvgiUx05RrVcwBSVFfqvyTxx0_O7vLV09ykcsEmagTzgZC8-wP2icIxXzDRouuiPitvpvk7dgqBgEApB8ISTOYAnOxF1QPOViQnNhOBufcC1TjJtPkM2mQAqDvTOg85VRi6F9UiKAbgc0pQQ_HjIZxGdU2xLmKj3WyxM6UEnqJpnSY3nvcaB0qCSuQzji7Q_hwkDWyXSq28SOmmtCMthwM15aJ1gb_HYUsJyYKP4bSHGKiwuGh92Vi8uvM4a_V1xVf_V0CqZPQAjoSRMzSnkNTEYnXqD-yBhqtsk4-EejrKFqdC4dbf4jplKWOsnBXkjb8l4QbA6maLTgYQ9vDE0bHWvogpsiPevLMifmMmpcY7wDwxZfMuIkTUwkvt24a_uV1X5PVQOuuR0xfM7xsidxH2HrBruLk1aCXCEeQFIBdmudvhSTrEI1m6dVvmoIU_0EfLSHwsdu7teb15o7ENTm4KZk41eHoGQx7GH_zyXN7X35rafsb8dDI5TQY5xq1z8UYS3alAl6hneNEIekxweOLVvr7NzlrffCaJrTew0pzOJyhDe0VVYKVvYfBx9GOeVzPJ9exxpzKu0aj2MsuXHRBraePzhNxaJiY6Y9dXSZRl-6co3OEfFJMCIqbeOCbXtzMVGB2GA18KprIu4j8y-uKiihvv2b58f7cmJqZYZEo0k2LvqkEbVuK5gLq8TitbDg5sM1hI3WMoKG6T9vEDX2gXmKWslRHAJj_no--6a3Ds4vwrG2geaPPAvHo8YLHXYNJeFhnXyU2FdEdIVMaVJgk13lehaD1-k7vEJZEMFxjQeRRqPasvkPdbtvmahQTKiIf8i2iGh-TFHklCz7fyvv7STTx5WkamxxLDC68c7RkjYQyCTQkNe1RKvRbv3Efw43Khu68A8I5UAZb84WIe-3Hlq1-iTvXJUcH9EXgWtCaTdKllFAZMyJqnF7v64Fhb7v_UHGz4-Ja7r5RCrilZ-HQXQo1v3uBo-LURq5v9JBscGuX613H2wTJGmPUTCQRm65KQKZPS-BUA-Vb7IaRZF9C1cSQ9ZWMoSTJm4RDTrX-3DzEb4hWNTKejEsp53Hv0DtdQ1Jq2pBdCJz9yAwfh0vJtLaDmQIwu-PGAjY1U9kVtiNnGJIXlG-A2oVsrR7w3W50ZdH8NjCe6pgspKpb312Q_8kCMC51a7Jxnm9TI0ctZGl9tYfGlcRECMS9DTZUqcB8jumLMOV3OPkt6wpwrtji732GY6JxUqtfFRPUvY1js_fZTdjROrZiY_-b3RSMQjB05Tvys6n6c6Uym82CXR8-bVpZizxPow2D7p-mSOy2lRUBosWQ-UjOCA4C7ScxYy4dcdtTZxBlFpKHCyflcC9lV7DkbR7GFz&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
72306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:43:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 55F2 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A8Lw0IxdzVCYv3gl3mENv1gR4iCjSlnuQH_FzoijgPUuzttIfzuuDdzaZEW5qLZ6vBFX8lV0lv7Ma8gy_F0JJzmHFjbQ&cry=1&dbm_d=AKAmf-BZ1sLYSrE3cpjl4sLNu1zVJM44rl3H73Z3FJM2BE8fDWKNgBOf0dQhBGsskFimvMRa48XAzeAyB7Pwx1rjqOfBfOXSdfJs2GZ36DRTp4QkeJ5izdS_YrjQmbkfcTdVNbARVFjsDoBxQ9qyEBfmaxwX4noEK6SL5l2wheDLaRdduzB5a5DBSyThToOSbXzENmXhZL06b4ipKUaLWlWChCaK8GrG8A3vks306vmgAdCCQP8wZ39g47t7wCgPybRziQCrhEYxWjTLVjnOSuvRdLa0SQJLEgrWdoN2CTuGGOolSxmVCuBTPaTGM0abmWJcqVHSMU6ILyn-OwzWsQf-kFisBqSYvMa9QNRCh2x3-348XJNE7U6TB4qSaBZaXG95a5H1UBaV7biQxULvgnFp7oH2Jlwh4y6ktjTfGhBEOl8m8jQYpjckt0MXWjhN1dYckXKwmDSyTVkSCglGWoOTcNArie3pA5PwiDeLdN5w7jbG_b_SAX14-lEnt2BdWhMIiP9kIxwDW4NUKNOR1g6ouDdtURxoFVB42_lzn3A5IAu9hNG_jI1mbMTw4ChsU6qVL05bk2KBRZkNvv1TZWIFVbm2swmnx6yLlhRTkf1tjwzLi3r7xyZBPL8-Zr0uJtTpXONTbpW2TLh8GRtpN0A8x63vHQfT67GRd7lGTyJeA_EVW_4rh5tIpNFjydDDuPzOWLKps60QOWgK_-rizyG-AM_YHwq2jAjHvQBE55ji2NgwhB8fN7obViyAWattNjcauO0XRu2ifYNfLIvNZ_5WMD58-E0iPg8fHVzGdyC5Ln4Bxt5jDtL2nbHb82zC5l1bRXfk0pJ_RwPkFFfeXgys8nLNPPm1ks_S8pWTNJhTGvaLhXOYUCvDoRF7Jsb9LV5VkB6EBCDaqmvSNJ1TzgSYvfPJtyh0cUWKD3vVxiKNeQWjOo3a0Vj9fTtXozBODO2umGHkKi3Svgk6nid_IopAJHBgrYaEs7VMzixu6n_ZRW4TcDarSIehumaTQbDDqFqxl4zZeNZcu6I4DlsrL2hcfgb8QMnu0fLN65zXlDZSrQMzX5QpSF5ZyhBpoND4d7p7L3ZrM0ea7WuNkkycrDHs7sWEODjCL_8lR1eQ_yptv_pcR9DxI1UZ1nSmtcmgv_IgWtw5KHkCaFPfisIINc6m0P7LqWyjhspEiBh7HjrVK31-Vrri2YHNFbo8VdYqeLiezrY75NpvpIdHihPblixevptuwjovRF8hGrr8bHIq4JCgzRyW9ZGzreWEfH_ogj074bPlFnNdegfDmzhyy3jCR44UGijqr2c0BZ7G2n-aReGU4yFbluRzPPsAOk3V4xh5cZ81cEYRyNuGQcg9kwJQB2E7vggGDb0lY-9RkyqX_e_neunKX8AdPEHRIsn0SxkZUKLBBkdmH-mJ967E2FklVNFltHWjfD4HheR-5oASpArbDuM62fhUVuhsFmFmIN2m9QomXX8bho48C5s3zp-eBE8J8-qH5XNZ_-DXWv9y-ybnslHxPbc_R89OR2SlL0hA0LIwhk0UKAT5NO768FXmNRx_KDOxrwk_XoN_ZAtXlsaUG0qmNc5wqHZ8YfdzY5Km_qIqIqZ9iFS0dguhWFL5c23OCo1yGeXCP4KTIU8X7TE2BadVR81OWToY9kcoqrbeEhv423L6mllZmv1s9lp2ZJmbSI-UL2G6iifaPsgAxZs6D3sk1UqOqcHkWNd3avlqjVqe16d9o6EOPETVo_WL8n4JTTfDy09oCelFdy-v94pD8Hd99IWzNz482UH7t1l94ESkRI71cPLhk7c5zP_5VM207a2qsjwLuiY02W4QvHEf1HTloNUAIEdb2n7PPN4hnC2T94SJslCRn4kvDXp65R5KeNEaWUVbyvjQT3ET2D4NDn5GZdWXHW7KC-Ff7dhDRC1RHOzbNw60HT8CQTM6ul5LaURAhE9CU-55rrgYn6Yzxi2N0TW2quQq9xwyDijWZCabhOvdpb9KasQJaFBonkkEkLOtbkzvxSxGj_B3RiBaajbfcDBG9GQUd7Y42cbvlh9zSf0bTaPDPTZGPAJTZDs7zSLUrozlht0bgKdMMvgiUx05RrVcwBSVFfqvyTxx0_O7vLV09ykcsEmagTzgZC8-wP2icIxXzDRouuiPitvpvk7dgqBgEApB8ISTOYAnOxF1QPOViQnNhOBufcC1TjJtPkM2mQAqDvTOg85VRi6F9UiKAbgc0pQQ_HjIZxGdU2xLmKj3WyxM6UEnqJpnSY3nvcaB0qCSuQzji7Q_hwkDWyXSq28SOmmtCMthwM15aJ1gb_HYUsJyYKP4bSHGKiwuGh92Vi8uvM4a_V1xVf_V0CqZPQAjoSRMzSnkNTEYnXqD-yBhqtsk4-EejrKFqdC4dbf4jplKWOsnBXkjb8l4QbA6maLTgYQ9vDE0bHWvogpsiPevLMifmMmpcY7wDwxZfMuIkTUwkvt24a_uV1X5PVQOuuR0xfM7xsidxH2HrBruLk1aCXCEeQFIBdmudvhSTrEI1m6dVvmoIU_0EfLSHwsdu7teb15o7ENTm4KZk41eHoGQx7GH_zyXN7X35rafsb8dDI5TQY5xq1z8UYS3alAl6hneNEIekxweOLVvr7NzlrffCaJrTew0pzOJyhDe0VVYKVvYfBx9GOeVzPJ9exxpzKu0aj2MsuXHRBraePzhNxaJiY6Y9dXSZRl-6co3OEfFJMCIqbeOCbXtzMVGB2GA18KprIu4j8y-uKiihvv2b58f7cmJqZYZEo0k2LvqkEbVuK5gLq8TitbDg5sM1hI3WMoKG6T9vEDX2gXmKWslRHAJj_no--6a3Ds4vwrG2geaPPAvHo8YLHXYNJeFhnXyU2FdEdIVMaVJgk13lehaD1-k7vEJZEMFxjQeRRqPasvkPdbtvmahQTKiIf8i2iGh-TFHklCz7fyvv7STTx5WkamxxLDC68c7RkjYQyCTQkNe1RKvRbv3Efw43Khu68A8I5UAZb84WIe-3Hlq1-iTvXJUcH9EXgWtCaTdKllFAZMyJqnF7v64Fhb7v_UHGz4-Ja7r5RCrilZ-HQXQo1v3uBo-LURq5v9JBscGuX613H2wTJGmPUTCQRm65KQKZPS-BUA-Vb7IaRZF9C1cSQ9ZWMoSTJm4RDTrX-3DzEb4hWNTKejEsp53Hv0DtdQ1Jq2pBdCJz9yAwfh0vJtLaDmQIwu-PGAjY1U9kVtiNnGJIXlG-A2oVsrR7w3W50ZdH8NjCe6pgspKpb312Q_8kCMC51a7Jxnm9TI0ctZGl9tYfGlcRECMS9DTZUqcB8jumLMOV3OPkt6wpwrtji732GY6JxUqtfFRPUvY1js_fZTdjROrZiY_-b3RSMQjB05Tvys6n6c6Uym82CXR8-bVpZizxPow2D7p-mSOy2lRUBosWQ-UjOCA4C7ScxYy4dcdtTZxBlFpKHCyflcC9lV7DkbR7GFz&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 18:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 18:41:27 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 85FC 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Origin
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 22:13:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34523
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 23 Oct 2022 22:13:08 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/ Frame 85FC 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChvLNMP6tyEigynZPon8kjQFbYreqS6JHqTS0tpBWJTsVPFWln-c_iTTHaXdfgFf9_w5lYfzcEu4GOrBO3Qitt6vGXGA&cry=1&dbm_d=AKAmf-DdUYV253tnVSpCcU_z15xNQHmapK4DeL0rjip-1pQN4bFc4njFI7fXWuvHDQMDnN6ahnqBjzoJQ0Q6CxbfWQKYtFG8VrRAy0TjDEGwE6sAdQYNGwEXpDmWraWdjI2v32Yr5W8RTRdD_UALHoNDsWTHrk30dG0tmpQQCOQtw3arh-d_V9qes8_Tl2_SCuchrngWSYzQNbKZA4HUNzDj-kuqaSTPi8MvEjeNCHWzeaaTShFMq9repCq8DUW12xOHbshQlh4b6UCsEvi9ApsO3QjuzrGPHBlRJP-eeeasXLdKphZRtVZ1-B02V_3-jRwKp5hLeqyJD5znPjfX_rPaMt-9s7YGTsn6KcfDm4rGDdfIfg4oNkHKqfjPy2C8TWta4unrHhzYvujc3wUsZ3qP4ewEPq2mNlTUMjp-sOMj7t7vyjaHQgdEGQ_1xvdmn0pSEFzm2Ze-ZYwwvKkO0R4zjK8RgE8bfO662lQe6PT1e7EElaBYJH5B5JTVceaMi2sXRlMF1AWMGG303LO92w6u-AG00_Du3YPmTfFUEbMxumKKX9pEYqtetrUHZVIbZZoPk59IiCj9bgOfBQAmIIQLlroub1-ItmzCFwf8Ej1azghIfc3dN2oA8g9s-nhxc-Q8jrsyqWoQ85oKXw9a8jtmpkgLjAyVrA3QC5T7GjcuHBSO-sfxLCxXZGX0RIODaDEExyNE5mXnC9BvqXFbHw7Tg0IWvTX_GqCMewkxDGrBA5JHyeG6VD0dYyrnY3ROLO0LBfa4yaJl52xR2FWLnPcXBTK694ycX6YG5OltNErPbuWh60MAXVCtNBLrp6IWYm0wcD55uRReP6geE3rfpAghXlvZrOcPw-017vsrxg--6jUa168ryOgweMZif2emw4xdTyjG7PPVZLgDPto5as_xudD8W9abOT_t9U9RCXHERrg0ykQKh1T31YK-bN2BW-iLEXe_CoC6G2sQxJpsIUPyyX802FnJf7563SJg_Hj1LnUB6dg5zYD6uxX0ORcF12dlrSWEO1hcJmzV_2Q1XsUP4sJi10ypPj6TqSWlda-w5lw0OjxREVCSNNEEoLjTi1QdUE-kcTVyErLWoae0n40Bao_10f2PwvYvEiZjW9szUapOQ6mdHyN7kCJBhsj2JwFosmeaY0kk3ew5Q2UkIQbDYISRl1W4IbhAlDZlciywxnPt-XwYezZMJrqb95UPCALv7twm8A8XkLiFVmbAxSDLaQ0oYran-0pBJ1aGN-SonTv8uOCitPHT6uTg3UJW8oQZrzBlFOC4D_pdni2A08qhuI2XF15JYZDLVtsWVCQf7awBMhBD2if8hBQpoYNPR7kBMvvywXB3r_yYGjLjJpA-kruyTjs1JBd7_BtdgO402i3v2FziGtBqcejubuD4IJiPgxojQlbuyaHNiTmPuebMIxPqLfO3lpPs2VpKXpFvBNKp16CVoBUny4VM-S1TWWFO4Cj-mcuLzmD31oUeD9SGuqSQ1CZuvY3o9knc70xFUUJfwlm47gyF5EcNZb-2PbivojLThT6JyjfM9ZIgo3xDwC_9kDLgptnwTHdxQzCXpPl7PyIrxfbwY1OTf9miUKHWXUyk8jy1dfzkCQu8wSg6spU1q2KjDOUnZFJm98RA-5TeogFPgnIz3RnN0ZaI49mdLNCilnm-Dj5slioG9nbDL8QYgMQIVV1vhtR8nmziXgwW81JeIgFO0PyOvh0bwGR_mHUcG-KFjTF_MM8orqCyVyvDxXKHtwnH6KuB9vDbbbdpx499i7RdXhLeG9MwLBsfeTjE8m-A30HVBj2fUkFov5CDxp1RzNMUSmu2a2XfPlUCbPvPiQNI-RxoenXWC6q73ocSr0Wp5fjXUdDZD4CxT2bcbdP5fOj-qD3wAJjGZ4f3WU_CeDkuhVJEs7A2pqJeKam_hpeCVhInnYjt-FAo-p_XVpTo3wCPhavC0zZ6-lxv4EWraaAP8ikJhdafOR_amgMTFHmwQ6ZLr0mighEwCncTi5esSFy7a5frY-ufTk6VSzjrF1TSIQ7-GN6Bjhkq20cvVH2UBTDxYytiTp4HB_tIT-BnyK4zYAPQsy_DqJ93ypvCivOmiN82uBN-dMxaKtk-0ExGWFrngxrwy--DQ-E7lB2d9kB9RjRfS5rWobM7f8ciCkzkRQoPPIFL_6zZugZMeCFKwVImvCbrJYVzFto3GRiocdi3747efNCQ7kWUXHKSLbQCkkJ2bZp0_D2oJotWJf-G-Xse-qoqcm2PN3CtaF9kDPwacUGC3nx2MIEoAtaC6fq2jWpHyXA_72WvNGOfJHW5tJ5-8cKI4N7omeCZ8ysbnGq5l94sHJ9eJFztKwaxrV5Z6T3fjBqoFyd_DPXQ-U-c18egEDvLOuCLox2bL354aSzX_dJr4FDz0kx0V8I_m7OUDlzMg_So2OAZlGgLBFDov9r-pXlpGzhxd956wtHzwRSLDfSxCRJYl42MGDct3S0-dYX6cHOaDrG1QxnyHCx3pnZfG63xxbC7eFM81ekO_U86r317ChK3aGXOX4p1tEi5czhgPIpQg8XsdLzXzD1d8d4yUVT8EB4EOr7IxVJGPetVlH9Hcr4FRzIbx97VjSD1Ve7id6HabiSWIVeCPMs6LWuQRrWlDSVUJaFJRjQ_RBmKuipesBuRwGHwCML01H3uQWsVyPf35-Q0kAWjGxlwe9YByTIAgpvatDmFMG9MwPcEs4i3VDN9NXVCBqse_3GNueozNUQl4d54jUcKidbn8SiLzTOWDtN1jRW2m7AcYZyWYEjQoDFg7jNG5SRpNSCVlO4aZ45gVm_PPp3LYP9qp3DBowfETfkHLKmV0P0Rh4EyiYook0M1DhyA2JD_1iaZiXK-6YqKG8Iio4poFpSBj-76LzMOJHwI0QgTYHDZi-d0NWvSh2ldZAsSIurEE8_uvHlNV0MnW7jPoGVw9ACItlsiwE7wG_nP-4M1lKo_-GWSrAmh6QAJbfnMWKpth8T0ONh3buWzQLPldAKqF5QumM7HUpAHh1_pfDYAKvfGqT97Q_rZBL8jQ_BfjTYUwF8MSSSFCU-XnEEa6_5V3KMaeNGWssT-Y-E_zbb2Drv7OQVHp0wadgdu9sIDsHIcvwvNmDPiaVrGyRZ8MRocRQc1dmRrOdZFn5UwfIlc6C7msmfvaAxhX_sV4Gejvs-_TC6HAexS8no12IkmH46CoF7_oR71yF-_TrZU5-NpqO4AUSd2GM4PcGsw9_6ucjN4PHPjMfF_s-VErw87IX7nPGP0nByMPkSw-xrXsUIz0CjGLIct6rOeVsEa8kHMymSMfKueR9o0IX45Ltk-QtxO2FAgfP7HhJsFs4GyMOLBGp5UfiDdJ30OWZ_vtCYf1XQfy4Fho6q7K5nQZvz0bsF7dt9Hfg5Gtk1w_nEkLNTbZE25ELyMdiT8fG32mzj0zevb2uiZ2Ri9kWt1FKo2aCaOgz2_quVAgc4LU_SUwXyHu4_TYw&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 11:43:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
72306
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2998
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 11:43:25 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/ Frame 85FC 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20221019/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ChvLNMP6tyEigynZPon8kjQFbYreqS6JHqTS0tpBWJTsVPFWln-c_iTTHaXdfgFf9_w5lYfzcEu4GOrBO3Qitt6vGXGA&cry=1&dbm_d=AKAmf-DdUYV253tnVSpCcU_z15xNQHmapK4DeL0rjip-1pQN4bFc4njFI7fXWuvHDQMDnN6ahnqBjzoJQ0Q6CxbfWQKYtFG8VrRAy0TjDEGwE6sAdQYNGwEXpDmWraWdjI2v32Yr5W8RTRdD_UALHoNDsWTHrk30dG0tmpQQCOQtw3arh-d_V9qes8_Tl2_SCuchrngWSYzQNbKZA4HUNzDj-kuqaSTPi8MvEjeNCHWzeaaTShFMq9repCq8DUW12xOHbshQlh4b6UCsEvi9ApsO3QjuzrGPHBlRJP-eeeasXLdKphZRtVZ1-B02V_3-jRwKp5hLeqyJD5znPjfX_rPaMt-9s7YGTsn6KcfDm4rGDdfIfg4oNkHKqfjPy2C8TWta4unrHhzYvujc3wUsZ3qP4ewEPq2mNlTUMjp-sOMj7t7vyjaHQgdEGQ_1xvdmn0pSEFzm2Ze-ZYwwvKkO0R4zjK8RgE8bfO662lQe6PT1e7EElaBYJH5B5JTVceaMi2sXRlMF1AWMGG303LO92w6u-AG00_Du3YPmTfFUEbMxumKKX9pEYqtetrUHZVIbZZoPk59IiCj9bgOfBQAmIIQLlroub1-ItmzCFwf8Ej1azghIfc3dN2oA8g9s-nhxc-Q8jrsyqWoQ85oKXw9a8jtmpkgLjAyVrA3QC5T7GjcuHBSO-sfxLCxXZGX0RIODaDEExyNE5mXnC9BvqXFbHw7Tg0IWvTX_GqCMewkxDGrBA5JHyeG6VD0dYyrnY3ROLO0LBfa4yaJl52xR2FWLnPcXBTK694ycX6YG5OltNErPbuWh60MAXVCtNBLrp6IWYm0wcD55uRReP6geE3rfpAghXlvZrOcPw-017vsrxg--6jUa168ryOgweMZif2emw4xdTyjG7PPVZLgDPto5as_xudD8W9abOT_t9U9RCXHERrg0ykQKh1T31YK-bN2BW-iLEXe_CoC6G2sQxJpsIUPyyX802FnJf7563SJg_Hj1LnUB6dg5zYD6uxX0ORcF12dlrSWEO1hcJmzV_2Q1XsUP4sJi10ypPj6TqSWlda-w5lw0OjxREVCSNNEEoLjTi1QdUE-kcTVyErLWoae0n40Bao_10f2PwvYvEiZjW9szUapOQ6mdHyN7kCJBhsj2JwFosmeaY0kk3ew5Q2UkIQbDYISRl1W4IbhAlDZlciywxnPt-XwYezZMJrqb95UPCALv7twm8A8XkLiFVmbAxSDLaQ0oYran-0pBJ1aGN-SonTv8uOCitPHT6uTg3UJW8oQZrzBlFOC4D_pdni2A08qhuI2XF15JYZDLVtsWVCQf7awBMhBD2if8hBQpoYNPR7kBMvvywXB3r_yYGjLjJpA-kruyTjs1JBd7_BtdgO402i3v2FziGtBqcejubuD4IJiPgxojQlbuyaHNiTmPuebMIxPqLfO3lpPs2VpKXpFvBNKp16CVoBUny4VM-S1TWWFO4Cj-mcuLzmD31oUeD9SGuqSQ1CZuvY3o9knc70xFUUJfwlm47gyF5EcNZb-2PbivojLThT6JyjfM9ZIgo3xDwC_9kDLgptnwTHdxQzCXpPl7PyIrxfbwY1OTf9miUKHWXUyk8jy1dfzkCQu8wSg6spU1q2KjDOUnZFJm98RA-5TeogFPgnIz3RnN0ZaI49mdLNCilnm-Dj5slioG9nbDL8QYgMQIVV1vhtR8nmziXgwW81JeIgFO0PyOvh0bwGR_mHUcG-KFjTF_MM8orqCyVyvDxXKHtwnH6KuB9vDbbbdpx499i7RdXhLeG9MwLBsfeTjE8m-A30HVBj2fUkFov5CDxp1RzNMUSmu2a2XfPlUCbPvPiQNI-RxoenXWC6q73ocSr0Wp5fjXUdDZD4CxT2bcbdP5fOj-qD3wAJjGZ4f3WU_CeDkuhVJEs7A2pqJeKam_hpeCVhInnYjt-FAo-p_XVpTo3wCPhavC0zZ6-lxv4EWraaAP8ikJhdafOR_amgMTFHmwQ6ZLr0mighEwCncTi5esSFy7a5frY-ufTk6VSzjrF1TSIQ7-GN6Bjhkq20cvVH2UBTDxYytiTp4HB_tIT-BnyK4zYAPQsy_DqJ93ypvCivOmiN82uBN-dMxaKtk-0ExGWFrngxrwy--DQ-E7lB2d9kB9RjRfS5rWobM7f8ciCkzkRQoPPIFL_6zZugZMeCFKwVImvCbrJYVzFto3GRiocdi3747efNCQ7kWUXHKSLbQCkkJ2bZp0_D2oJotWJf-G-Xse-qoqcm2PN3CtaF9kDPwacUGC3nx2MIEoAtaC6fq2jWpHyXA_72WvNGOfJHW5tJ5-8cKI4N7omeCZ8ysbnGq5l94sHJ9eJFztKwaxrV5Z6T3fjBqoFyd_DPXQ-U-c18egEDvLOuCLox2bL354aSzX_dJr4FDz0kx0V8I_m7OUDlzMg_So2OAZlGgLBFDov9r-pXlpGzhxd956wtHzwRSLDfSxCRJYl42MGDct3S0-dYX6cHOaDrG1QxnyHCx3pnZfG63xxbC7eFM81ekO_U86r317ChK3aGXOX4p1tEi5czhgPIpQg8XsdLzXzD1d8d4yUVT8EB4EOr7IxVJGPetVlH9Hcr4FRzIbx97VjSD1Ve7id6HabiSWIVeCPMs6LWuQRrWlDSVUJaFJRjQ_RBmKuipesBuRwGHwCML01H3uQWsVyPf35-Q0kAWjGxlwe9YByTIAgpvatDmFMG9MwPcEs4i3VDN9NXVCBqse_3GNueozNUQl4d54jUcKidbn8SiLzTOWDtN1jRW2m7AcYZyWYEjQoDFg7jNG5SRpNSCVlO4aZ45gVm_PPp3LYP9qp3DBowfETfkHLKmV0P0Rh4EyiYook0M1DhyA2JD_1iaZiXK-6YqKG8Iio4poFpSBj-76LzMOJHwI0QgTYHDZi-d0NWvSh2ldZAsSIurEE8_uvHlNV0MnW7jPoGVw9ACItlsiwE7wG_nP-4M1lKo_-GWSrAmh6QAJbfnMWKpth8T0ONh3buWzQLPldAKqF5QumM7HUpAHh1_pfDYAKvfGqT97Q_rZBL8jQ_BfjTYUwF8MSSSFCU-XnEEa6_5V3KMaeNGWssT-Y-E_zbb2Drv7OQVHp0wadgdu9sIDsHIcvwvNmDPiaVrGyRZ8MRocRQc1dmRrOdZFn5UwfIlc6C7msmfvaAxhX_sV4Gejvs-_TC6HAexS8no12IkmH46CoF7_oR71yF-_TrZU5-NpqO4AUSd2GM4PcGsw9_6ucjN4PHPjMfF_s-VErw87IX7nPGP0nByMPkSw-xrXsUIz0CjGLIct6rOeVsEa8kHMymSMfKueR9o0IX45Ltk-QtxO2FAgfP7HhJsFs4GyMOLBGp5UfiDdJ30OWZ_vtCYf1XQfy4Fho6q7K5nQZvz0bsF7dt9Hfg5Gtk1w_nEkLNTbZE25ELyMdiT8fG32mzj0zevb2uiZ2Ri9kWt1FKo2aCaOgz2_quVAgc4LU_SUwXyHu4_TYw&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 18:41:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
47224
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11726
x-xss-protection
0
server
cafe
etag
11376305771055881226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 05 Nov 2022 18:41:27 GMT
l
www.google.com/ads/measurement/ Frame 8413 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYlIfNwGpj6-c9zbtR1Tmj-pGh9kFm8xwcgRlsbE94UZTOqG62Cj019CJZK8M4Y_6TIifgzcE7Y6MYArkAj88ATYJX5w
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.105 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f105.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8413 		152 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
sffe /
Resource Hash
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47476
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1666179788250400"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 23 Oct 2022 07:48:33 GMT
truncated
/ Frame 8413 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c727812910811ef5edd39494d2c0b4aa355493049bff1b5cac562b05f4951b16

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5ABF
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:31 GMT
expires
Sun, 23 Oct 2022 07:48:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:31 GMT
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 55F2 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 00:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 00:32:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 8967 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 05:12:18 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 05:12:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 55F2 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dbc4354c04fa40c64a8116dbd793610b22a647735338e60286196553ee756bb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 85FC 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 18 Oct 2022 00:32:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
458145
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 18 Oct 2023 00:32:46 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 79F3 		1 KB
649 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
9373
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 05:12:18 GMT
etag
48472445140208031
expires
Mon, 24 Oct 2022 05:12:18 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 85FC 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d2ec5bdc44def5f36f1cfd8396270da548d8680b04ddd2df70265510b16e807b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
618024618c1df6d7ac0714c9959a2f2f.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/618024618c1df6d7ac0714c9959a2f2f.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
7efdd92d2d149f038cc3b34a19e9242d6243ccf226f1e301323563b37551cabe
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1710
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
9301771e7b54288ff818baee5d5874a1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/9301771e7b54288ff818baee5d5874a1.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
7b73b03a550f0ebfaa6148de688378b8c0ad661c6a02a0b8ad6c8369efb327b2
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26670
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
c6e4fb69c19642c4426f4f7b8a75e9c0.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/c6e4fb69c19642c4426f4f7b8a75e9c0.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
6d83a0abac1bb4e82702cf5c238d7c99755f6dc6415fff65c751a9f886818899
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3172
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
0d02495e8ba587ca0c28bb987c7040d5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		865 B
896 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/0d02495e8ba587ca0c28bb987c7040d5.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1daa9f0879e8031242c0b144f052b573c7d916efaad5e50ee0f3e1e622111097
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
865
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
31f6516fa3c813579a11228b5d937fce.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		999 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/31f6516fa3c813579a11228b5d937fce.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
8e94f562c6fd61331624e8f50c09857d29970cec0b87201f190033ddcccd6b64
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
999
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
ffacf5755eb2ca01ff6635e95885e7a6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		102 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ffacf5755eb2ca01ff6635e95885e7a6.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
09b947d3ca90cbfefe56284b2ded3cdee615f71bf629e52f8ec07425db27e072
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
8ffa3cda4f106632828416275b4983ce.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/8ffa3cda4f106632828416275b4983ce.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
deedbb2979cf4a622b8097273dbed38382657e385afa262f63b9c0d316c07c9b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1134
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
7224dad9ad5c1bb92e70c9242ec569d3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/7224dad9ad5c1bb92e70c9242ec569d3.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
06bfe32dadc0adcfd69a6bf41359079661d8069c8a59846b9d3eb6734c0b0bb7
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3047
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
e4eeaf314bb529616ad40c06a6832696.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/e4eeaf314bb529616ad40c06a6832696.png
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
bee61ce229451a3519fcfa0f14e9fdc5d3e0bd4208c474d24cb2f2b5586dff4a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3132
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
30b73cc77ea07c754e05cf05fcc91efe.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		24 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/30b73cc77ea07c754e05cf05fcc91efe.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
1abf39d22a652dba21e59adef2ee66442f9a3a7b52c6abf94cff16fd5c27b798
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
5a39e30bf8372882437115c3f9351764.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		31 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/5a39e30bf8372882437115c3f9351764.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
f517fd80a14eb577b87d8aaa8c42907c27ff30762f1581457d336a469641e466
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
c93674c37f66019a065d21c52e11d74a.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/ Frame 46A9 		19 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/media/c93674c37f66019a065d21c52e11d74a.svg
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
2ef8877e4c535f9f4a1c62d814b29975813a3f84ae6a7e64bc9f0fe7808b50be
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
date
Sun, 23 Oct 2022 07:48:31 GMT
x-content-type-options
nosniff
content-encoding
gzip
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 05 Sep 2022 00:56:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 23 Oct 2023 07:48:31 GMT
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 8967 		0
174 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEJVWwuwOFX22wZ850zpyBY&google_cver=1&google_push=AZmPxg9Ts8v4r34tLN4RH7CUDiByx4izLzl3ssE0eCg099RLzWtFH4uDMgOCovrVpcx2Dp0-rc68zegJsskGMbxQHS7SfCQk9PYo1A
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 8967
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHL2FyuNLxb1dXiyZl1LMIU&google_cver=1&google_push=AZmPxg9W08r8MlqXJjbJARJy-T27x-vRSoxJo4I2-l6FGTAATV96BSkK1BLPy_9IVpFbqV3e-61i1to26RRvRjnLTfztGw5...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9W08r8MlqXJjbJARJy-T27x-vRSoxJo4I2-l6FGTAATV96BSkK1BLPy_9IVpFbqV3e-61i1to26RRvRjnLTfztGw51h3Jo_g&google_hm=Nzg4ODQ2MzQyNjM0MDE2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9W08r8MlqXJjbJARJy-T27x-vRSoxJo4I2-l6FGTAATV96BSkK1BLPy_9IVpFbqV3e-61i1to26RRvRjnLTfztGw51h3Jo_g&google_hm=Nzg4ODQ2MzQyNjM0MDE2NzkxNg%3D%3D
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9W08r8MlqXJjbJARJy-T27x-vRSoxJo4I2-l6FGTAATV96BSkK1BLPy_9IVpFbqV3e-61i1to26RRvRjnLTfztGw51h3Jo_g&google_hm=Nzg4ODQ2MzQyNjM0MDE2NzkxNg%3D%3D
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 8967
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?ext-param=AZmPxg8Iio87n9aNK6XswPpIaMfFCiFQTwbytoQXacnGwNZ7vqa91kDXgRwOD72k9CBkPjOLv653XjGvV6iaCB-OTyEr9geVagU-Sg&partner-tag=yandex_ag...
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?redir-setuniq=1&ext-param=AZmPxg8Iio87n9aNK6XswPpIaMfFCiFQTwbytoQXacnGwNZ7vqa91kDXgRwOD72k9CBkPjOLv653XjGvV6iaCB-OTyEr9geVagU-Sg&partn...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAR_JwGLzErh-q25mOn7Py4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
144 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 08 Oct 2023 07:48:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 8967 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IIdiEIdH00Fs2b_uLc4c_ZiBPhhZG3ePhxvRHEl2m0Dbk
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame C356 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
10155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 04:59:16 GMT
expires
Mon, 23 Oct 2023 04:59:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 79F3 		0
120 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEEJVWwuwOFX22wZ850zpyBY&google_cver=1&google_push=AZmPxg-3sAfNXQk4gBf6z6zF-pY7HsEhc6oFsD00AGdtCcpPukvDYsEQXDCfhq3D3iqCc3oTE4CofkTeB8EegvCoh9rqNm5mbEOWRwYIv1yvevFFuMpJMdbc7qhGJu-WDZ_2KhzZde9q0YtFcuVe-ZTTkdQ
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
8.105.96.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:31 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pixel
cm.g.doubleclick.net/ Frame 79F3
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEHL2FyuNLxb1dXiyZl1LMIU&google_cver=1&google_push=AZmPxg-dy9faLrsVBfwy63elvhq2T1KiBw01ST5f3Dj7Q-0fgkMrFre0S_A89z4YthuRyUJBOF4nFdWmdRPjQqUkaCwVH8y...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-dy9faLrsVBfwy63elvhq2T1KiBw01ST5f3Dj7Q-0fgkMrFre0S_A89z4YthuRyUJBOF4nFdWmdRPjQqUkaCwVH8yaexGfV15Ja6NO92j7zcCmVgRSpRtqdaOvBODvG...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-dy9faLrsVBfwy63elvhq2T1KiBw01ST5f3Dj7Q-0fgkMrFre0S_A89z4YthuRyUJBOF4nFdWmdRPjQqUkaCwVH8yaexGfV15Ja6NO92j7zcCmVgRSpRtqdaOvBODvGorEabs3GUuhs33gyrlTig&google_hm=Nzg4ODQ2MzQyNjM0MDE2NzkxNg%3D%3D
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg-dy9faLrsVBfwy63elvhq2T1KiBw01ST5f3Dj7Q-0fgkMrFre0S_A89z4YthuRyUJBOF4nFdWmdRPjQqUkaCwVH8yaexGfV15Ja6NO92j7zcCmVgRSpRtqdaOvBODvGorEabs3GUuhs33gyrlTig&google_hm=Nzg4ODQ2MzQyNjM0MDE2NzkxNg%3D%3D
content-length
0
spacer.gif
an.yandex.ru/resource/ Frame 79F3
Redirect Chain
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?ext-param=AZmPxg-PLsaJdWQ-Jy1ki57U0N3lfGDeQRMDV2P1Y8mitREEHJUTzFpA2IHPC9wa5kY0eMersgZTjY0oO21vwS2lp8V3AIChVsragf8a3LCXcqvSGzfH2s9OkbRw...
  • https://an.yandex.ru/mapuid/google/CAESEAR_JwGLzErh-q25mOn7Py4?redir-setuniq=1&ext-param=AZmPxg-PLsaJdWQ-Jy1ki57U0N3lfGDeQRMDV2P1Y8mitREEHJUTzFpA2IHPC9wa5kY0eMersgZTjY0oO21vwS2lp8V3AIChVsragf8a3LCX...
  • https://cm.g.doubleclick.net/pixel?google_nid=yandex_ag&google_hm=CAESEAR_JwGLzErh-q25mOn7Py4&google_redir=https%3A%2F%2Fan.yandex.ru%2Fresource%2Fspacer.gif
  • https://an.yandex.ru/resource/spacer.gif
43 B
78 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://an.yandex.ru/resource/spacer.gif
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Server
93.158.134.90 , Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
last-modified
Wed, 18 Apr 2001 10:28:03 GMT
content-type
image/gif
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Sun, 08 Oct 2023 07:48:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://an.yandex.ru/resource/spacer.gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
237
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame 79F3 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzBFgtK21pw46L85fKirjmzhc2Cb4S8RAIMKcmZHT_yWk
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:31 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 1E9E 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
10155
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 04:59:16 GMT
expires
Mon, 23 Oct 2023 04:59:16 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame C356 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 46A9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
pagead2.googlesyndication.com/bg/ Frame 1E9E 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gCRIKOWNSb5IUDc5H65fq3HhyX6JbrBsmszYwBj9iG8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
sffe /
Resource Hash
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 21:21:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124020
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15854
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 15:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 21:21:31 GMT
index.html
s0.2mdn.net/sadbundle/4341851026603666896/ Frame C298 		63 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
4b11a33fa63b8930d952a88a97d4b848f825456838441303fd7813e07185a781
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:32 GMT
expires
Mon, 23 Oct 2023 07:48:32 GMT
last-modified
Mon, 10 Oct 2022 03:53:43 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 55F2 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvrF-Wj5BbX3r5gJjh7_GFhU0SEDAqVvlG6Uz0QFmbakkLAAWK1Fj33tP8bsMthis6Odz0QUQwCWL5hy8k4q4Vwnjx6nhoWKG-Y-dcXCwxyiESrJVA-_5Qql0cZT1atMAtf1YjQ4nn0bwaZFK-PDiP265lVL9f17IMhr4p5FGawE6YGUt-Geu03oiL7tEpVEoTpDIb9BbqF7lBqbBGAFV6TnP4432xivusnxCSBhB6T5KZ5uThfjs2074e7qlCt6BMyIsTR8HLpd-Ja1_xNBrafX4upe6bFli6JguqxsCUHbCqSqJ2MqgxtaTPrN1pO_R99bVoZZunGtt-niCfTQMdjdLPpg-z1cf5wunVSKNoGC98Zv5RJ4pr-DDQP-q0hm2BxCJbh2lIJ659goDcA88zLZu3CH3wSMp4n1YLEYKNgd1uNooDkMegq-3Hnn3hPVqtYERj5Y_19LLY1OwPCVn3nWG1eJ_dCg-GX1Zhzs3m7HQO5V9YsQqx2_1v3qPKEAe48eH4PA9tUxBCt1TX-mUbj7w1StgqZGhOen6ay0p5hG814w-WqXingjsytDK65otYVJyWLeUJazfDKeIp1Z42XIX8CLsf5m5fBPYDwEbKyO0auJ6qhGK14CaX2ufNhSLWfTQ-CTN6833zrMBei6UxNXoKZN7zdhKtdU9gBWP60Wz4VJz16RLQfxnpoBIEVvqkpGKf2ElIYdaPB5C2UjK3ZxSFLkRsE_VG4R5H6CEeI4VSi5FXqR9pIoLXVlVHaObHUXCpDt6oXbeElfe5T7le3svnoKwd9CjtOcmrx-IQND1zrJf7ZHfcqEfYsqpVOaU03QfhvDLUtyGNxudD-jrwC659KxzbArjQe9lpsMrNSyBK8IT8nenmB4_iCK-r4eZeEI2HlIvRFYMhrrbxaWqJpxGNyEMNba6fAza39mZmbA6FcKlVqK-VvTF6CsztJclHeSwC-0Wt5toaefEsFxiqNBBsP6_MrqrhBo4mcW0AJdKEz8RH6UAzCjQqG_xbbD_oZbSLSbU3pOsCTnrlUL2sGyGAnxtd2FydKYZQHTl7NKhprDAWXIWv50YVEpwDSpCV9Jfie5MxDy3GQb_xs5naUacKS9q_4w-GDEbpVCsE6Z7ng6eoo3-19njjwlLdsi0B3SG3_0lAYzEImUWlLEPbLguKl4mZIIF-pMz5yJ4wirlQdMfyezv2XNAIePO43jyKBE9v_WLXmckHrpzun_579tiqvHtmjRofpY22N2ML6XqNifvIUO2hRNJW8F3N38GAdgumWeHVacCI6iScIiCfVQBDJrc4yyiZaI0wQUy16hAuZm8H0w&sai=AMfl-YRDmz-F0iW0xB0x0RLozam9DJaKOC8SFEIC_u-aLQGLbehvKyl-RG2-y_phpzt6nxRjeUyad_P3o1645TZMUB0pySxKc_kTQ4hy-GORh0pGjr6pwo_nwJ_lwUuO5dp-XDzstuLL0Mep2hkA4ylUTz55DhYW4M_woaA5F5zg9E3Hv7DFprlbbkkmVjc_XlNHdHG7yvNYib2R6xltlikFrs-eUD06tMksdsmo53-S1-MF7WUgpdqF86DTL7i7lsWgocIPLpKdcE0&sig=Cg0ArKJSzLy5w-wY3QBbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=796&cbvp=1&cstd=793&cisv=r20221019.95644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
index.html
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		78 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
93432ee25d81d44fe76afa9d0f22d0396202cc82f73e1aeda0c4e0dcdef1804a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:32 GMT
expires
Mon, 23 Oct 2023 07:48:32 GMT
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 85FC 		0
27 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOludXANod-j1Vldc1uFB8PZDivD6O2Foh5pbEm2BZ8hgtlPmZxemVDxZioHusuGVj8epXhgIZtVEoA3Pbguy8v4z6QM9HIithK82i_at8fh6TxX747HOtJq-gS6RN63-8EUgUu8P8Q_W3ow59xovgCXMlzckPqOqFaXc0yX_ztfZPpmCTSJtfGi03jYUmysCkp_M--lW_i8ZEauOAvzaQ3ZCD-LhIiZVg2bWYsSgtr2cmLt1u-cOalxS3bDNDRNEXhOvTZRR0HdZ3o8S80Hf0b6gtmjgMPt61wkOBX-bL_wHFYO99uFV49j5bflh7CaamK5MhBjyD1S5R_56WOMxsCkTscAFbDj_CfY6W5swbsA1LcMZvziyEq4vFjCyb9J_mlc146n_bCcU3Jm2VPoTRF_NFp8sm5i21c4N_VUREwhckE2zRh5HDHFtKm6rfQEYt19m4gJRF5nqSX6kjBNAVXuVmXE5VMd9yjwYowZHCZef3MO9JMNcDHKA6nbHD4YBUq2tVkh21F7wHJ1D5o8O1znxt0IARU3fXmjzNTF2t5AU1NA71dFg0Y9NPwv6eglQscMT1H7VzA4bUy_CcIvPsCp1MtSMNIEuwkWkDSqa0cLdgmaXtk7JC6bYOQWP3ywanTjI-lsIETxaHFb08MHAj_zD0ZK5Bsr9L1j9HtY_GPchBt7pUWbfUU8dEUq8YMgrYmRor3CTm6wAi2R7ka_17FYTexWVJ8pkr9a_CYFkP0Lml32CaWpoEPLSEtdCccn6EqGvOwpugKbJj2KCPYSSsfeRKLBeobOXNFPJ221LV7Hcuiuqxxm_Tzpcf9xWDmDrpSP6AmghFEEAbXME_G72YI7oW4DeF6k3JqIATFtpxcx1GyVYrYtUJeMYp4IJEBlgW24AivdFEqRA7_hPsEO6vHGGTlFDN-yItNzN1W0gQ0HZ4-HMMUC9XQflG2UGrybWAhYLEW3tLnxcuvhOqllQG8euh52snj0pz2TmpXruevWoXE6HK3tzcwndDiTvxi6VDG2bgV-KbiWWXE4W3c62eBgPlgtJXjgA1jt0dvOXmFLDyw_iVA4DIKhNcr_Vu4kT3BY5lrbvY_7kPWurxz2Lt7cUOMB_e5jan8AD3PyG0Du3PQKC2wQ2IJEr4E86ELZX095UtWaw5EHVkIZq1GdjgT2FzovxTQ7zCPsUqonDdeWAqrtHL0ujWHyHtRCJnDTTku8m-1rUj2w8uZ4dOdYlhuQYzvyLmYV8gwiOJgjdcdajoAFZI2qK2EODIzvdx1Yqr_vv_CyFZfmLBwYBYr2E725m3KeSQH5_-Nhhd1QDRV4dMMMhj12US2A&sai=AMfl-YRYllsTfQY-mAtCUY7svvWKHfrP-CPxsEdedWXdDRGFhfhNNuG4H2c-fkRXqXxvPBKGrbox3qNGdl4NjOToA6zPlqjv646VzjWSiOS10yKWnn9tkq5b_pz0nHbRaCSm6XM0t2TwKN_pILeqC8H1bGypZo4G8m-zGdZ_zDfKrIHMQiwEuyR_2YD0yf-VyN7yec17rnVy2B7-IjAtZcQK2Hgg4iHxdlnYIH5RLPQ2vsVAcvuE8T1Hu9LV2nZ6k1HUEfcqXhjxr98&sig=Cg0ArKJSzNJ2YXj4KuOfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=872&cbvp=1&cstd=870&cisv=r20221019.43408&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame C356 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvF4zzvFUY92RMIGO1Aac9qyABgAAAAA4AeAEAg&bg=!hYalhsLNAAaaxvStusY7ACkAdvg8Wk5yVavm4ydCFLwrraqtPg3bEYj2gnuTFx9QQwPYM2EAUDxOVwIAAACxUgAAAARoAQeZAunGkJxT3pw1qhVr37-KYDT0fWVfM3aFABStdjuMTHO-cECzEem3axi1ZiVP2-2ck_pcSY-ou5ULuu7sWsL8vE1hgI6up4MktdQVpXAuaDmPhPL3RKTYqBjfN2vB3BhvsuXVRFz-3q1q6PcUonDE33OIMW-7KtnFaauTxLoOWJsWon3H8ZWwVQCggzaJwJUTGUu6J2wOiOtnOQthyiSq-DYl8j9cvaoxzfokFeK4J5R8wXf9Gw8aj-9ir2xe2a5FfvN-cvDNzs8nxezbEXIHFOiNFonD1Z5_MUtakomSYsezF5ZM99U8yu1cVwhNx9eIafY7rstgZhT64thM9qTt7XsvZk-qel0vlm4qpELKO_SXyP95koMgqcdN1urb7ZF8k6OWON1la7oSEaDAh6ROcEpqGzcQzzJZS_zmpwBe8snZ0Rrde52Uqwo4oVXdqWR-XEtIiJq2V7PuhbEzkonKMxuhOTdOLLJTnZJim-JFTZ_vlyXlurGN-qAbx3ahNokFmBKSGL7BB9fnpUDaZxzTSy7iQVaWH-KPhnUHBjK6rQb_i3GOwG-6Tr5swcaAFGy5SJIvoDzN6O2aGdBlcqz8PagJSTNaD3uRkWtljJVxJziY8m_xPl3pKrU_FvGYP3emfsQeZ34spIqQCdaLAf8SFt_u-y8sZvzPC_Lfnu-gfoyofeyszuJIbjrZS0Qdsn9Rg2Jt_bFqjrQE2OD797lS9teJXSDJIUfI6M83S5BesiuAImPJ3a1g6H_fj1pJM5hLwmFjsXhJdgeoyNmpqy-bjnZ6jF7oqnfVQBNDQ7JTER2JkzG4OAzjVNcVDWK54CyO86G_VeNGIDQlw7ELsqic_xlrX9ALiDTerrJDbcJN9sg8geD_6E1ECOdNJvrgpcydb21aKnBA1_k07xPgtsSk8DpHfIyBEbGwzNqMHeU77KFOZvQbqCY4bX7UGaaXas9K4e5n6VoDFXvW4FUvBINBkOjlLsqWUt4Y7_lG
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 1E9E 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BL9XxzvFUY7b0MJboowOWnajgAwAAAAA4AeAEAg&bg=!mJulm9_NAAaaxvStusY7ACkAdvg8WoY6kmiXlldk7zQQ7VU3Jzk-KEaoen2sRs_VGjNP6c6wEBa4iQIAAAB_UgAAAANoAQeZAuWTCoMGrRsaJ6pV2QPyDUYHimKyAA2oMAydm-0Ir6FAbBmztDSA4ynuhwthSCnPslgaD18pCyhNAGU5rLgOHGpm5pzy-ieq6S1BHlmBXK_HbYNJsyQ5n1a9GNndG87e9PZhgSS7RPMGxGoOZYCoXyKjXPXuFhptYeM7PNF_ad8TD4xsjf7zro84rqZdHxlSIYknSescEjwFEklTRVgsC9EHznymUSZJ0nA7PzA5X62W7ofT4rSaarQUwFSdrzeuS8BdnYUzxn-16x2is9reRVQmphbZHei6SoR3SbTUT6UZbR4wnM7ymu-VEiPk8aG8XB2fW1KLBm3fUsvwjAhsbUtI8PZwMxivoxMVXwRpkPGGWJVwQp368C6UKhRXgxumfqJRK1nOSFN6xDW0PZuID4LZHkiytv1_fXeCXU-TlBh4ssW09cps4QBWdqAw6oXF8yEV3wRTs2Ht5ZpOt8oOIp1zXBf2D2zRyzWPdpxiUsn6Sal1k9W0TwSQ3fCXbd8XVjlZ7On0lW30EyLlGm5nSGZ8ifM04BGR9JuJFwrMPCs6Rp2ClDe3Ogj3fif_82fCnZZzFqnoN9bj52YQVcxpdMM6Uzby0PLkSNU8S2t3xAy31X2ig0g_o9VmqzVTx0OafRdoiRfeNMXbzaKsw38YF-vx8kk_QYcatL5OpuFnYs3QF_7BUu7nTmvFThj44DJ15IkDCcy0bO89bsAtt5nwQZpNgv-gX4Xw9U50PfC5fCPi4PxQvvGrxn9ick9Ru8JnxhlEKMITtmSgR36Ssnc5OuY1Xq_xz9on6lMnPN2HW6jmiR0F1SA0SnDwjs8FFzWDwnReMm2oC-HzSbBtqrl3EGPblhUPY5ANxrfZQXvGeuWBVpZH8hdJa4FJF0sUglGL1R_DNqJtMXtPfUKLsjdontjhqn5WuXmleoDXS2gCeDmROBB6qdJtCSMEG18D1alhgSEUL7EtzYMY7p_Ibd0tzXT8dELpcnM
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 55F2 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvz0ef0lHlUZ25a5eJK76jrigy-cCbfrlK5aJXVb95NauyG8FlgmgetZi0zL3Jqr_u7iPSJzU0dmE7FDb61nopTP6KrrWx-UV5n1vbvcClPCQeQMKKaloR1vUcem6z-BwLsABs&sai=AMfl-YQLXLQISIDv8A5Qintfeg1hevtaY5TB6mH4GQImYH1K_Jit9JE3e8IZmT7dKtMptMcBRBLlMl566be0H_KDL3pO4l9LzxDKWut1dOIgJRREMTuFsuLFvWuKtRJjBw&sig=Cg0ArKJSzIBQtSLjoeRcEAE&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666511310180&rpt=1158&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 85FC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYXZvBAZhTLDCVZj8MTM-Ff9RfkDwAoCoDH9Q1HjOObpemKGSNt1PeHpfgcWRi53tBmAr6TinDdEdwrvaN_OvLQJVSoeAtrCJItLS9VX-0fSQ5p94AhWUGwFRX7p1QUoKtH9k&sai=AMfl-YQykuq0qdewFPzHweBfnAN_Y23vjffmbHYNRxsmB3Jm904jRQOF_5ObfZG8ibj7GCqp3wlrBPQJJN5yfGDI6Omk0aCy_NFyvAAnFQbtqQNWVOWKjaAAI1sc-RCecA&sig=Cg0ArKJSzE5oFMDy91HAEAE&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666511310184&rpt=1217&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame C298 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 01:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Oct 2022 01:03:57 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 23 Oct 2022 07:48:32 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
268052
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		327 B
640 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7240eebf5f6748832c1b4dcb165f0206912f4e8f5b17d38c5b639b3c07c0a5e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1253639
expires
0
rid
match.adsrvr.org/track/ 		109 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
108156241599b5f216ac00cf5b7b0a588fca6cfdf25710f54b4e4c425b5d45df

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
109
expires
Tue, 22 Nov 2022 07:48:32 GMT
/
onetag-sys.com/usync/ Frame 036F 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1666511308352
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
pd
u.openx.net/w/1.0/ Frame 08DF 		533 B
634 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
b4acdfafe14b326a679095a3685a99302c5a3ade5a79d59f4c760667d0398e11

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
322
content-type
text/html
date
Sun, 23 Oct 2022 07:48:32 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame C4F2
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
8646c4691d5fdaeb7c5cc9b6ef69be74e0f92c504f29b9eedd136260afc18910

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
1083
content-type
text/html; charset=utf-8
date
Sun, 23 Oct 2022 07:48:33 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 23 Oct 2022 07:48:32 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
async_usersync.html
acdn.adnxs.com/dmp/ Frame A090 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
11969
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 23 Oct 2022 07:48:32 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
52, 20910
X-Served-By
cache-lga13626-LGA, cache-syd10179-SYD
X-Timer
S1666511313.705596,VS0,VE0
checksync.php
contextual.media.net/ Frame 421C 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fe76ac8037f1e137f6af98225dc93f4c6c5683e741fe70a848d9d6335440b1dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11834
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:33 GMT
expires
Tue, 25 Oct 2022 07:48:33 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
sync.html
public.servenobid.com/ Frame 7D93 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.36.45 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-36-45.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
5865
cache-control
max-age=86400
content-encoding
gzip
content-type
text/html
date
Sun, 23 Oct 2022 06:10:48 GMT
etag
W/"73e6cbdab99355b35d71abf2ea225ccb"
last-modified
Fri, 14 Oct 2022 20:27:38 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
x-amz-cf-id
P6nuvbyy8d-07o-z8-s79y_jN8B4wrl4LiHNXUUXp2vQmngY4hoeIw==
x-amz-cf-pop
MUC50-P2
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:3af1d685-3010-4d5a-b093-b3a07cfff8d4
x-amz-meta-codebuild-content-md5
7549bc6c6d823788ee0fb3e82c36711f
x-amz-meta-codebuild-content-sha256
a4bfb92c455b4ab78db908287ee14cc08cc0080652f1ca29578852e9526e8fda
x-cache
Hit from cloudfront
usync.html
eus.rubiconproject.com/ Frame 8906 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 23 Oct 2022 07:48:33 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 3CBE 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
162
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
75e8def87835a8d1-SYD
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:32 GMT
expires
Sun, 23 Oct 2022 11:48:32 GMT
last-modified
Mon, 25 Jul 2022 19:18:26 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=33df9250-78ac-4ebd-a2de-f284803e48fc
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A&gdpr=0&gdpr_consent=
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A&gdpr=0&gdpr_consent=
date
Sun, 23 Oct 2022 07:48:32 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1---
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
sync
x.bidswitch.net/
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=33df9250-78ac-4ebd-a2de-f284803e48fc&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=33df9250-78ac-4ebd-a2de-f284803e48fc&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=e63cc242-f8e2-4c4a-963c-648969a8ff0e&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10525123437749381604&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10525123437749381604&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=dcbff5eb-81f6-43c7-8173-cfd68dde1ea5&ssp=adaptmx&gdpr_consent=&gdpr=0
  • https://aa.agkn.com/adscores/g.pixel?sid=9212302828&puid=10525123437749381604&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2?tagid=V2_785409&src.visitorId=231963304313004792488&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=419&user_id=10525123437749381604&ssp=adaptmx&gdpr=0&gdpr_consent=
0
0
pixel
ap.lijit.com/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D33df9250-78ac-4ebd-a2de-f284803e48fc&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1051%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D33df9250-78ac-4ebd-a2d...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1051%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zM2RmOTI1MC03OGFjLTRlYmQtYTJkZS1mMjg0ODAzZTQ4ZmM%253D%26uid%3D%24UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Server
209.191.163.208 , United States, ASN14744 (INTERNAP-BLOCK-4, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sun, 23 Oct 2022 07:48:33 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1---&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1051%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD0zM2RmOTI1MC03OGFjLTRlYmQtYTJkZS1mMjg0ODAzZTQ4ZmM%253D%26uid%3D%24UID
date
Sun, 23 Oct 2022 07:48:32 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame B8D2 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 01:03:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
24275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 24 Oct 2022 01:03:57 GMT
sd
us-u.openx.net/w/1.0/ Frame 08DF
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8272855404275733541&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8272855404275733541&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8272855404275733541&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 08DF
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0
  • https://match.adsrvr.org/track/cmb/openx?oxid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=8181f220-b174-4e80-bb88-6a1af451a19c&ttd_puid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8181f220-b174-4e80-bb88-6a1af451a19c&ttd_puid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=8181f220-b174-4e80-bb88-6a1af451a19c&ttd_puid=4f2c7b3d-f4cf-7921-f73e-c2fb2f477eaf&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 08DF
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1Tx0cCo5s4AAP-RIfcAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1Tx0cCo5s4AAP-RIfcAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
33
Date
Sun, 23 Oct 2022 07:48:33 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":33,"gdpr":false,"ipv4":"173.245.209.112","key":"Y1Tx0cCo5s4AAP-RIfcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40063"}
X-SO-Key
Y1Tx0cCo5s4AAP-RIfcAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40063
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y1Tx0cCo5s4AAP-RIfcAAAAA
Cache-Control
private
X-SO-HostName
a-ad40063.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
5
Content-Length
0
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-IP
173.245.209.112
sd
jp-u.openx.net/w/1.0/ Frame 08DF
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbEcPFqwNvx6ks8ADv_jCDJdm88AAAGEA9Ca1g
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbEcPFqwNvx6ks8ADv_jCDJdm88AAAGEA9Ca1g
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
via
1.1 e458de70cfe2237c659d4e5f2ae84564.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AbEcPFqwNvx6ks8ADv_jCDJdm88AAAGEA9Ca1g
cache-control
no-cache
content-length
0
x-amz-cf-id
rj-b5Zs3SmsqeOliVdekS3KMmN_sma9CKBGJZfPrH9Sa1usRk0LTjg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 08DF 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjM0M2E4ZjctM2RiOC0yNzg1LWUyZGUtOTg0MmU1YTViMGNm
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 08DF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEE9-70aXBJqEsPo2RrCQC4U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 55F2 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuvrF-Wj5BbX3r5gJjh7_GFhU0SEDAqVvlG6Uz0QFmbakkLAAWK1Fj33tP8bsMthis6Odz0QUQwCWL5hy8k4q4Vwnjx6nhoWKG-Y-dcXCwxyiESrJVA-_5Qql0cZT1atMAtf1YjQ4nn0bwaZFK-PDiP265lVL9f17IMhr4p5FGawE6YGUt-Geu03oiL7tEpVEoTpDIb9BbqF7lBqbBGAFV6TnP4432xivusnxCSBhB6T5KZ5uThfjs2074e7qlCt6BMyIsTR8HLpd-Ja1_xNBrafX4upe6bFli6JguqxsCUHbCqSqJ2MqgxtaTPrN1pO_R99bVoZZunGtt-niCfTQMdjdLPpg-z1cf5wunVSKNoGC98Zv5RJ4pr-DDQP-q0hm2BxCJbh2lIJ659goDcA88zLZu3CH3wSMp4n1YLEYKNgd1uNooDkMegq-3Hnn3hPVqtYERj5Y_19LLY1OwPCVn3nWG1eJ_dCg-GX1Zhzs3m7HQO5V9YsQqx2_1v3qPKEAe48eH4PA9tUxBCt1TX-mUbj7w1StgqZGhOen6ay0p5hG814w-WqXingjsytDK65otYVJyWLeUJazfDKeIp1Z42XIX8CLsf5m5fBPYDwEbKyO0auJ6qhGK14CaX2ufNhSLWfTQ-CTN6833zrMBei6UxNXoKZN7zdhKtdU9gBWP60Wz4VJz16RLQfxnpoBIEVvqkpGKf2ElIYdaPB5C2UjK3ZxSFLkRsE_VG4R5H6CEeI4VSi5FXqR9pIoLXVlVHaObHUXCpDt6oXbeElfe5T7le3svnoKwd9CjtOcmrx-IQND1zrJf7ZHfcqEfYsqpVOaU03QfhvDLUtyGNxudD-jrwC659KxzbArjQe9lpsMrNSyBK8IT8nenmB4_iCK-r4eZeEI2HlIvRFYMhrrbxaWqJpxGNyEMNba6fAza39mZmbA6FcKlVqK-VvTF6CsztJclHeSwC-0Wt5toaefEsFxiqNBBsP6_MrqrhBo4mcW0AJdKEz8RH6UAzCjQqG_xbbD_oZbSLSbU3pOsCTnrlUL2sGyGAnxtd2FydKYZQHTl7NKhprDAWXIWv50YVEpwDSpCV9Jfie5MxDy3GQb_xs5naUacKS9q_4w-GDEbpVCsE6Z7ng6eoo3-19njjwlLdsi0B3SG3_0lAYzEImUWlLEPbLguKl4mZIIF-pMz5yJ4wirlQdMfyezv2XNAIePO43jyKBE9v_WLXmckHrpzun_579tiqvHtmjRofpY22N2ML6XqNifvIUO2hRNJW8F3N38GAdgumWeHVacCI6iScIiCfVQBDJrc4yyiZaI0wQUy16hAuZm8H0w&sai=AMfl-YRDmz-F0iW0xB0x0RLozam9DJaKOC8SFEIC_u-aLQGLbehvKyl-RG2-y_phpzt6nxRjeUyad_P3o1645TZMUB0pySxKc_kTQ4hy-GORh0pGjr6pwo_nwJ_lwUuO5dp-XDzstuLL0Mep2hkA4ylUTz55DhYW4M_woaA5F5zg9E3Hv7DFprlbbkkmVjc_XlNHdHG7yvNYib2R6xltlikFrs-eUD06tMksdsmo53-S1-MF7WUgpdqF86DTL7i7lsWgocIPLpKdcE0&sig=Cg0ArKJSzLy5w-wY3QBbEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1552&vt=11&dtpt=756&dett=3&cstd=793&cisv=r20221019.95644&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Myer_Promotion_Digi_Banners_Concepts_MREC_300x250_01_2.svg
s0.2mdn.net/sadbundle/4341851026603666896/ Frame C298 		135 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/4341851026603666896/Myer_Promotion_Digi_Banners_Concepts_MREC_300x250_01_2.svg
Requested by
Host: 2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
0d5edbf4fa2f41d5537480729dc50e6cfb4b9f5bfd07a15f0ec8e904bfedaefe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/4341851026603666896/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 10 Oct 2022 03:53:43 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:32 GMT
null
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Sun, 23 Oct 2022 07:48:33 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 8E78 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb9dd6c1b0c3c8cb3b6c1afdb68553bcf8b2267d36a83e41215de9ae039bc078

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75e8defa7e60a81d-SYD
content-encoding
br
content-type
text/html
date
Sun, 23 Oct 2022 07:48:33 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame A090 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:32 GMT
AN-X-Request-Uuid
467a745a-c8e7-4537-b6ea-34722bd70512
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Disclaimer_1.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		142 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Disclaimer_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
3ba32669815f7677b77f9a7b08d412f3a4ffbcea501b6689734181ddf9b6f506
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:32 GMT
Text_1_3.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		16 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Text_1_3.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
947746a3fbd83939a89aa693fb7117ce6b21dac1a8289194952b8c93b3fba029
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:32 GMT
Text_2_5.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		19 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Text_2_5.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
cced71af699b96dbfbc24439594b4d43af733f34c97c99fd34c3ff18f3845426
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:32 GMT
Illustration_1.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Illustration_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
50d5acd2ca221d9baed26076dfe9ffa86c5fcf535d1176f914bc42efe7ab823b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1380
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:32 GMT
Background_2.svg
s0.2mdn.net/sadbundle/2129343214390369436/ Frame B8D2 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2129343214390369436/Background_2.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
66b654e131c69e5a91130dbea071278f0aaf9435812b36986b8a958b5fca49f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2129343214390369436/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 05:17:11 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 23 Oct 2023 07:48:32 GMT
truncated
/ Frame B8D2 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
xuid
eb2.3lift.com/ Frame C4F2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=8181f220-b174-4e80-bb88-6a1af451a19c&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=8181f220-b174-4e80-bb88-6a1af451a19c&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=8181f220-b174-4e80-bb88-6a1af451a19c&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame C4F2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE1NjY0MDUzMzYxMzk2MDgyMzg0Mw%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame C4F2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPxPBxWKwU0L5FFjWvCJPWY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPxPBxWKwU0L5FFjWvCJPWY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEPxPBxWKwU0L5FFjWvCJPWY&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C4F2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE1NjY0MDUzMzYxMzk2MDgyMzg0Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE1NjY0MDUzMzYxMzk2MDgyMzg0Mw%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MTE1NjY0MDUzMzYxMzk2MDgyMzg0Mw%3D%3D
date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame C4F2
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1156640533613960823843&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=1156640533613960823843&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=802632e4-dfd2-4113-84a9-3d8416f7ed9a&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=802632e4-dfd2-4113-84a9-3d8416f7ed9a&_noobservation=1&_expected_cookie=9b84b95...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=802632e4-dfd2-4113-84a9-3d8416f7ed9a&_noobservation=1&_expected_cookie=9b84b955ac0d8384f9f868c93917ff66
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sun, 23 Oct 2022 07:48:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75e8df038b56ab05-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=802632e4-dfd2-4113-84a9-3d8416f7ed9a&_noobservation=1&_expected_cookie=9b84b955ac0d8384f9f868c93917ff66
date
Sun, 23 Oct 2022 07:48:34 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
75e8df0259cfab05-SYD
content-length
0
sync
x.bidswitch.net/ Frame C4F2 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=1156640533613960823843&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame C4F2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/1156640533613960823843?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-of_QYoBE2oS6pnGjE8ReUyA16usndGLnavhr6.mwaQ--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-of_QYoBE2oS6pnGjE8ReUyA16usndGLnavhr6.mwaQ--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 23 Oct 2022 07:48:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-of_QYoBE2oS6pnGjE8ReUyA16usndGLnavhr6.mwaQ--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame C4F2
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=1156640533613960823843
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1156640533613960823843&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1156640533613960823843&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
CREA4RKVFZWK6CD02214
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=1156640533613960823843&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame C4F2 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=1156640533613960823843&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
last-modified
Thu, 13 Oct 2022 15:58:17 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 270AFE2A9BD042C2BE9F482E829CE571 Ref B: SYD03EDGE1410 Ref C: 2022-10-23T07:48:33Z
etag
"e997be9b1cdfd81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame C4F2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=mYmPRxfDKsrl9BtvdO9l&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5NVMW2UCSPBTEI...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mYmPRxfDKsrl9BtvdO9l
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mYmPRxfDKsrl9BtvdO9l
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 23 Oct 2022 07:48:35 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=mYmPRxfDKsrl9BtvdO9l
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
115
Expires
Thu, 01 Dec 1994 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 8E78
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8181f220-b174-4e80-bb88-6a1af451a19c&expiration=1669103313&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8181f220-b174-4e80-bb88-6a1af451a19c&expiration=1669103313&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=8181f220-b174-4e80-bb88-6a1af451a19c&expiration=1669103313&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
dcm
s.amazon-adsystem.com/ Frame 8E78
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
RVQ3R2JXX0XGNCS6JTBJ
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BR6V2QESFVXSJSXZFR9B
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame 8E78
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFWZEsQTSNbM5k9ahgLTb9c&google_cver=1
43 B
594 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFWZEsQTSNbM5k9ahgLTb9c&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
75e8defdcb7da81d-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEFWZEsQTSNbM5k9ahgLTb9c&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 8E78 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.141.48 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-141-48.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame 8E78
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
Date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
crum
dsum-sec.casalemedia.com/ Frame 8E78
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7a246354-f1cb-4200-9264-77f3fea74251
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7a246354-f1cb-4200-9264-77f3fea74251
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:33 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 23 Oct 2022 07:48:33 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x16 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7a246354-f1cb-4200-9264-77f3fea74251
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 23 Oct 2022 07:48:32 GMT
tp_out
d.adroll.com/cm/index/ Frame 8E78 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.242.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-242-203.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 8E78
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=f_U_VywjTiR_Dlvjn41Uza310XA
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=f_U_VywjTiR_Dlvjn41Uza310XA
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=f_U_VywjTiR_Dlvjn41Uza310XA
Date
Sun, 23 Oct 2022 07:48:33 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
cdn.indexww.com/ht/ Frame 8E78 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
33582
etag
"761e21-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
75e8defd3bf3ab02-SYD
content-length
43
expires
Mon, 24 Oct 2022 07:48:33 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 85FC 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuOludXANod-j1Vldc1uFB8PZDivD6O2Foh5pbEm2BZ8hgtlPmZxemVDxZioHusuGVj8epXhgIZtVEoA3Pbguy8v4z6QM9HIithK82i_at8fh6TxX747HOtJq-gS6RN63-8EUgUu8P8Q_W3ow59xovgCXMlzckPqOqFaXc0yX_ztfZPpmCTSJtfGi03jYUmysCkp_M--lW_i8ZEauOAvzaQ3ZCD-LhIiZVg2bWYsSgtr2cmLt1u-cOalxS3bDNDRNEXhOvTZRR0HdZ3o8S80Hf0b6gtmjgMPt61wkOBX-bL_wHFYO99uFV49j5bflh7CaamK5MhBjyD1S5R_56WOMxsCkTscAFbDj_CfY6W5swbsA1LcMZvziyEq4vFjCyb9J_mlc146n_bCcU3Jm2VPoTRF_NFp8sm5i21c4N_VUREwhckE2zRh5HDHFtKm6rfQEYt19m4gJRF5nqSX6kjBNAVXuVmXE5VMd9yjwYowZHCZef3MO9JMNcDHKA6nbHD4YBUq2tVkh21F7wHJ1D5o8O1znxt0IARU3fXmjzNTF2t5AU1NA71dFg0Y9NPwv6eglQscMT1H7VzA4bUy_CcIvPsCp1MtSMNIEuwkWkDSqa0cLdgmaXtk7JC6bYOQWP3ywanTjI-lsIETxaHFb08MHAj_zD0ZK5Bsr9L1j9HtY_GPchBt7pUWbfUU8dEUq8YMgrYmRor3CTm6wAi2R7ka_17FYTexWVJ8pkr9a_CYFkP0Lml32CaWpoEPLSEtdCccn6EqGvOwpugKbJj2KCPYSSsfeRKLBeobOXNFPJ221LV7Hcuiuqxxm_Tzpcf9xWDmDrpSP6AmghFEEAbXME_G72YI7oW4DeF6k3JqIATFtpxcx1GyVYrYtUJeMYp4IJEBlgW24AivdFEqRA7_hPsEO6vHGGTlFDN-yItNzN1W0gQ0HZ4-HMMUC9XQflG2UGrybWAhYLEW3tLnxcuvhOqllQG8euh52snj0pz2TmpXruevWoXE6HK3tzcwndDiTvxi6VDG2bgV-KbiWWXE4W3c62eBgPlgtJXjgA1jt0dvOXmFLDyw_iVA4DIKhNcr_Vu4kT3BY5lrbvY_7kPWurxz2Lt7cUOMB_e5jan8AD3PyG0Du3PQKC2wQ2IJEr4E86ELZX095UtWaw5EHVkIZq1GdjgT2FzovxTQ7zCPsUqonDdeWAqrtHL0ujWHyHtRCJnDTTku8m-1rUj2w8uZ4dOdYlhuQYzvyLmYV8gwiOJgjdcdajoAFZI2qK2EODIzvdx1Yqr_vv_CyFZfmLBwYBYr2E725m3KeSQH5_-Nhhd1QDRV4dMMMhj12US2A&sai=AMfl-YRYllsTfQY-mAtCUY7svvWKHfrP-CPxsEdedWXdDRGFhfhNNuG4H2c-fkRXqXxvPBKGrbox3qNGdl4NjOToA6zPlqjv646VzjWSiOS10yKWnn9tkq5b_pz0nHbRaCSm6XM0t2TwKN_pILeqC8H1bGypZo4G8m-zGdZ_zDfKrIHMQiwEuyR_2YD0yf-VyN7yec17rnVy2B7-IjAtZcQK2Hgg4iHxdlnYIH5RLPQ2vsVAcvuE8T1Hu9LV2nZ6k1HUEfcqXhjxr98&sig=Cg0ArKJSzNJ2YXj4KuOfEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2039&vt=11&dtpt=1167&dett=3&cstd=870&cisv=r20221019.43408&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 8906 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:33 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46230
Connection
keep-alive
Content-Length
9455
Expires
Sun, 23 Oct 2022 20:39:03 GMT
sync
gum.criteo.com/ Frame 421C 		61 B
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
477351
expires
60
usync.html
eus.rubiconproject.com/ Frame 14A2
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 23 Oct 2022 07:48:34 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 23 Oct 2022 07:48:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 7468
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Drkt%26refUrl%3D%26vid%3D651131343530951291368304600...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=rkt&refUrl=&vid=65113134353095129136830460000V10&ovsid=2019090386969966868
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=rkt&refUrl=&vid=65113134353095129136830460000V10&ovsid=2019090386969966868
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sun, 23 Oct 2022 07:48:34 GMT
expires
Sun, 23 Oct 2022 07:48:34 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 23 Oct 2022 07:48:34 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=rkt&refUrl=&vid=65113134353095129136830460000V10&ovsid=2019090386969966868
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 01EC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dpba%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139913
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 24 Oct 2022 22:40:27 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 421C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dapx%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=apx&refUrl=&vid=65113134353095129136830460000V10&ovsid=6432641794665890972
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=apx&refUrl=&vid=65113134353095129136830460000V10&ovsid=6432641794665890972
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:33 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:33 GMT
AN-X-Request-Uuid
9f2eaf4d-94bc-4660-8094-c7e507c46846
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=apx&refUrl=&vid=65113134353095129136830460000V10&ovsid=6432641794665890972
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 421C
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3095129136830460...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=opx&refUrl=&vid=65113134353095129136830460000V10&ovsid=870012a2-5fcf-43c1-9471-bc959da8ec73
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=opx&refUrl=&vid=65113134353095129136830460000V10&ovsid=870012a2-5fcf-43c1-9471-bc959da8ec73
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:33 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:33 GMT

Redirect headers

date
Sun, 23 Oct 2022 07:48:33 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3095129136830460000V10&type=opx&refUrl=&vid=65113134353095129136830460000V10&ovsid=870012a2-5fcf-43c1-9471-bc959da8ec73
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame 421C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dmma%26refUrl%3D%26vid%3D651131343530951291368304...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=mma&refUrl=&vid=65113134353095129136830460000V10&ovsid=7a246354-f1cb-4200-9264-77f3fea74251
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=mma&refUrl=&vid=65113134353095129136830460000V10&ovsid=7a246354-f1cb-4200-9264-77f3fea74251
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:33 GMT

Redirect headers

Date
Sun, 23 Oct 2022 07:48:33 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x2 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=mma&refUrl=&vid=65113134353095129136830460000V10&ovsid=7a246354-f1cb-4200-9264-77f3fea74251
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 23 Oct 2022 07:48:32 GMT
sync
ads.servenobid.com/ Frame 421C
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dr1%26refUrl%3D%26vid%3D65113134353095129136...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dr1%26refUrl%3D%26vid%3D65113134353095...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6948722242
  • https://sync.1rx.io/usersync/tradedesk/8181f220-b174-4e80-bb88-6a1af451a19c
  • https://sync.targeting.unrulymedia.com/csync/RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
date
Sun, 23 Oct 2022 07:48:35 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXeb961c935c33438c82eeaa9cae1c411b004
content-type
text/html
cksync
cs.media.net/ Frame 421C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA5NTEyOTEzNjgzMDQ2MDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGz7Zy96SJzHiJ0ef8BHzok&google_cver=1
45 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGz7Zy96SJzHiJ0ef8BHzok&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEGz7Zy96SJzHiJ0ef8BHzok&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 421C
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Ddxu%26refUrl%3D%26vid%3D65113134353095129136830...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=dxu&refUrl=&vid=65113134353095129136830460000V10&ovsid=jv4e2VnL1OMvID5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=dxu&refUrl=&vid=65113134353095129136830460000V10&ovsid=jv4e2VnL1OMvID5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:33 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:33 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5502e06#5502e06d7dbe3c52c9a5559e1550ac262fba6e07 i-062a250e8c9e3d8af@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3095129136830460000V10&type=dxu&refUrl=&vid=65113134353095129136830460000V10&ovsid=jv4e2VnL1OMvID5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 421C 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
228211
expires
Sun, 23 Oct 2022 00:00:00 GMT
sync
x.bidswitch.net/ Frame 421C 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:33 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cksync.php
contextual.media.net/ Frame 421C
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Dzem%26refUrl%3D%26vid%3D65113134353095129136830460...
  • https://stags.bluekai.com/site/23178?id=bEXzBJIyPKQ3z_uqBpbn&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLCIVMHUQSKJF4VAS2RGN5F65LRIJYGE...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=bEXzBJIyPKQ3z_uqBpbn&refUrl=&type=zem&vid=65113134353095129136830460000V10&vsid=3095129136830460000V10
45 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&ovsid=bEXzBJIyPKQ3z_uqBpbn&refUrl=&type=zem&vid=65113134353095129136830460000V10&vsid=3095129136830460000V10
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:35 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://contextual.media.net/cksync.php?cs=8&ovsid=bEXzBJIyPKQ3z_uqBpbn&refUrl=&type=zem&vid=65113134353095129136830460000V10&vsid=3095129136830460000V10
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
196
Expires
Thu, 01 Dec 1994 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 421C
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3095129136830460000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3095129136830460000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=6bb94706-1861-4a24-9606-0dbc82bd842d&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=6bb94706-1861-4a24-9606-0dbc82bd842d&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:35 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=6bb94706-1861-4a24-9606-0dbc82bd842d&cs=1
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 421C 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3095129136830460000V10%26type%3Demx%26refUrl%3D%26vid%3D65113134353095129136830460000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.112.43 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
cksync
cs.media.net/ Frame 421C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8181f220-b174-4e80-bb88-6a1af451a19c
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8181f220-b174-4e80-bb88-6a1af451a19c
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:33 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=8181f220-b174-4e80-bb88-6a1af451a19c
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 046D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139913
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 24 Oct 2022 22:40:27 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 44F1 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.179.228.80 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8cdd5fd8817bef16de3908e15a9fbfacea479ea92926856c5a9b12e80fcf4337

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 23 Oct 2022 07:48:34 GMT
etag
W/"0dac44ff1cd00acba9c37f31c448bf865"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 198F 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame F700 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
a063169b2ad2f9434c66fdedfe553ed38ca1d292dcc16f618cca51d38ddb2715

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
1079
content-type
text/html
date
Sun, 23 Oct 2022 07:48:32 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 76E7 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbce68c92e5ec6240034d4d0de1b356bff69b085ae3367946a69f8ef846b541b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75e8deff1d14a81d-SYD
content-encoding
br
content-type
text/html
date
Sun, 23 Oct 2022 07:48:34 GMT
expires
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4077
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 23 Oct 2022 07:48:34 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 23 Oct 2022 07:48:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7092 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139913
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 24 Oct 2022 22:40:27 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
setuid
x.yieldlift.com/ Frame 7D93
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1YN-
0
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
138.197.50.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
0
vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L9L1SZ9R-28-2M6N&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
d264e84c9dc1a645a3048554992c5d82
Expires
0
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=6432641794665890972
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=6432641794665890972
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:33 GMT
AN-X-Request-Uuid
32307ed6-4112-4418-9944-5e07ab4d211c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=6432641794665890972
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FhyUCRZH617-XMg1RvqO2y5t
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FhyUCRZH617-XMg1RvqO2y5t
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FhyUCRZH617-XMg1RvqO2y5t
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FhyUCLZHImP2eqNJQAKlddPI
0
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FhyUCLZHImP2eqNJQAKlddPI
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sun, 23 Oct 2022 07:48:34 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FhyUCLZHImP2eqNJQAKlddPI
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=030fd5ab-a680-4afc-9da0-aa306c6b1c16
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=030fd5ab-a680-4afc-9da0-aa306c6b1c16
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=314&uid=030fd5ab-a680-4afc-9da0-aa306c6b1c16
date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
119
vary
Origin
content-type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1666511313933
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=797513429
  • https://sync.1rx.io/usersync/tradedesk/8181f220-b174-4e80-bb88-6a1af451a19c
  • https://sync.targeting.unrulymedia.com/csync/RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
date
Sun, 23 Oct 2022 07:48:34 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXeb961c935c33438c82eeaa9cae1c411b004
content-type
text/html
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1917759394487628131
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=1917759394487628131
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=1917759394487628131
Date
Sun, 23 Oct 2022 07:48:34 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=3712868a-14aa-4979-9d44-5db28d438993
0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=332&uid=3712868a-14aa-4979-9d44-5db28d438993
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-lax-1-5-79
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://ads.servenobid.com/sync?pid=332&uid=3712868a-14aa-4979-9d44-5db28d438993
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 7D93
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F272%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D33df9250-78ac-4ebd-a2de-f284803e48fc%26bidder%3Dappnexus%26cbx%3D...
  • https://prebid.a-mo.net/cchain/0/272?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=33df9250-78ac-4ebd-a2de-f284803e48fc&bidder=appnexus&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&u...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F272%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D33df9250-78ac-4ebd-a2de-f284803e48fc%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
content-length
0

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=1&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fcchain%252F1%252F272%253Fgdpr%253D0%2526gdpr_consent%253D%2526us_privacy%253D1YN-%2526A%253D33df9250-78ac-4ebd-a2de-f284803e48fc%2526bidder%253Dpubmatic%2526cbx%253DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%25253D%2526uid%253D%2523PMUID
date
Sun, 23 Oct 2022 07:48:33 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
date
Sun, 23 Oct 2022 07:48:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ Frame 7D93
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-c12c0b2b-2cd6-3eb7-8dcc-dacdd4c35199&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
  • https://ssp.disqus.com/match?bidder=12&buyeruid=FhyUCRZH617-XMg1RvqO2y5t&r=Cid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYz...
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkqU2h0dHBzOi8vYWRz...
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=1&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F1882%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D33df925...
  • https://prebid.a-mo.net/cchain/0/1882?gdpr=0&gdpr_consent=&us_privacy=&A=33df9250-78ac-4ebd-a2de-f284803e48fc&bidder=index_rtb&cbx=aHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFqTV...
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F1882%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D33df9250-...
  • https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMz...
0
0
sync
ads.servenobid.com/ Frame 7D93
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-0wBdU6BE2uGERBM98FfO8WFh6OGENzD88s7NzD0-~A
date
Sun, 23 Oct 2022 07:48:33 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 8906
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRkMGE2YzQxZmRjNmZkZjdiZjVhZjIwNWYwOTcxYTUxZjY4ZWE4Yg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRkMGE2YzQxZmRjNmZkZjdiZjVhZjIwNWYwOTcxYTUxZjY4ZWE4Yg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MDRkMGE2YzQxZmRjNmZkZjdiZjVhZjIwNWYwOTcxYTUxZjY4ZWE4Yg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 8906
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8181f220-b174-4e80-bb88-6a1af451a19c&gdpr=0&gdpr_consent=&expires=30
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8181f220-b174-4e80-bb88-6a1af451a19c&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=8181f220-b174-4e80-bb88-6a1af451a19c&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 8906
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEX2jz_XWcV-BScGrWnnH6Y&google_cver=1
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEX2jz_XWcV-BScGrWnnH6Y&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:33 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEEX2jz_XWcV-BScGrWnnH6Y&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 8906
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/wj0mMdM4sG8ZoOIFUIZPu8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7888463426340167916
42 B
691 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7888463426340167916
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7888463426340167916
content-length
0
setuid
px.ads.linkedin.com/ Frame 8906
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9L1SZ9R-28-2M6N
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9L1SZ9R-28-2M6N
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H2
Server
13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 66F3FDB675394A24935D9B0867C3091E Ref B: SYD03EDGE1406 Ref C: 2022-10-23T07:48:34Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXrrubuue/ZruibIHXU3Q==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L9L1SZ9R-28-2M6N
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 8906
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMMVNaOVItMjgtMk02Tg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMMVNaOVItMjgtMk02Tg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
H3
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDlMMVNaOVItMjgtMk02Tg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 8906
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=GjWoNnBdSZOJTsvS0BhdDg&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GjWoNnBdSZOJTsvS0BhdDg
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GjWoNnBdSZOJTsvS0BhdDg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Server
52.46.130.91 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
SHG5AZ8F8CP1MW89GPFH
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=GjWoNnBdSZOJTsvS0BhdDg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 8906
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=OxXrHjNTQLW6G-K48Wfu2g&rk=usync-other
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxXrHjNTQLW6G-K48Wfu2g
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxXrHjNTQLW6G-K48Wfu2g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/jin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html
Protocol
HTTP/1.1
Server
52.95.125.22 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:36 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
MCC1QMNV40RWT49EQ5Q9
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=OxXrHjNTQLW6G-K48Wfu2g
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
async_usersync
ib.adnxs.com/ Frame A090 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.150.228 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:33 GMT
AN-X-Request-Uuid
1888477d-d4b1-435c-aba8-01d15849559d
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame F700 		0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=21919731045700714&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame F700
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_6354f1cc0e4d9&gdpr=0&gdpr_consent=
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_6354f1cc0e4d9&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

date
Sun, 23 Oct 2022 07:48:35 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=69&partneruserid=05030001_6354f1cc0e4d9&gdpr=0&gdpr_consent=
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
/
rtb-csync.smartadserver.com/redir/ Frame F700
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7237976742445119844&gdpr=0&gdpr_consent=
43 B
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7237976742445119844&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=7237976742445119844&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
/
rtb-csync.smartadserver.com/redir/ Frame F700
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=042f2c9b4dc19b9bb2a78afa0cd4ab39&gdpr=0&gdpr_consent=0
43 B
345 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=042f2c9b4dc19b9bb2a78afa0cd4ab39&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.38 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=042f2c9b4dc19b9bb2a78afa0cd4ab39&gdpr=0&gdpr_consent=0
x-kong-upstream-latency
4
content-type
text/html; charset=UTF-8
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
/
csync.loopme.me/ Frame F700 		0
40 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://csync.loopme.me/?redirect=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D124%26partneruserid%3D%7Bdevice_id%7D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.174.31 -, , ASN (),
Reverse DNS
Software
_ /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
server
_
crum
dsum-sec.casalemedia.com/ Frame 76E7
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6432641794665890972
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6432641794665890972
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
AN-X-Request-Uuid
44b96113-7225-4218-81ab-89ad1d8e08b1
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=6432641794665890972
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 76E7
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
54.254.141.48 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-141-48.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame 76E7
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y1Tx0gACgf-GIgAO
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1Tx0gACgf-GIgAO&_test=Y1Tx0gACgf-GIgAO
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1Tx0gACgf-GIgAO&_test=Y1Tx0gACgf-GIgAO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10155-SYD
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
via
1.1 varnish
server
Varnish
x-timer
S1666511315.906387,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1Tx0gACgf-GIgAO&_test=Y1Tx0gACgf-GIgAO
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rum
dsum-sec.casalemedia.com/ Frame 76E7
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8272855404275733541
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8272855404275733541
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=8272855404275733541
pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
tp_out
d.adroll.com/cm/index/ Frame 76E7 		42 B
180 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.76.242.203 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-76-242-203.ap-southeast-1.compute.amazonaws.com
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
rum
dsum-sec.casalemedia.com/ Frame 76E7
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YXIP6DFwWbl6IFvvZyUXvTVyWbl6cQ7oYHEvf1fO
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YXIP6DFwWbl6IFvvZyUXvTVyWbl6cQ7oYHEvf1fO
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:34 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=YXIP6DFwWbl6IFvvZyUXvTVyWbl6cQ7oYHEvf1fO
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 76E7
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AARguE7GqeQAACIuL6Q1yg&expiration=1667720914
Date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
demconf.jpg
dpm.demdex.net/ Frame 76E7
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
54.187.141.88 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS
dcs-prod-usw2-2-v040-0263d6329.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
W4RDJvUbRRA=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-2-v040-0cefd52c0.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
tscBwf64TxU=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
sync
ads.servenobid.com/ Frame 76E7 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y1TxzP_CpYnS_5NnG8f3RQAAE28AAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=6432641794665890972
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=6432641794665890972
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
AN-X-Request-Uuid
dc108ab0-2003-4e07-9e62-ade2bf8d0985
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://usersync.gumgum.com/usersync?b=apn&i=6432641794665890972
Connection
keep-alive
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e63cc242-f8e2-4c4a-963c-648969a8ff0e
  • https://pool.admedo.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=e63cc242-f8e2-4c4a-963c-648969a8ff0e
  • https://x.bidswitch.net/sync?dsp_id=23&expires=14&user_id=94823392-6625-43f1-82ec-811eb4022886&user_group=1&ssp=gumgum2&bsw_param=e63cc242-f8e2-4c4a-963c-648969a8ff0e
  • https://usersync.gumgum.com/usersync?b=bsw&i=e63cc242-f8e2-4c4a-963c-648969a8ff0e
0
0
cookie-sync
sync.outbrain.com/ Frame 44F1
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28qk2Svf6zDDyfjqa4Xz39TBtKd-oRGJ-B4ublPUajbRiq5Yfh5nTIeOIeGjhtN8iX%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13&obuid=ENC(qk2Svf6zDDyfjqa4Xz39TBtKd-oRGJ-B4ublPUajbRiq5Yfh5nTIeOIeGjhtN8iX)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://creativecdn.com/cm-notify?pi=outbrain&gdpr=$GDPR_APPLIES&gdpr_consent=$CONSNT_STRING&us_privacy=$CCPA
  • https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nQY4NTO02CTjkxQH6l62&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
0
0
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=b811df4d-dcda-4177-9045-d216e7177fe9
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=b811df4d-dcda-4177-9045-d216e7177fe9
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 23 Oct 2022 07:48:34 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=b811df4d-dcda-4177-9045-d216e7177fe9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7ff53f57-2c23-4e24-7f0e-5be39f8d54cd$ip$173.245.209.112
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-7ff53f57-2c23-4e24-7f0e-5be39f8d54cd$ip$173.245.209.112
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-7ff53f57-2c23-4e24-7f0e-5be39f8d54cd$ip$173.245.209.112
Date
Sun, 23 Oct 2022 07:48:34 GMT
Connection
keep-alive
Content-Length
129
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3j6aZKBE2pdpoj4MTYaGi9YROElBNRYY7LeB~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3j6aZKBE2pdpoj4MTYaGi9YROElBNRYY7LeB~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Sun, 23 Oct 2022 07:48:34 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3j6aZKBE2pdpoj4MTYaGi9YROElBNRYY7LeB~A
content-length
0
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=c3f412b7-41c5-47c9-b509-1f6d780cd6d4
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=c3f412b7-41c5-47c9-b509-1f6d780cd6d4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=c3f412b7-41c5-47c9-b509-1f6d780cd6d4
Date
Sun, 23 Oct 2022 07:48:35 GMT
Connection
keep-alive
X-CI-RTID
02be924c-d4bc-46cc-8d04-b9e115f61ca2
Content-Length
108
Content-Type
text/html; charset=utf-8
services
sync.technoratimedia.com/ Frame 44F1 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.148.45.191 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
185384440
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame 44F1 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
content-length
0
server
a
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=mYmPRxfDKsrl9BtvdO9l&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT23KZNVIFE6DGIRFXG4TMHFBHI5TEJ44WY...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mYmPRxfDKsrl9BtvdO9l&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mYmPRxfDKsrl9BtvdO9l&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=mYmPRxfDKsrl9BtvdO9l&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=a3dac7fc-a4ef-45b9-98ed-64963f28f296
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=a3dac7fc-a4ef-45b9-98ed-64963f28f296
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=a3dac7fc-a4ef-45b9-98ed-64963f28f296
access-control-allow-origin
*
date
Sun, 23 Oct 2022 07:48:35 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004&rndcb=4691924812
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=e63cc242-f8e2-4c4a-963c-648969a8ff0e&google_hm=ZTYzY2MyNDItZjhlMi00YzRhLTk2M2MtNjQ4OTY5YThm...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESENgmhz6PfWXRBFvnp3ncJu8&google_cver=1&ssp=adconductor&bsw_param=e63cc242-f8e2-4c4a-963c-648969a8ff0e
  • https://sync.1rx.io/usersync/bidswitch/e63cc242-f8e2-4c4a-963c-648969a8ff0e?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
  • https://usersync.gumgum.com/usersync?b=rhy&i=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=rhy&i=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=rhy&i=RX-eb961c93-5c33-438c-82ee-aa9cae1c411b-004
date
Sun, 23 Oct 2022 07:48:36 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXeb961c935c33438c82eeaa9cae1c411b004
content-type
text/html
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=UC0EFDFN50up&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=UC0EFDFN50up&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:35 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
location
https://usersync.gumgum.com/usersync?b=pln&i=UC0EFDFN50up&ev=1&pid=558355
content-language
en-AU
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-74995b8c8d-bgqpm
expires
-1
usersync
usersync.gumgum.com/ Frame 44F1
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=21919731045700714
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=21919731045700714
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=21919731045700714
date
Sun, 23 Oct 2022 07:48:35 GMT
content-length
0
sync
ads.servenobid.com/ Frame 44F1 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_0cb2a49c-a04b-40a3-a2d6-cc98b2b46f13
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:34 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4077 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46229
Connection
keep-alive
Content-Length
9455
Expires
Sun, 23 Oct 2022 20:39:03 GMT
usync.js
eus.rubiconproject.com/ Frame 14A2 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:34 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46229
Connection
keep-alive
Content-Length
9455
Expires
Sun, 23 Oct 2022 20:39:03 GMT
usersync
usersync.gumgum.com/ Frame 464B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:34 GMT
Expires
Sun, 23 Oct 2022 07:48:33 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x21 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 9384
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr
  • https://usersync.gumgum.com/usersync?b=atm&i=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 23 Oct 2022 07:48:34 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=&_test=Y1Tx0gAAALWulwAr
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10155-SYD
x-timer
S1666511315.966028,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 2512 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV8wY2IyYTQ5Yy1hMDRiLTQwYTMtYTJkNi1jYzk4YjJiNDZmMTM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 23 Oct 2022 07:48:34 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 439B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.228.208 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=139913
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:34 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 24 Oct 2022 22:40:27 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 4B67
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=8181f220-b174-4e80-bb88-6a1af451a19c
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=ttd&i=8181f220-b174-4e80-bb88-6a1af451a19c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
private,no-cache, must-revalidate
content-length
193
content-type
text/html
date
Sun, 23 Oct 2022 07:48:34 GMT
location
https://usersync.gumgum.com/usersync?b=ttd&i=8181f220-b174-4e80-bb88-6a1af451a19c
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
um
cs.emxdgt.com/ Frame 914B 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.112.43 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 23 Oct 2022 07:48:34 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame EFD3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y1Tx0sCo5s4AAP-RI-kAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=Y1Tx0sCo5s4AAP-RI-kAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Sun, 23 Oct 2022 07:48:34 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=Y1Tx0sCo5s4AAP-RI-kAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
1
X-SO-Cluster-ID
0
X-SO-HostName
m-ad122.dc4p.scaleout.jp
X-SO-IP
173.245.209.112
X-SO-Key
Y1Tx0sCo5s4AAP-RI-kAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.112","key":"Y1Tx0sCo5s4AAP-RI-kAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad122"}
X-SO-LB-Hostname
a-tgng40010.dc2p.scaleout.jp
X-SO-Upstream-ID
m-ad122
usersync
usersync.gumgum.com/ Frame 3615
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=iex&i=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
0
Pragma
no-cache

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
75e8df049ba7a81d-SYD
content-length
0
date
Sun, 23 Oct 2022 07:48:34 GMT
expires
0
location
https://usersync.gumgum.com/usersync?b=iex&i=Y1TxzP-CpYnS-5NnG8f3RQAA%264975
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
server
cloudflare
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame FB74
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=nQY4NTO02CTjkxQH6l62&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=nQY4NTO02CTjkxQH6l62&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:36 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Sun, 23 Oct 2022 07:48:35 GMT Sun, 23 Oct 2022 07:48:35 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=nQY4NTO02CTjkxQH6l62&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 37FA
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 23 Oct 2022 07:48:35 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 23 Oct 2022 07:48:34 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
PugMaster
image6.pubmatic.com/AdServer/ Frame 046D 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=89559511&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
231710e13a1a668bd7e1503c5df7aa4a12ae9a729eb74e9803d464e9247a383d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 23 Oct 2022 07:48:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cksync.php
contextual.media.net/ Frame 14A2
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L9L1SZ9R-28-2M6N
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9L1SZ9R-28-2M6N
45 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9L1SZ9R-28-2M6N
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 23 Oct 2022 07:48:35 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 23 Oct 2022 07:48:35 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L9L1SZ9R-28-2M6N
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
38ddff6a66d3988dfd0c6ea3be81c5f1
Expires
0
sync
ads.servenobid.com/ Frame 4077
Redirect Chain
  • https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L9L1SZ9R-28-2M6N
  • https://ads.servenobid.com/sync?pid=323&uid=L9L1SZ9R-28-2M6N
0
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=323&uid=L9L1SZ9R-28-2M6N
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
H2
Server
34.252.126.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-126-43.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:36 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://ads.servenobid.com/sync?pid=323&uid=L9L1SZ9R-28-2M6N
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
20e8391fc78a9019eb67dba4b22f0ac2
Expires
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 8413 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstg93abDsNSxDCSogChgmzjtI4mmO5gyImcdIu_N44ZrrDGVJMD35moBqRJpm8F7m-Ko4-cQHkToOFnaSLYhhk1IJ1KfWd2BAPvhvXSl1WrocWcVUjgxFs0oHESzH0Omuz_6ao&sai=AMfl-YTlBbpd6QW13OxUC0ARE1nX9bQNp8gg-GWAvjbcoqcOwc-2ZX7Y9Nha3g-ddKyJ2sPsbTiMb6rd612xb6_OhW41HevS9bXC8Gpji9cTAimq2VJMg_5gnVgwSDm8kQ&sig=Cg0ArKJSzAnlw14I7AABEAE&cid=CAQSOwDq26N955Z3VmnyUkTQXjHmtMOJnat3xUnm4o4DkRZD3tK92eWTxiGqsc7hpiWbE7T8aFQmoD-UHLtvGAEgDg&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221019&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=2&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1666511310196&rpt=3847&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oeaj0&_p=5209&cid=788233906.1666511309&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1666511310&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&dt=%E9%87%91%E9%90%98%E7%8D%8E%EF%BC%8F%E5%90%B3%E6%85%B7%E4%BB%81%E3%80%8C%E7%B2%89%E7%B4%85%E6%A2%9D%E7%B4%8B%E8%A1%AB%E3%80%8D%E6%9C%89%E6%B4%8B%E8%94%A5%EF%BC%81%E3%80%80%E5%BE%8C%E8%87%BA%E7%B4%84%E8%A6%8B%E5%A5%B3%E5%8F%8B%E9%82%B5%E9%9B%A8%E8%96%87%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=8
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.113 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f113.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 37FA 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 23 Oct 2022 07:48:35 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2022 18:37:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=46228
Connection
keep-alive
Content-Length
9455
Expires
Sun, 23 Oct 2022 20:39:03 GMT
match
c1.adform.net/serving/cookie/ Frame 361C 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=49EB46CE-63BE-4527-A579-DABE1267F1AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 23 Oct 2022 07:48:35 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 8352
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
42 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 23 Oct 2022 07:48:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
Sun, 23 Oct 2022 07:48:34 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4539 98cc2da master nrt-pixel-x19 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7a246354-f1cb-4200-9264-77f3fea74251&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame EC01
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=
1 B
219 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 23 Oct 2022 07:48:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Sun, 23 Oct 2022 07:48:35 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1Tx0gAAALWulwAr&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-syd10155-SYD
x-timer
S1666511315.299965,VS0,VE0
Pug
image2.pubmatic.com/AdServer/ Frame CB80
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DsQfW17GSQoVlktcCJMHDlrESQoVxx5bD8dhmhgJ
42 B
418 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DsQfW17GSQoVlktcCJMHDlrESQoVxx5bD8dhmhgJ
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 23 Oct 2022 07:48:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Sun, 23 Oct 2022 07:48:35 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=DsQfW17GSQoVlktcCJMHDlrESQoVxx5bD8dhmhgJ
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame E39E
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xjcu2tif0gw
1 B
168 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xjcu2tif0gw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Sun, 23 Oct 2022 07:48:36 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-store
content-length
0
date
Sun, 23 Oct 2022 07:48:36 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xjcu2tif0gw
lws
127.0.0.1
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
Pug
image2.pubmatic.com/AdServer/ Frame 4E4F
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6432641794665890972&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6432641794665890972&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Sun, 23 Oct 2022 07:48:34 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

AN-X-Request-Uuid
59581572-6224-4c31-a15d-3d8986b6e9df
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=utf-8
Date
Sun, 23 Oct 2022 07:48:35 GMT
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6432641794665890972&gdpr=0&gdpr_consent=
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma
no-cache
Server
nginx/1.21.3
X-Proxy-Origin
173.245.209.112; 173.245.209.112; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
setuid
x.yieldlift.com/ Frame 9522 		0
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://x.yieldlift.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=1YN-&uid=49EB46CE-63BE-4527-A579-DABE1267F1AD
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.197.50.103 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 23 Oct 2022 07:48:35 GMT
strict-transport-security
max-age=15724800; includeSubDomains
vary
Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 046D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=SetGzmO-RSeledq-EmfxrQ%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
104.65.228.208 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=139912
accept-ranges
bytes
content-length
5549
expires
Mon, 24 Oct 2022 22:40:27 GMT

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ddp
pippio.com/api/sync/ Frame 046D
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=49EB46CE-63BE-4527-A579-DABE1267F1AD
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJDQ5RUI0NkNFLTYzQkUtNDUyNy1BNTc5LURBQkUxMjY3RjFBRBAAGg0I0-PTmgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=9b9020b919624e9f68633bead83ea84acaa742761c8b380542ff370ff7d83326791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlA5YjkwMjBiOTE5NjI0ZTlmNjg2MzNiZWFkODNlYTg0YWNhYTc0Mjc2MWM4YjM4MDU0MmZmMzcwZmY3ZDgzMzI2NzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5YjkwMjBiOTE5NjI0ZTlmNjg2MzNiZWFkODNlYTg0YWNhYTc0Mjc2MWM4YjM4MDU0MmZmMzcwZmY3ZDgzMzI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1OPTmgYSBAgCEABCAEoA&goog...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 046D
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a246354-f1cb-4200-9264-77f3fea74251
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a246354-f1cb-4200-9264-77f3fea74251
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.195 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:36 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Sun, 23 Oct 2022 07:48:35 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x15 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7a246354-f1cb-4200-9264-77f3fea74251
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 23 Oct 2022 07:48:34 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 046D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDlFQjQ2Q0UtNjNCRS00NTI3LUE1NzktREFCRTEyNjdGMUFE&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 23 Oct 2022 07:48:34 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 046D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH0l8f4N8Y2usaTCwYYU8XY&google_cver=1
42 B
298 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH0l8f4N8Y2usaTCwYYU8XY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
67.199.150.86 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 23 Oct 2022 07:48:35 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEH0l8f4N8Y2usaTCwYYU8XY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame 046D 		43 B
409 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.126.167.117 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
117.167.126.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sat, 22 Oct 2022 07:48:35 GMT
49EB46CE-63BE-4527-A579-DABE1267F1AD
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 046D 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/49EB46CE-63BE-4527-A579-DABE1267F1AD?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.141.48 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-141-48.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 23 Oct 2022 07:48:35 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 046D
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8181f220-b174-4e80-bb88-6a1af451a19c
42 B
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8181f220-b174-4e80-bb88-6a1af451a19c
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Sun, 23 Oct 2022 07:48:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Sun, 23 Oct 2022 07:48:35 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=8181f220-b174-4e80-bb88-6a1af451a19c
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
313
usersync
usersync.gumgum.com/ Frame 37FA
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L9L1SZ9R-28-2M6N
  • https://usersync.gumgum.com/usersync?b=mag&i=L9L1SZ9R-28-2M6N
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=mag&i=L9L1SZ9R-28-2M6N
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Server
54.238.120.71 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Sun, 23 Oct 2022 07:48:36 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://usersync.gumgum.com/usersync?b=mag&i=L9L1SZ9R-28-2M6N
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
SPug
simage4.pubmatic.com/AdServer/ Frame 046D 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=419&user_id=10525123437749381604&ssp=adaptmx&gdpr=0&gdpr_consent=
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?gdpr=0&gdpr_consent=&us_privacy=&loc=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D18%26buyeruid%3D%5BUID%5D%26r%3DCid1YS1jMTJjMGIyYi0yY2Q2LTNlYjctOGRjYy1kYWNkZDRjMzUxOTkq3gNodHRwczovL3ByZWJpZC5hLW1vLm5ldC9jY2hhaW4vMi8xODgyP2dkcHI9MCZnZHByX2NvbnNlbnQ9JnVzX3ByaXZhY3k9JkE9MzNkZjkyNTAtNzhhYy00ZWJkLWEyZGUtZjI4NDgwM2U0OGZjJmJpZGRlcj16ZXRhJmNieD1hSFIwY0hNNkx5OXpjM0F1WkdsemNYVnpMbU52YlM5dFlYUmphRDlpYVdSa1pYSTlOaVp5UFVOcFpERlpVekZxVFZSS2FrMUhTWGxaYVRCNVdUSlJNa3hVVG14WmFtTjBUMGRTYWxsNU1XdFpWMDVyV2tSU2FrMTZWWGhQVkd0eFZUSm9NR1JJUW5wUGFUaDJXVmRTZWt4dVRteGpibHBzWW0wNWFXRlhVWFZaTWpsMFRETk9OV0p0VFY5alIyeHJVRlJOTUU1cFdqRmhWMUU1WkZkRmRGbDZSWGxaZWtKcFRXMUpkRTF0VG10T2FUQjZXbGRKTTB4VWFHdFpNazEwV2tkR2FscEhVVEJaZWsweFRWUnJOVTFuU1UxQ2FtZERKbUoxZVdWeWRXbGtQUSUzRCUzRCZ1aWQ9dWEtYzEyYzBiMmItMmNkNi0zZWI3LThkY2MtZGFjZGQ0YzM1MTk5MgESOAE=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=bsw&i=e63cc242-f8e2-4c4a-963c-648969a8ff0e
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/cookie-sync?p=rtbhouse&uid=nQY4NTO02CTjkxQH6l62&pi=outbrain&gdpr=%24GDPR_APPLIES&gdpr_consent=%24CONSNT_STRING&us_privacy=%24CCPA
Domain
pippio.com
URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlA5YjkwMjBiOTE5NjI0ZTlmNjg2MzNiZWFkODNlYTg0YWNhYTc0Mjc2MWM4YjM4MDU0MmZmMzcwZmY3ZDgzMzI2NzkxNDI2YjU0MTdkY2UyMRAAGgwI1OPTmgYSBAgCEABCAEoA&google_gid=CAESEGGiB6APz-s51zBqMKIExdQ&google_cver=1
Domain
simage4.pubmatic.com
URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| adRecover object| google_reactive_ads_global_state number| ampAdSlotIdCounter object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| _apPbJsChunk object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

81 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQrLHCnsAwCgoIgQIQrLHCnsAwCgoI4gEQrLHCnsAwCgoI5gEQrLHCnsAwCgoIhwIQrLHCnsAwCgkICRCsscKewDAKCQg6EKyxwp7AMAoJCAsQrLHCnsAwCgoIjAIQrLHCnsAwCgkIXxCsscKewDA=
.aralego.com/ Name: sspid
Value: 217f3b73-3dae-30f3-bbac-9f5bab0f0a91
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: 0e53fced-c6f1-47aa-8c16-9a94abd314e2
.bg3.co/ Name: __gpi
Value: UID=00000b69b7e6cadf:T=1666511306:RT=1666511306:S=ALNI_MZzhtUkB4JK1IenC1itnYwp9ddoww
.doubleclick.net/ Name: IDE
Value: AHWqTUkC3lIdVS0cZ4zyTY7Vi9VYh6ApuPbN2sEDv-UGcZZ2DnUnuvFMNbieMalSK-Q
.adpushup.com/ Name: ap_uid
Value: 141f11f0-52a7-11ed-87c1-000d3aa3ec42
.adpushup.com/ Name: ap_usid
Value: 141f11f1-52a7-11ed-87c1-000d3aa3ec42
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 9c804464-5d48-46d6-ade8-0a134b604d52
.mathtag.com/ Name: uuid
Value: 7a246354-f1cb-4200-9264-77f3fea74251
.mathtag.com/ Name: mt_mop
Value: 4:1666511307
.w55c.net/ Name: wfivefivec
Value: jv4e2VnL1OMvID5
.w55c.net/ Name: matchgoogle
Value: 5
.openx.net/ Name: i
Value: 9c804464-5d48-46d6-ade8-0a134b604d52|1666511308
.uncn.jp/ Name: t
Value: v_e7ed7a80-9fd7-4ab6-a0e6-ced96e275b18
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7ff53f57-2c23-4e24-7f0e-5be39f8d54cd.GUDrK1yQe4iOdIzhaCRX82HJDJB1zABrzaiIE7Ny1OU
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Af_U_VywjTiR_Dlvjn41Uza310XA.XYdIvvXYB30x6VtWKOwGIvCta%2FSxrSXfCeO1%2F6CAtUQ
.dyntrk.com/ Name: dyn_u
Value: 05030001_6354f1cc0e4d9
.simpli.fi/ Name: suid
Value: F57B823842704DEC82B8DCFA07ADE4AE
.yahoo.com/ Name: A3
Value: d=AQABBMzxVGMCENcZY4ZlVjjI96q5DMOeInUFEgEBAQFDVmNeYwAAAAAA_eMAAA&S=AQAAArTCtWCRJseZPOKYtFY2HDE
.casalemedia.com/ Name: CMID
Value: Y1TxzP-CpYnS-5NnG8f3RQAA
.casalemedia.com/ Name: CMPS
Value: 4975
.casalemedia.com/ Name: CMPRO
Value: 4975
.smartadserver.com/ Name: pid
Value: 21919731045700714
.send.microad.jp/ Name: TR
Value: b36b76cc0d446bae3abc64bc2a56640ba8ea6575bd84898a
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwzOPTmgY4AUABSAEQzOPTmgYYAA..
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2C%uv!ySP!]tbPl1M>e)ZlrFUfJ+tGXxoTE>1x6HMDOsa8Tj*?<3?_PrPtKZsjdDU^6Uu3If)y3KL9D3I?+86BVBP
.adnxs.com/ Name: uuid2
Value: 6432641794665890972
.omnitagjs.com/ Name: ayl_visitor
Value: 042f2c9b4dc19b9bb2a78afa0cd4ab39
.mediago.io/ Name: __mguid_
Value: 2d58beb1a849dee42b783414dfe7a209
.rubiconproject.com/ Name: khaos
Value: L9L1SZ9R-28-2M6N
.dap.fw-ad.jp/ Name: user
Value: 6dfbddd1-6a28-310b-ac23-1eec3b5623d0
.dap.fw-ad.jp/ Name: gcm_usec
Value: 1666511308677000
.prebid.a-mo.net/ Name: __amc
Value: 1_1666511308_1666511308
.a-mo.net/ Name: amuid2
Value: 33df9250-78ac-4ebd-a2de-f284803e48fc
.prebid.a-mo.net/ Name: sd_amuid2
Value: 33df9250-78ac-4ebd-a2de-f284803e48fc
.teads.tv/ Name: tt_viewer
Value: 3834739b-7fe2-4aee-b7af-c328405c5c8b
.adkernel.com/ Name: ADKUID
Value: A4471303157650948019
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A4471303157650948019
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1666511310.1.0.1666511310.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.788233906.1666511309
.bg3.co/ Name: __gads
Value: ID=07b1bcddef64eb0a:T=1666511306:S=ALNI_Mbh978XYmmQnWH5M0-IEJN9bk5h5w
.quantserve.com/ Name: mc
Value: 6354f1ce-aa30d-ab3ce-04470
.bg3.co/ Name: __qca
Value: P0-1008184132-1666511310523
.doubleclick.net/ Name: DSID
Value: NO_DATA
.blismedia.com/ Name: b
Value: 6354F1CF463AEE98D4E87BE7BLIS
.openx.net/ Name: pd
Value: v2|1666511312|jElYiuvOiahI
.analytics.yahoo.com/ Name: IDSYNC
Value: "18yx~27vj:196y~27vj"
.adsrvr.org/ Name: TDID
Value: 8181f220-b174-4e80-bb88-6a1af451a19c
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22440de6ae-8e4b-4970-b4f1-4eecc119f57a%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222022-10-23T07%3A48%3A32%22%7D
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.3lift.com/ Name: tluid
Value: 1156640533613960823843
.yandex.ru/ Name: yuidss
Value: 1734129421666511312
.yandex.ru/ Name: yandexuid
Value: 1734129421666511312
.openx.net/ Name: univ_id
Value: 537072971|8181f220-b174-4e80-bb88-6a1af451a19c|1666511312962908
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIUsZsSCZ7vZbUyebV3a1stdA/CjcdX4xTwGgZlTwib0CtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Em9dRdKCTFZDCax3pyYFnS0=
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY2NTExMzEzfQ
.media.net/ Name: visitor-id
Value: 3095129136830460000V10
.ladsp.com/ Name: cr
Value: 1
.turn.com/ Name: uid
Value: 8272855404275733541
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.bg3.co/ Name: cto_bundle
Value: CqdIL184aElTeGhHclZsSGpKV2xXSmZQTWRxRmtmRk9mZVFqcXB3TnRYb2RJTE1TblZoUHBiNG9YJTJGYW5OeTU0SEhxUGh4eUJRZnBTYlFGSFJkQm5WdXpKa2VJZ2s2UzRKM1M5dm0wMzdDb1VpNldJJTNE
.bg3.co/ Name: cto_bidid
Value: 8R5BTl82UHdqOXVqQWIyUTQ3OUVTUCUyQmg2aEI4U1Rra29FdzJIcW5EcFU4OTVoekM0S05vaWNOd2ViVEtvWGp5eFhuWUhKNDFNRFVFR2F5N1IyJTJGa1EwQVg2aUElM0QlM0Q
.bing.com/ Name: MUID
Value: 194E130F6AEC6B9A2EB101496BDE6A3C
.c.bing.com/ Name: MR
Value: 0
.bidswitch.net/ Name: tuuid
Value: e63cc242-f8e2-4c4a-963c-648969a8ff0e
.bidswitch.net/ Name: c
Value: 1666511313
.bidswitch.net/ Name: tuuid_lu
Value: 1666511313
.w55c.net/ Name: matchmedianet
Value: 5
.linkedin.com/ Name: li_sugr
Value: 802632e4-dfd2-4113-84a9-3d8416f7ed9a
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&08ed3dec-de8f-4f3b-8033-2cdfb45e3de1"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2936:u=1:x=1:i=1666511313:t=1666597713:v=2:sig=AQFLzyT3ICIiZfD91Z_8O06wEVwcFlXq"
.ladsp.com/ Name: smn_uid
Value: 7jSXX6xJxUEzW0pM-nnvbA7_4wgyXZs
.ladsp.com/ Name: lum
Value: CNa1wp7AMBIFCAMQ0AU
.casalemedia.com/ Name: CMTS
Value: 4765
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGY2FzYWxlEgsImpm_xqC1mjsQBRIWCgdydWJpY29uEgsIsMHJy6C1mjsQBRgBIAIoAjILCKTq4_W2tZo7EAU4AVoHOG0zM3prNGAC

14 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1666511305&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fjin-zhong-jiang-wu-kang-ren-fen-hong-tiao-wen-shan-you-yang-cong-hou-tai-yue-jian-nu-you-shao-yu-wei.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1666511303740&bpp=5&bdt=1342&idt=2085&shv=r20221019&mjsv=m202210130101&ptt=5&saldr=sa&correlator=3498151025396&frm=23&ife=1&pv=1&ga_vid=1716437477.1666511306&ga_sid=1666511306&ga_hid=854115069&ga_fc=0&ga_cid=amp-3lii_U2kiAUHNqHWB0Mygg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1786&biw=1600&bih=1200&isw=336&ish=280&ifk=917873914&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C42531705%2C31069177%2C44775016&oid=2&pvsid=2277460202082333&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.bfdkibjv7hit&btvi=1&fsb=1&dtd=2099
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://cdn.adpushup.com/42753/L2EvamluLXpob25nLWppYW5nLXd1LWthbmctcmVuLWZlbi1ob25nLXRpYW8td2VuLXNoYW4teW91LXlhbmctY29uZy1ob3UtdGFpLXl1ZS1qaWFuLW51LXlvdS1zaGFvLXl1LXdlaS5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: about:blank
Message:
The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/4389438816028964892/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security error URL: https://2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 12)
Message:
Refused to frame 'https://pagead2.googlesyndication.com/' because it violates the following Content Security Policy directive: "frame-src cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp=er3$/4389438816028964892/index.html".
network error URL: https://s0.2mdn.net/sadbundle/2129343214390369436/null
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2755bbf7f23755e5a99b9365f561917e.safeframe.googlesyndication.com
430036f1df7f305d3a84fc945b162b92.safeframe.googlesyndication.com
66ea0c6c1a8a2604d88014e049eafc3c.safeframe.googlesyndication.com
a.teads.tv
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
aid.send.microad.jp
an.yandex.ru
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.ambientdsp.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
cr-p3.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-18355537582446915420.ampproject.net
d.adroll.com
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
ds.uncn.jp
dsp.adkernel.com
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google.dap.fw-ad.jp
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
htlb.casalemedia.com
ib.adnxs.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
jp-u.openx.net
js-sec.indexww.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.amazon-adsystem.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
tr.blismedia.com
trace.mediago.io
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
visitor.omnitagjs.com
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
pippio.com
simage4.pubmatic.com
sync.go.sonobi.com
sync.outbrain.com
usersync.gumgum.com
x.bidswitch.net
103.229.10.180
103.229.205.242
103.231.98.194
103.231.98.195
104.16.87.20
104.17.24.14
104.18.101.194
104.18.13.76
104.18.18.126
104.18.19.126
104.211.156.162
104.254.148.252
104.254.150.228
104.26.2.91
104.26.5.103
104.65.228.208
104.69.148.168
104.83.196.24
104.83.197.63
108.138.36.45
13.107.21.200
13.107.42.14
13.227.254.100
13.250.181.211
13.33.33.43
13.76.45.37
135.125.160.77
138.197.50.103
139.5.84.243
139.99.49.250
141.148.45.191
142.250.4.154
142.251.10.113
142.251.10.157
142.251.10.94
145.40.89.200
151.101.129.108
151.101.66.49
172.217.194.155
172.217.194.157
172.253.118.155
172.253.118.157
174.137.133.49
18.138.18.111
18.140.149.174
18.179.228.80
18.182.109.211
18.182.120.145
18.182.192.59
18.210.86.232
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
185.184.8.90
185.84.60.21
198.8.71.130
202.233.84.1
202.241.208.55
209.191.163.208
209.58.188.181
23.106.127.164
23.106.127.38
23.106.69.73
23.108.102.145
23.15.148.136
23.211.140.130
23.36.49.63
23.59.168.81
23.9.185.218
34.107.148.139
34.126.167.117
34.252.126.43
34.96.105.8
34.98.64.218
35.208.249.213
35.213.109.249
35.213.117.18
35.213.12.39
35.214.174.31
35.244.159.8
35.71.178.8
38.91.45.7
50.116.239.135
52.200.71.191
52.223.40.198
52.38.91.115
52.45.175.185
52.46.130.91
52.59.108.23
52.74.162.2
52.76.242.203
52.95.125.22
54.156.112.43
54.179.183.230
54.187.141.88
54.238.120.71
54.248.170.80
54.254.141.48
64.202.112.159
67.199.150.81
67.199.150.82
67.199.150.86
69.16.175.10
69.173.151.100
69.173.158.64
69.173.158.65
72.34.250.75
74.118.186.44
74.125.200.132
74.125.200.149
74.125.200.97
74.125.24.105
74.125.24.132
74.125.24.94
74.125.24.95
74.125.68.132
74.125.68.154
74.214.196.131
84.17.37.44
93.158.134.90
00888ecceba25e1aaafd2e1f45fb7728d5369aa89c88920f96a1b74fe57c176f
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
02370c70ea349d4b8332b5ed84f0759ed904116ea3e3f353da04a4190bb6565b
02ebc319500d29d704855de3d846bbb2479434953bb7b34f533122f432ce33bf
03709640fca8eaa5c3d045bf5467ff27f4f77a288f7f403b668206e9b1bfa691
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
06bfe32dadc0adcfd69a6bf41359079661d8069c8a59846b9d3eb6734c0b0bb7
06da16002b06a44b36022933c8aa72978db6661c4491e40f81ab16ac9b9833d5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b947d3ca90cbfefe56284b2ded3cdee615f71bf629e52f8ec07425db27e072
0b0873641a2c9560aec6f0df9b98db06c902161bd64c010bc92df6efda98e7c2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5e28b4776de6558de9fd23f084172f472921a5e63d1a43f3dba20f522bd4a2
0d277a31f39423d74489130ca3f11812fbb44d3a14f20e54f9b1f58fbb53ff6d
0d3f8f4cd59f34b5d922da7703f3c2679c1600fe59675c0ff6a66953597adcf4
0d5edbf4fa2f41d5537480729dc50e6cfb4b9f5bfd07a15f0ec8e904bfedaefe
0db5efcc9ca7e4f155c62b6f7b00be173cb4361b782ab0f832582ba93510db08
105a01e04901cb632dd8856a708228ba3c4461db90168ed03a2b1614d91628f0
108156241599b5f216ac00cf5b7b0a588fca6cfdf25710f54b4e4c425b5d45df
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12c0c1ef2ab2a65042e650c5332f479fbcb93df3c8587490b2557790b4a31b5b
130b4d0812750a442bf7117e25dc3a72be8829b2af22c71707bf55885de688a8
143e7cdecd519cfed4126d6025fc3558c24f343840c4febf5e1cdaa08d78931d
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
16514189532a816704193834fc49dd030aab4a3c714e08b884d8784b08c00e46
17eb457b2c513d9a4c2ef3bfa0b7fc6fd382545f3adc376f983bd2715757f85b
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
196eb4e1c32206100f0e8ad4ec1d25770d5dc9d91acd7b7972ec369440323aaf
1a12e03c6e7368771df0045c0d29660585881ec9e385b5cc885351c2a0bc3905
1abf39d22a652dba21e59adef2ee66442f9a3a7b52c6abf94cff16fd5c27b798
1bd590b66a1bd74fcfa62febc12fb43fdef48042cc1bd7e524707ca918c41839
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1cc0f4bbddf36ccaddb0de4bc1a744df980de2b85404534c99c9d324e3144d00
1d57f235ced6c7612d5826229dedcb052a6108d1745c63e3660bc2849efb8472
1daa9f0879e8031242c0b144f052b573c7d916efaad5e50ee0f3e1e622111097
1decf50a161fc7830e2f819b3ddf4657f8e95b1a931bbb8758b245e5771136d2
231710e13a1a668bd7e1503c5df7aa4a12ae9a729eb74e9803d464e9247a383d
23da311753cf3734d3ee547d781311fb3229b8088a0337a0bf7edc63d0a8ed34
25e54e7e5f83935a72e5303f00da83d4b6297daec8d99eb6cc6846580794ad92
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
280f65f41d5c1f1c884ca450563c5830c78c3157ca8ae30083d52f653f672997
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4
2d27714da98a808cd21e3a4e2daee4772aefadb22a36ad819a1694823bbf7c5b
2ef8877e4c535f9f4a1c62d814b29975813a3f84ae6a7e64bc9f0fe7808b50be
312b9527a1d68058e4d9a65330b3e7ed630544899688fe11029b5993de9d94bc
3229cc3f42e3c00d3737ba83afe82b37391b3c3bd047891b46dfa1fc21aef09f
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
3772c62c6a77a8e84e253b4fee14543a7d93e79ddbeb0327948349a70dc84e45
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3a972bdb6f7a9ba5148f48b51946cf5f2963602b49e5445ddd20050eb243f1b4
3b17e5d516f9bd51ed05461dcca0a156e97a77768ff453f678a493de698783ec
3b50bbd46230e7f34e789af2c51828d5350d5274125fa0bbbcde4426be3fa85a
3ba32669815f7677b77f9a7b08d412f3a4ffbcea501b6689734181ddf9b6f506
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
438823f6d393bfd98852d2785a0232ffc72b8fe356cec229d5030d9f3fe8bfe8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a8014be2573ce560209a78fe2804b55f842c366f3de407fb85a56ae70f737fd
4b11a33fa63b8930d952a88a97d4b848f825456838441303fd7813e07185a781
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b67d2a1971b4c10db3e672e5498a949afc7f9b74d8185c99e7885490464bc6d
4c46f7fadb683c44c08212442b5b1af83da52fd88bda523456fc4e6d72dc70a8
4c95292096c3414324a82b3b47e4b653901a62a0bb55f2489fb679f1cc7c3143
4dfd2a89758975d4ff1b8d3985ea77fe356581c69f98e078b8d6df611fbd011b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50d5acd2ca221d9baed26076dfe9ffa86c5fcf535d1176f914bc42efe7ab823b
5281d0aca7da31a4fefbc4225e37da1e26d520d041d32690c07cc336b9ded857
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56df0a279f759f13bf5024aaf4547c82d47fad55498ba1473aece0f2c9587531
56e325573230c206a08820c195546b6a0af94e50126a9febb54f300b8b9d161a
577ca3a56b65c020c9934ce3a0e2b516156bd07e77a30321ee2baca9b3f43da9
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5e14042a106fa928ceb740c2eeb982ff73add8de599a59ac7c09ce39bd6ca133
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62fef3156e1c9aa00eedd48f3cad7427e1b27f6e2dca210d8b51d91b4ea45f01
64ceea97a2ee7f10fce190478b19d8e6d735690c6432391475532862ae658900
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66acb48e5d896c024b5ce7003d0375794e4a6603e8454e902ea448db160884d8
66b654e131c69e5a91130dbea071278f0aaf9435812b36986b8a958b5fca49f1
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83a0abac1bb4e82702cf5c238d7c99755f6dc6415fff65c751a9f886818899
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
6edc6a52155c1df80419ba5d3d32aef8e38102fca85928b8c948933c0a84f85f
6f14640c6ae0c2418df8965417897092a6cb04ca630e33b5406af772c858bc49
71c34099885facecd650032b6dd24dd92a2147f01bc58754daddf690eccc1143
7240eebf5f6748832c1b4dcb165f0206912f4e8f5b17d38c5b639b3c07c0a5e5
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7702a79581b1542e211d8dd70218a39bdc2c9243ca6403088f03cc150e9d4fec
7858905663c88e10cd5022fbce701b454be0c8bff73e1a25bbe51ee795af1f97
7b73b03a550f0ebfaa6148de688378b8c0ad661c6a02a0b8ad6c8369efb327b2
7efdd92d2d149f038cc3b34a19e9242d6243ccf226f1e301323563b37551cabe
80244828e58d49be485037391fae5fab71e1c97e896eb06c9accd8c018fd886f
816f05017eb6fb1e7b611f463d16f12d7a016881bda9f48e598ea143492d175a
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
853216c77599efbc37933c681934af9c66bfb844089c14517e129791187a96e4
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
8646c4691d5fdaeb7c5cc9b6ef69be74e0f92c504f29b9eedd136260afc18910
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8cdd5fd8817bef16de3908e15a9fbfacea479ea92926856c5a9b12e80fcf4337
8e94f562c6fd61331624e8f50c09857d29970cec0b87201f190033ddcccd6b64
8e9e5e9bc7111ba8920318226b16101367447d11aff0b28b7db632418b0ec7f7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
910612fc65208677f4e2fff60558e0f1949138a3696402a17ed5582efe0d2649
91e8bd3a37b3a0951444714dc07c68417ac878ebf22d8c7b0d10b1ce3fec1122
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
93432ee25d81d44fe76afa9d0f22d0396202cc82f73e1aeda0c4e0dcdef1804a
947746a3fbd83939a89aa693fb7117ce6b21dac1a8289194952b8c93b3fba029
94d09d5f65eb25f9b96e271ff98b456caef79dbd9d2a8c8a8161ca7ac93f9f52
95587f2b50d861a10874e37db683d0ff82a3632ecc3fceaf38908c6ff74e8dfd
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
9714e5753febbe94f92953992640bb4ce83f03971bea694b29820376bf0a8682
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cf2bfa32849994e40eb345fe31a4431129f31ff10618283ba2923008e8d5095
9eefa45bb1c6bee12bdbc6231dc60bd43cdf46486bece4a81090860392bea1d5
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a063169b2ad2f9434c66fdedfe553ed38ca1d292dcc16f618cca51d38ddb2715
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aed5d6070276dcbf847b073b7d275ae9fce1b5759926b8486938019f13223a
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3e5dbd164e610779422df37e3abe70ed5462c98c3c434a9f58bd132fe3d2ea6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4ed278ef75e82f89333a034ce650e7ddcadbd13c9f96cbd43678bd7ab53138d
a5927dbfa9c960da8440ff6ad99f539d8b4a5579a3a29dd1566554c32481456b
a5e956f114c7afe2e9ef69d1096fea30c66ef827fca46aa014b70ab4ba48a499
a61b2b9b5eda099cb8cc38359c5fec66bca33e57c0203fb546bf0f5265e309f1
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
ab470f376d3330f77f091b26352e9f66693a7834f7154fa9757c1ccaff85da2d
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b488074ee39504505565d3001bf38ea9d07c4e433dc7a4667432e115671f8c53
b4acdfafe14b326a679095a3685a99302c5a3ade5a79d59f4c760667d0398e11
b8abd844406736ce23d96a3689ee4cd1a811370ca90d55125243f2d2ebeef7b1
b9441e02a38f1ea83d5e5a54fd792f5b757600322cc22634b99d9aa650176024
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbce68c92e5ec6240034d4d0de1b356bff69b085ae3367946a69f8ef846b541b
be86cf5bbc8ae44203ed4a4703c9a5ff1c916ae572880dacbd2280dac6789059
bee00dc9ac61a6eae0a5a1efd6af3ba501f5d4208e5e21e1bbc545db78c161fe
bee61ce229451a3519fcfa0f14e9fdc5d3e0bd4208c474d24cb2f2b5586dff4a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4663eb033ddb86e8ce1322a6c531c4945cb52526ccc378333a43d0703b77bae
c56d91910ce8eaceb14d9e85529c05bd9923b0eda84b640091549e6c4867af59
c5b72e184af0ba62e6858319e4104676f2e4bdd893981c99a03a4b1a1baa2ee6
c727812910811ef5edd39494d2c0b4aa355493049bff1b5cac562b05f4951b16
c90d03e0885743e79960670428d8bd08c277ab00ed9ef8b398a38b0b58cd4554
ca3770f50e897a311552432d00b7fdbee35c687f8a86f39e212bc8d1e8e45c01
ca45483120bda9dbec0a869a663d8dcb35b09fcc3ddb5172914de86da42b2b70
cb9dd6c1b0c3c8cb3b6c1afdb68553bcf8b2267d36a83e41215de9ae039bc078
cced71af699b96dbfbc24439594b4d43af733f34c97c99fd34c3ff18f3845426
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2ec5bdc44def5f36f1cfd8396270da548d8680b04ddd2df70265510b16e807b
d2ed3fd545568285345130ea7f5bb020dc63073584458309435e74476ffa462a
d39232dfbdbdb4dde3100e6240a014e45389e3519d012dd80c3e8f6929c5b089
d3942901fae29e66fd764e1ca8d40702c3e96d2935fd6cf2313802103ff03009
d54633573668b4703db3bdccede99c1076819aa2bb287773cf8ef5d2bebae418
d723ddc89dc7b299c50e4af810131ae511e709fda9650ce69ce047e592d143a4
dbc4354c04fa40c64a8116dbd793610b22a647735338e60286196553ee756bb6
dc3abe11ab99857518dc9683b7073dfdcc132b0cf88f9df779615420f52769ee
dd077349a06d9c21c75ffc7b287de576f506a262b218d8a9926dc10145ccf4df
deedbb2979cf4a622b8097273dbed38382657e385afa262f63b9c0d316c07c9b
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e7aaa31aec9d6a9f88c0af5d361aff3e7828ace0fb0c55ab35922025e12700b1
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef0b7772670416130029db26255a5b9fea7ba925e75b14c9490265032ae1057d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ee36f4a5035aa29fc3a7c5fc503cb02ce8bc0d0ddd155643fdafc97d430891
f2dbee6e8cb9bff59607fadf14404bd7fca23c704c0677fc43b902e4e15de00f
f517fd80a14eb577b87d8aaa8c42907c27ff30762f1581457d336a469641e466
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fe76ac8037f1e137f6af98225dc93f4c6c5683e741fe70a848d9d6335440b1dd
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e