urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-...
Submission: On October 09 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 94 IPs in 8 countries across 95 domains to perform 490 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 468243.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 172.253.118.132 15169 (GOOGLE)
1 3 209.58.171.197 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
1 23.211.140.152 20940 (AKAMAI-ASN1)
5 72.247.81.178 20940 (AKAMAI-ASN1)
3 209.58.188.181 133752 (LEASEWEB-...)
1 69.16.175.10 20446 (STACKPATH...)
25 172.67.72.16 13335 (CLOUDFLAR...)
1 54 142.251.12.154 15169 (GOOGLE)
13 142.251.10.156 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
1 74.125.200.94 15169 (GOOGLE)
2 74.125.24.97 15169 (GOOGLE)
3 103.229.10.247 16509 (AMAZON-02)
2 172.217.194.138 15169 (GOOGLE)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 5 51.79.234.101 16276 (OVH)
4 54.150.80.212 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 35.213.117.18 15169 (GOOGLE)
1 104.83.197.63 16625 (AKAMAI-AS)
11 52.212.146.220 16509 (AMAZON-02)
1 34.107.148.139 396982 (GOOGLE-CL...)
4 8 104.254.151.68 29990 (ASN-APPNEX)
2 104.18.18.126 13335 (CLOUDFLAR...)
1 11 34.98.64.218 396982 (GOOGLE-CL...)
9 145.40.88.5 54825 (PACKET)
1 54.203.144.13 16509 (AMAZON-02)
1 182.161.73.145 55569 (CRITEO-AS...)
1 13.228.151.119 16509 (AMAZON-02)
36 74.125.24.132 15169 (GOOGLE)
1 13.33.33.118 16509 (AMAZON-02)
3 104.211.156.162 8075 (MICROSOFT...)
1 13.33.33.58 16509 (AMAZON-02)
2 74.125.130.155 15169 (GOOGLE)
2 172.217.194.95 15169 (GOOGLE)
1 13.33.33.38 16509 (AMAZON-02)
5 23.36.48.24 16625 (AKAMAI-AS)
2 184.87.193.156 20940 (AKAMAI-ASN1)
15 104.83.196.24 16625 (AKAMAI-AS)
1 11 23.36.252.26 16625 (AKAMAI-AS)
9 74.125.24.104 15169 (GOOGLE)
2 182.161.74.19 55569 (CRITEO-AS...)
2 182.161.73.148 55569 (CRITEO-AS...)
1 172.217.194.94 15169 (GOOGLE)
10 11 3.33.220.150 16509 (AMAZON-02)
11 42 172.217.194.155 15169 (GOOGLE)
1 1 35.227.252.103 15169 (GOOGLE)
3 4 67.199.150.81 62713 (AS-PUBMATIC)
8 11 69.173.158.64 26667 (RUBICONPR...)
2 2 52.76.113.116 16509 (AMAZON-02)
1 1 52.77.85.240 16509 (AMAZON-02)
26 182.161.73.129 55569 (CRITEO-AS...)
2 2 89.207.22.108 399104 (CNVR-APAC)
1 3 104.18.35.11 13335 (CLOUDFLAR...)
2 2 151.101.130.49 54113 (FASTLY)
2 2 172.104.45.159 63949 (LINODE-AP...)
2 2 135.125.160.160 16276 (OVH)
1 1 52.194.46.160 16509 (AMAZON-02)
2 182.161.73.132 55569 (CRITEO-AS...)
4 182.161.73.142 55569 (CRITEO-AS...)
4 182.161.73.135 55569 (CRITEO-AS...)
1 74.125.200.149 15169 (GOOGLE)
3 182.161.73.136 55569 (CRITEO-AS...)
1 104.65.229.2 ()
1 151.101.129.108 54113 (FASTLY)
1 13.32.99.85 ()
3 11 23.9.185.218 16625 (AKAMAI-AS)
3 8 52.223.2.229 16509 (AMAZON-02)
4 4 103.229.205.242 30419 (MEDIAMATH...)
1 1 52.4.99.227 14618 (AMAZON-AES)
3 4 185.84.60.21 ()
2 3 50.31.142.191 ()
1 1 50.116.239.135 ()
1 1 202.241.208.56 4694 (IDCF IDC ...)
2 2 54.192.150.126 16509 (AMAZON-02)
1 104.19.158.19 13335 (CLOUDFLAR...)
1 1 198.8.71.131 ()
4 23.72.44.196 ()
7 7 74.118.186.44 26120 (RHYTHMONE)
3 3 13.229.33.3 ()
2 182.161.73.146 55569 (CRITEO-AS...)
2 3.228.33.18 ()
1 172.67.154.71 13335 (CLOUDFLAR...)
8 8 52.74.162.2 ()
1 37.157.6.241 ()
1 1 3.92.9.222 ()
2 5 23.106.127.52 ()
2 5 104.18.19.126 ()
4 4 209.191.163.210 ()
1 103.231.98.203 ()
1 52.202.9.144 ()
2 3 13.107.42.14 ()
1 2 104.18.98.194 ()
2 3 35.213.12.39 ()
3 7 54.255.52.29 ()
2 4 209.54.182.161 ()
1 13.107.21.200 ()
1 54.64.4.232 ()
1 23.106.127.164 ()
1 2 3.232.113.231 ()
2 2 209.191.163.208 ()
2 2 35.230.38.116 ()
1 1 35.186.193.173 ()
1 202.131.200.84 ()
1 2 151.101.1.44 ()
1 104.19.172.108 ()
2 169.197.150.8 ()
1 1 67.199.150.86 ()
1 67.199.150.82 ()
1 54.249.66.168 ()
6 139.5.84.243 ()
1 1 34.111.151.213 ()
1 18.141.27.50 ()
1 104.18.12.76 ()
1 1 104.254.151.120 ()
1 193.122.128.135 ()
490 94
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    172.253.118.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sl-in-f132.1e100.net
cdn.ampproject.org
3    209.58.171.197 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    23.211.140.152 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-211-140-152.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    72.247.81.178 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-81-178.deploy.static.akamaitechnologies.com
cdn.adpushup.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
1    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: tlb.hwcdn.net
code.jquery.com
25    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
54    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
pagead2.googlesyndication.com
adservice.google.com
googleads.g.doubleclick.net
adservice.google.com.au
www.googletagservices.com
13    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
1    74.125.200.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f94.1e100.net
d-2104935580351686742.ampproject.net
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
3    103.229.10.247 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
2    172.217.194.138 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f138.1e100.net
www.google-analytics.com
1    104.16.85.20 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
5    51.79.234.101 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip101.ip-51-79-234.net
onetag-sys.com
4    54.150.80.212 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    104.83.197.63 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-197-63.deploy.static.akamaitechnologies.com
a.teads.tv
11    52.212.146.220 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
8    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
11    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
adpushup-d.openx.net
u.openx.net
us-u.openx.net
jp-u.openx.net
9    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    54.203.144.13 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-203-144-13.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    13.228.151.119 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-228-151-119.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
36    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com
9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
tpc.googlesyndication.com
1    13.33.33.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-118.sin2.r.cloudfront.net
rules.quantcount.com
3    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.33.33.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-58.sin2.r.cloudfront.net
pxl.qccerttest.com
2    74.125.130.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f155.1e100.net
partner.googleadservices.com
2    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
1    13.33.33.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-33-38.sin2.r.cloudfront.net
adx.holmesmind.com
5    23.36.48.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-48-24.deploy.static.akamaitechnologies.com
hblg.media.net
2    184.87.193.156 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-87-193-156.deploy.static.akamaitechnologies.com
qsearch-a.akamaihd.net
15    104.83.196.24 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-83-196-24.deploy.static.akamaitechnologies.com
contextual.media.net
11    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
warp.media.net
cs.media.net
lg3.media.net
9    74.125.24.104 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f104.1e100.net
www.google.com
2    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
2    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
1    172.217.194.94 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f94.1e100.net
fonts.gstatic.com
11    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
42    172.217.194.155 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f155.1e100.net
cm.g.doubleclick.net
1    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
4    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
11    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
2    52.76.113.116 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-113-116.ap-southeast-1.compute.amazonaws.com
ads.yieldmo.com
1    52.77.85.240 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-85-240.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
26    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
2    89.207.22.108 (Singapore, Singapore)

ASN399104 (CNVR-APAC, US)
PTR: sin02-login-ds.dotomi.com
dclk-match.dotomi.com
3    104.18.35.11 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
2    172.104.45.159 (Singapore, Singapore)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1625-159.members.linode.com
a.c.appier.net
2    135.125.160.160 (France)

ASN16276 (OVH, FR)
PTR: ns3198892.ip-135-125-160.eu
c.eu1.dyntrk.com
1    52.194.46.160 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-194-46-160.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
2    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
4    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
4    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
1    74.125.200.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sa-in-f149.1e100.net
s0.2mdn.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    104.65.229.2 (None, )

ASN- ()
js-sec.indexww.com
1    151.101.129.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    13.32.99.85 (None, )

ASN- ()
public.servenobid.com
11    23.9.185.218 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-9-185-218.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
secure-assets.rubiconproject.com
8    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
4    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    52.4.99.227 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-99-227.compute-1.amazonaws.com
fksnk.com
4    185.84.60.21 (None, )

ASN- ()
c1.adform.net
3    50.31.142.191 (None, )

ASN- ()
b1sync.zemanta.com
1    50.116.239.135 (None, )

ASN- ()
ad.turn.com
1    202.241.208.56 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
2    54.192.150.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-126.sin2.r.cloudfront.net
cr-p3.ladsp.com
1    104.19.158.19 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
1    198.8.71.131 (None, )

ASN- ()
p.rfihub.com
4    23.72.44.196 (None, )

ASN- ()
ads.pubmatic.com
7    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
3    13.229.33.3 (None, )

ASN- ()
pm.w55c.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    3.228.33.18 (None, )

ASN- ()
cs.emxdgt.com
1    172.67.154.71 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
8    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
1    37.157.6.241 (None, )

ASN- ()
cm.adform.net
1    3.92.9.222 (None, )

ASN- ()
ssp.disqus.com
5    23.106.127.52 (None, )

ASN- ()
ssbsync-global.smartadserver.com
rtb-csync.smartadserver.com
5    104.18.19.126 (None, )

ASN- ()
ssum.casalemedia.com
ssum-sec.casalemedia.com
4    209.191.163.210 (None, )

ASN- ()
ap.lijit.com
1    103.231.98.203 (None, )

ASN- ()
ow.pubmatic.com
1    52.202.9.144 (None, )

ASN- ()
pbs.nextmillmedia.com
3    13.107.42.14 (None, )

ASN- ()
px.ads.linkedin.com
2    104.18.98.194 (None, )

ASN- ()
p.adsymptotic.com
3    35.213.12.39 (None, )

ASN- ()
x.bidswitch.net
7    54.255.52.29 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
4    209.54.182.161 (None, )

ASN- ()
s.amazon-adsystem.com
1    13.107.21.200 (None, )

ASN- ()
c.bing.com
1    54.64.4.232 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.164 (None, )

ASN- ()
ssbsync.smartadserver.com
2    3.232.113.231 (None, )

ASN- ()
x.yieldlift.com
2    209.191.163.208 (None, )

ASN- ()
ce.lijit.com
2    35.230.38.116 (None, )

ASN- ()
um.simpli.fi
1    35.186.193.173 (None, )

ASN- ()
ipac.ctnsnet.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
2    151.101.1.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
1    104.19.172.108 (None, )

ASN- ()
csync.loopme.me
2    169.197.150.8 (None, )

ASN- ()
match.deepintent.com
1    67.199.150.86 (None, )

ASN- ()
image2.pubmatic.com
1    67.199.150.82 (None, )

ASN- ()
image8.pubmatic.com
1    54.249.66.168 (None, )

ASN- ()
rtb.gumgum.com
6    139.5.84.243 (None, )

ASN- ()
dsum-sec.casalemedia.com
dsum.casalemedia.com
1    34.111.151.213 (None, )

ASN- ()
dmp.brand-display.com
1    18.141.27.50 (None, )

ASN- ()
d.adroll.com
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
1    104.254.151.120 (None, )

ASN- ()
secure.adnxs.com
1    193.122.128.135 (None, )

ASN- ()
sync.technoratimedia.com
Apex Domain
Subdomains		 Transfer
67 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 131
59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com
9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 170
750 KB
61 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 215
googleads.g.doubleclick.net — Cisco Umbrella Rank: 68
cm.g.doubleclick.net — Cisco Umbrella Rank: 304
532 KB
34 criteo.net
static.criteo.net — Cisco Umbrella Rank: 789
csm.as.criteo.net — Cisco Umbrella Rank: 13677
pix.as.criteo.net — Cisco Umbrella Rank: 14259
187 KB
32 media.net
prebid.media.net — Cisco Umbrella Rank: 1901
hblg.media.net — Cisco Umbrella Rank: 2563
contextual.media.net — Cisco Umbrella Rank: 841
warp.media.net — Cisco Umbrella Rank: 3316
cs.media.net — Cisco Umbrella Rank: 2337
lg3.media.net — Cisco Umbrella Rank: 4956
336 KB
27 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1426
fastlane.rubiconproject.com — Cisco Umbrella Rank: 701
pixel.rubiconproject.com — Cisco Umbrella Rank: 493
eus.rubiconproject.com — Cisco Umbrella Rank: 861
secure-assets.rubiconproject.com
token.rubiconproject.com
pixel-us-east.rubiconproject.com Failed
52 KB
26 bg3.co
www.bg3.co — Cisco Umbrella Rank: 468243
static.bg3.co
175 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 136
www.google.com — Cisco Umbrella Rank: 19
5 KB
16 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 311
342 KB
15 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
6 KB
14 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15685
e3.adpushup.com — Cisco Umbrella Rank: 16689
aplogger.adpushup.com — Cisco Umbrella Rank: 18441
260 KB
13 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 754
ssum.casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com Failed
dsum.casalemedia.com
10 KB
12 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 844
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 20686
ads.as.criteo.com — Cisco Umbrella Rank: 13337
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 14501
gum.criteo.com — Cisco Umbrella Rank: 486
dis.criteo.com — Cisco Umbrella Rank: 935
61 KB
12 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 15735
rtb.openx.net — Cisco Umbrella Rank: 2302
u.openx.net — Cisco Umbrella Rank: 960
us-u.openx.net — Cisco Umbrella Rank: 708
jp-u.openx.net
3 KB
12 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2779
public.servenobid.com
8 KB
11 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 915
ads.pubmatic.com
image4.pubmatic.com Failed
ow.pubmatic.com
image8.pubmatic.com Failed
simage2.pubmatic.com Failed
image2.pubmatic.com
36 KB
11 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 463
6 KB
10 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1451
assets.a-mo.net — Cisco Umbrella Rank: 5184
6 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 334
acdn.adnxs.com — Cisco Umbrella Rank: 885
secure.adnxs.com
26 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 877
eb2.3lift.com — Cisco Umbrella Rank: 601
4 KB
6 lijit.com
ap.lijit.com
ce.lijit.com
4 KB
6 smartadserver.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com
3 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 84578
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 23455
sync.aralego.com — Cisco Umbrella Rank: 4213
4 KB
5 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 796
3 KB
5 adform.net
c1.adform.net
cm.adform.net
2 KB
5 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 1080
3 KB
4 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 723
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 228
177 KB
4 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 1463
x.bidswitch.net
2 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9439
45 KB
3 linkedin.com
px.ads.linkedin.com
1 KB
3 w55c.net
pm.w55c.net
2 KB
3 zemanta.com
b1sync.zemanta.com
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 1476
s.tribalfusion.com — Cisco Umbrella Rank: 3850
2 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1449
pixel.quantserve.com — Cisco Umbrella Rank: 683
cms.quantserve.com — Cisco Umbrella Rank: 1504
11 KB
2 deepintent.com
match.deepintent.com
60 B
2 taboola.com
trc.taboola.com
match.taboola.com
561 B
2 simpli.fi
um.simpli.fi
1 KB
2 yieldlift.com
x.yieldlift.com
629 B
2 gumgum.com
g2.gumgum.com
rtb.gumgum.com
usersync.gumgum.com Failed
2 KB
2 adsymptotic.com
p.adsymptotic.com
478 B
2 emxdgt.com
cs.emxdgt.com
133 B
2 unrulymedia.com
sync.targeting.unrulymedia.com
1018 B
2 ladsp.com
cr-p3.ladsp.com — Cisco Umbrella Rank: 18176
1 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 7630
gu.dyntrk.com Failed
2 KB
2 appier.net
a.c.appier.net — Cisco Umbrella Rank: 14909
1 KB
2 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 930
687 B
2 dotomi.com
dclk-match.dotomi.com — Cisco Umbrella Rank: 5101
959 B
2 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 983
1007 B
2 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 2794
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 118
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 1003
957 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 94
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 129
76 KB
1 technoratimedia.com
sync.technoratimedia.com
293 B
1 adroll.com
d.adroll.com
181 B
1 brand-display.com
dmp.brand-display.com
349 B
1 loopme.me
csync.loopme.me
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 ctnsnet.com
ipac.ctnsnet.com
641 B
1 bing.com
c.bing.com
668 B
1 nextmillmedia.com
pbs.nextmillmedia.com
454 B
1 disqus.com
ssp.disqus.com
315 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 4833
522 B
1 rfihub.com
p.rfihub.com
660 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1662
861 B
1 turn.com
ad.turn.com
441 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 7466
609 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 364
23 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 4024
450 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 820
387 B
1 gstatic.com
fonts.gstatic.com
33 KB
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 353741
1 KB
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 1356
549 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1200
682 B
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4346
518 B
1 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1407
360 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 492
2 KB
1 ampproject.net
d-2104935580351686742.ampproject.net
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 977
30 KB
1 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 18088
10 KB
0 creativecdn.com Failed
creativecdn.com Failed
0 clientgear.com Failed
event.clientgear.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 pippio.com Failed
pippio.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
0 mookie1.com Failed
odr.mookie1.com Failed
0 chocolateplatform.com Failed
cs.chocolateplatform.com Failed
490 95
Domain Requested by
42 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
31 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.bg3.co
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
31 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
adx.holmesmind.com
www.bg3.co
www.googletagservices.com
tpc.googlesyndication.com
26 static.criteo.net cdn.adpushup.com
ads.as.criteo.com
static.criteo.net
25 static.bg3.co www.bg3.co
16 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
securepubads.g.doubleclick.net
15 contextual.media.net 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
contextual.media.net
cdn.adpushup.com
googleads.g.doubleclick.net
ads.pubmatic.com
eus.rubiconproject.com
13 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
11 match.adsrvr.org 10 redirects cdn.adpushup.com
11 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
g2.gumgum.com
9 www.google.com 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
9 prebid.a-mo.net cdn.adpushup.com
prebid.a-mo.net
8 ups.analytics.yahoo.com 8 redirects
8 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
8 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
8 ib.adnxs.com 4 redirects cdn.adpushup.com
acdn.adnxs.com
prebid.a-mo.net
7 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
ssum-sec.casalemedia.com
7 pixel.rubiconproject.com 4 redirects www.bg3.co
eus.rubiconproject.com
7 adservice.google.com cdn.ampproject.org
securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 adservice.google.com.au securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
googleads.g.doubleclick.net
www.bg3.co
6 e3.adpushup.com www.bg3.co
5 sync.1rx.io 5 redirects
5 cs.media.net 1 redirects contextual.media.net
5 hblg.media.net www.bg3.co
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
5 onetag-sys.com 1 redirects cdn.adpushup.com
public.servenobid.com
www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
4 dsum-sec.casalemedia.com ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
4 ap.lijit.com 4 redirects public.servenobid.com
4 lg3.media.net www.bg3.co
googleads.g.doubleclick.net
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 us-u.openx.net 1 redirects u.openx.net
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 pix.as.criteo.net ads.as.criteo.com
4 csm.as.criteo.net ads.as.criteo.com
4 image6.pubmatic.com 3 redirects ads.pubmatic.com
4 www.googletagservices.com 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
4 adpushup-d.openx.net cdn.adpushup.com
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ssum-sec.casalemedia.com public.servenobid.com
js-sec.indexww.com
ssum-sec.casalemedia.com
3 x.bidswitch.net 2 redirects eb2.3lift.com
3 px.ads.linkedin.com 2 redirects www.bg3.co
3 pm.w55c.net 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 b1sync.zemanta.com 2 redirects www.bg3.co
g2.gumgum.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
3 aplogger.adpushup.com cdn.adpushup.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 match.deepintent.com ads.pubmatic.com
g2.gumgum.com
2 um.simpli.fi 2 redirects
2 ce.lijit.com 2 redirects
2 x.yieldlift.com 1 redirects public.servenobid.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 ssum.casalemedia.com 2 redirects
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 dis.criteo.com contextual.media.net
ads.pubmatic.com
2 sync.targeting.unrulymedia.com 2 redirects ads.pubmatic.com
2 cr-p3.ladsp.com 2 redirects
2 jp-u.openx.net u.openx.net
2 cat.sg1.as.criteo.com ads.as.criteo.com
2 c.eu1.dyntrk.com 2 redirects
2 a.c.appier.net 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 dclk-match.dotomi.com 2 redirects
2 ads.yieldmo.com 2 redirects
2 ads.as.criteo.com googleads.g.doubleclick.net
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
2 rtb.jp2.as.criteo.com googleads.g.doubleclick.net
www.bg3.co
2 warp.media.net 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
googleads.g.doubleclick.net
2 qsearch-a.akamaihd.net www.bg3.co
2 fonts.googleapis.com securepubads.g.doubleclick.net
client
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
1 sync.technoratimedia.com g2.gumgum.com
1 secure.adnxs.com 1 redirects
1 cdn.indexww.com ssum-sec.casalemedia.com
1 d.adroll.com ssum-sec.casalemedia.com
1 dmp.brand-display.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 image2.pubmatic.com 1 redirects
1 csync.loopme.me ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 image8.pubmatic.com ads.pubmatic.com
1 ipac.ctnsnet.com 1 redirects
1 ssbsync.smartadserver.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 pbs.nextmillmedia.com prebid.a-mo.net
1 ow.pubmatic.com prebid.a-mo.net
1 ssbsync-global.smartadserver.com 1 redirects
1 ssp.disqus.com 1 redirects
1 cm.adform.net prebid.a-mo.net
1 id.a-mx.com prebid.a-mo.net
1 p.rfihub.com 1 redirects
1 assets.a-mo.net prebid.a-mo.net
1 tg.socdm.com 1 redirects
1 ad.turn.com 1 redirects
1 fksnk.com 1 redirects
1 cms.quantserve.com 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
1 u.openx.net cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 s0.2mdn.net static.criteo.net
1 cc.adingo.jp 1 redirects
1 s.tribalfusion.com 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
1 match.sharethrough.com 1 redirects
1 rtb.openx.net 1 redirects
1 fonts.gstatic.com fonts.googleapis.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 pixel.quantserve.com www.bg3.co
1 pxl.qccerttest.com www.bg3.co
1 9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 tlx.3lift.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-2104935580351686742.ampproject.net cdn.ampproject.org
1 code.jquery.com cdn.adpushup.com
1 delivery.adrecover.com www.bg3.co
1 www.bg3.co
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 creativecdn.com Failed g2.gumgum.com
0 event.clientgear.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.srv.stackadapt.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 gu.dyntrk.com Failed ssbsync.smartadserver.com
ssum-sec.casalemedia.com
0 pippio.com Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 sync.go.sonobi.com Failed public.servenobid.com
0 image4.pubmatic.com Failed prebid.a-mo.net
ads.pubmatic.com
0 odr.mookie1.com Failed contextual.media.net
prebid.a-mo.net
ads.pubmatic.com
0 cs.chocolateplatform.com Failed googleads.g.doubleclick.net
490 158

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-05-18 -
2023-05-18		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-10-09 -
2023-01-11		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
pbs.nextmillmedia.com
Amazon		 2022-07-13 -
2023-08-11		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.adroll.com
Amazon		 2021-12-18 -
2023-01-15		 a year crt.sh
*.technoratimedia.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-15 -
2023-09-15		 a year crt.sh

This page contains 86 frames:

Primary Page: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Frame ID: BDA8A7E274D41B069D2CA2F45A117686
Requests: 102 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 75D453270D6356A5ECB636C77AA1803B
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 59BBCB4B2B76B6E1621D2724152EC522
Requests: 7 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 4D5FB371ED0025E524ECBAAC78FF8AF5
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 38830FB2A5D05AFFDF2D9114CB3AE0E4
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35780323343034303421&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3387&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=259527006065&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&ga_hid=6065&dt=1665285418044&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&bdt=2380&dtd=468&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 967CC4FC702EA1D229A4D4F1FF0A9035
Requests: 1 HTTP requests in this frame

Frame: https://59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: E53087E4ABA31A28BF5902E9448C0555
Requests: 1 HTTP requests in this frame

Frame: https://9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 317B3A60AD7D2745F6130B2348CC0BED
Requests: 1 HTTP requests in this frame

Frame: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3ABBE0E68E751BE36DF4A286BC4CBF3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Frame ID: EF1D76104DD44D67FB502143A08F94A5
Requests: 9 HTTP requests in this frame

Frame: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 4D678D00EE83CEE698665D2D3A12DB12
Requests: 17 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Frame ID: A3040582FA8CA26377F6E160ADFD6112
Requests: 19 HTTP requests in this frame

Frame: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 12747DA1EB4195DA8CF70EF6AFDBE0DA
Requests: 10 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: BDFB6C8427FEC16CE062DCDEA74D3F7D
Requests: 7 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Frame ID: 08CACD1984B75BE1283159C5084088D7
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FDA12132C36BD2BBA144B64C0F9F7F21
Requests: 9 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: 9471C4BD96DD7F99DF0C2B2F330E7B50
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 51CEDD97B231275073A09074B6843399
Requests: 9 HTTP requests in this frame

Frame: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Frame ID: 1327A780E752F94E8D4D57CC54CBAD07
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSE6W07&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 0BBA54DBB4445FFD1A793D2FC7895FE8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A95B5334FD6AD8058F902CB334B852E9
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Frame ID: 7B6E01C559354D450679D09EA578C7AE
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 559AD0C95ECB63C008409F17BA63C5A5
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 28F18FD076D2898206DC013B72CC0F68
Requests: 3 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: DE25A0CB31AB677528E227AC3F876A36
Requests: 13 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1665285419478
Frame ID: D252FB47923B6B35A964DB74F578EDF0
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 7CD031EC168265F39A8E91524C4BB7CC
Requests: 10 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: D6D936A4986189DCF05025ADDAEE0B28
Requests: 17 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: BB0405CDA33CB0D5BB5418A60D0FB7F6
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: AC082489DB460FAF41054CF1C53620A1
Requests: 11 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: C1768EA87B305FAAA32C8B8167A6E0A5
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D530229AA6792F63DA035E22B6B763B8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 119C9DCF53DAE36D58415CA34AC52848
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6C53E792AA8AE3EF928832FA96D3CB53
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 76E83203B4B1389DF811ED9A7B3C7AA6
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 3D172AFA128C914ACCB3F14F387881AD
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=rkt&refUrl=&vid=52854239033082870236835727000V10&ovsid=1972928490584900185
Frame ID: 9738C3062AE91B27DE8AC085C0B3999D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Frame ID: 2FB916445894CFA2BEAEB1419467FBA7
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CNG6vLz1CY5KFJJrWoQO8uLvIBazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLIBT9DPjPn7KCd3xq3pY0r8W2CqjeTgwk-Irj21xLURI4YPomXGd-QRKquQjW9QtbupPe7TcOL83rO0scsYTk0UTHrk-1s_BgzmJbc0D3EnZWoc77BzgsjtzITjGusaWOEqsxL__P5JOqGpUGI7C4f2XrCdlgmxHj5NsoYemT9pxMEFMCLnduIDRDgBgtha4WrCnLn2adxliSpt_ysNAr2vCzT-arVo6KXgaBrPrxKNykcg74AGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=sLll6qJNWV0&uach_m=[UACH]&cid=CAQSKQDq26N9QtjIpBLDOIvXhTjKs8LUQ-lStp0-swf7eZyql1MMsrR9DZmfGAEgEw
Frame ID: 7A673EDF11A786C0BDF82820F18FB439
Requests: 13 HTTP requests in this frame

Frame: data://truncated
Frame ID: 6BB47629D1E4D0CFDB0248D3105C4392
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04EC1F48A63D08CAC373C642B5935687
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41A5E35B67881D562E26DCA968B1AC3F
Requests: 2 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: CE1E6FB85BA2E1B9F4A442DDD63F9842
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DF46BE2687BB019E6A2A63A2D8BC7505
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 9B9FA61C737915A64B49A140EC643584
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: E1652F05FDFD9C2794CDA4FF32DFD3B0
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 9AA453F09852483097F66FCC23483AF3
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 01B5FEF663D11637DC6E3028DC8F158C
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 7AFD1BA1755043A69B187D344DC1A049
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 16E798456A6E8EC0FF307FDD25DEA19F
Requests: 3 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: A3450956240E0FA1C890C0237DAE0A69
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FC31A77B-8598-437B-9EB1-63D38ED935D6
Frame ID: 6AB23BAFD11EC7E7A01CC29FF0F254B0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 94D2D49BF8E98EEC100BF48C48C8668C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: B2E623263442B45154A64076BD6191F9
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 718DEF845E6387FABB8A55FC086D15F2
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Frame ID: AFDEE1F9F5DFC06659A268AA939AC5CE
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 86BA3C973938002A5E665CB41E46BFBE
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 164AB4A5DC50C0F03F80DF751AAC682E
Requests: 1 HTTP requests in this frame

Frame: https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Frame ID: 7519A66CCD9BC817CCFF7EA7E8326706
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FC31A77B-8598-437B-9EB1-63D38ED935D6
Frame ID: 2A2C585AC95C9E6408D24B2A81A606A0
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 9E069D66B9268B644A7CAFC01F656EBD
Requests: 1 HTTP requests in this frame

Frame: https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Frame ID: 040F273C553703EF1FFA19A276CA97B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da1accaa-4780-11ed-bb17-3455f57e8f4a
Frame ID: 3D31FE2B5AF9CC6FDDBE6725DB78DA8B
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: C2895FFD9654F10A165EC85212ED4C8C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=44198010-4fa8-4715-8f36-cd9e916968e9-tucta3bc2b1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 79D2182D76D0BFFAB7608963F4AC0515
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: 474117949C404CC247212EC446E2E378
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 6E543091CAE0CC65BCE15BF8E2BD66DC
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 9BFDD701358B68FEE510383A5D867D4A
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 1BF1686323DAE2B84E8BD4E58B3FB77C
Requests: 1 HTTP requests in this frame

Frame: https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Frame ID: 02E5DFE26061EED799C21B3E9604C76D
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=pba&refUrl=&vid=52854239033082870236835727000V10&ovsid=FC31A77B-8598-437B-9EB1-63D38ED935D6
Frame ID: EBF16BE57A214CE903C24DE7C13D06A0
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=7f226342-3d30-4300-83b1-ae8dc245d74e&gdpr=0&gdpr_consent=
Frame ID: 765F5383FB9118EF0C7B92A53BF7466B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=Y0I9LgAAAbmjqABe&gdpr=0&gdpr_consent=
Frame ID: 19F8EAE65FF522D958D82B7E4FA5B5F5
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81NzA0ZmRkYi0yYzg5LTQ0OWMtOGY1Zi02NWY3ZGZlOTc4MTI=&gdpr=0&gdpr_consent=
Frame ID: 0181612897F7C05EB3AD4D88088B3BE6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: A9DB502AA3564F7A99D27F3794065F05
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Frame ID: 6B1205AC60078FB47AF755B5F129168C
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 73406DD171CCE67E869A16443EE79E34
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=Y0I9McCo5soAAIRKW7gAAAAA
Frame ID: 783F1F54EF57FD1E5D5A4FBCA1E3CC90
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
Frame ID: FAF6EA66105A6653DF9D983517F0649F
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 6E11E8D844E06DAC95209E293EB8780E
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 020B384103E50ECAD765A4DAD55231F2
Requests: 3 HTTP requests in this frame

Frame: data://truncated
Frame ID: ACC050033C6BA8CEC446054B555C616D
Requests: 4 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CD52C011E59317D240E706002474CA7D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3BABFA24CAFCE507C1FE93692B4B8A40
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F77D15E3209A0BA6B7331C1FD28956CA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6862D9621A7878E7ED0BBCF5BF8B76CF
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

新北2女1男屋內苦讀 她睡醒驚呼「夢到被一羣鬼抓」男同學秒嚇到 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

490
Requests

70 %
HTTPS

0 %
IPv6

95
Domains

158
Subdomains

94
IPs

8
Countries

3210 kB
Transfer

8506 kB
Size

60
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 142
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418319&bpp=5&bdt=1687&idt=2935&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&cookie=ID%3D6ac0a61591736459%3AT%3D1665285420%3AS%3DALNI_MYuyCWKmtYZqEFhQQx4xhZCLoY-Mg&gpic=UID%3D00000a2457415d43%3AT%3D1665285420%3ART%3D1665285420%3AS%3DALNI_MarQmHbRg5VIissbvlSggdbsi958Q&correlator=8318708543230&frm=23&ife=1&pv=1&ga_vid=158707149.1665285421&ga_sid=1665285421&ga_hid=1628614391&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1434&biw=1600&bih=1200&isw=336&ish=280&ifk=1939298287&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44770880%2C44773747&oid=2&pvsid=860470873132966&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ubg3qc1t8y9l&btvi=1&fsb=1&dtd=2949 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 174
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELbhkCQQZP42yhVj7_K-hGY&google_cver=1&google_push=AZmPxg-UZ7eJ0xxjpPdtMkEbrGYGTQzSLylkPkzEPqT1gjD2-aKKFpcPOGMZEkCVFG7H42aRX_cBuulOIPBvay7bzbrTdWtzxLShPiwSg_q3XqW2kK2qrCdmSoFNJ5mLazJ2pVo9G4B89Ww HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESELbhkCQQZP42yhVj7_K-hGY&google_cver=1&google_push=AZmPxg-UZ7eJ0xxjpPdtMkEbrGYGTQzSLylkPkzEPqT1gjD2-aKKFpcPOGMZEkCVFG7H42aRX_cBuulOIPBvay7bzbrTdWtzxLShPiwSg_q3XqW2kK2qrCdmSoFNJ5mLazJ2pVo9G4B89Ww HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTFiYjBmNjEtM2M5YS00Zjk1LWEwNjgtZTg5ZGU5YWE5NGJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Request Chain 175
  • https://rtb.openx.net/sync/dds?google_gid=CAESECjZE_Z3slB4PInhizkGZfs&google_cver=1&google_push=AZmPxg8xQp9ZoRmhRDiVIS_p8CTOFd7p6vQAmOKaRgZTUMj-TfRqtNedBXVTRHkxgPOLkYjmo3DVKm_i3LUsrCC8qYnPihynwwg0ni9R_4oPlBcXVRV9feq-LrvN8bUcuvsJR6jPjgXR7KQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8xQp9ZoRmhRDiVIS_p8CTOFd7p6vQAmOKaRgZTUMj-TfRqtNedBXVTRHkxgPOLkYjmo3DVKm_i3LUsrCC8qYnPihynwwg0ni9R_4oPlBcXVRV9feq-LrvN8bUcuvsJR6jPjgXR7KQ&google_hm=wzQey4D8yQMNL9fi_LFoOQ==
Request Chain 176
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOZvrblTP1iRUu-D-_wOQRU&google_cver=1&google_push=AZmPxg_E2hXyWIcBEg7ivOSpAGZU93pt1bVIZto5Zw5i8tkFztyGZOkGgX9gveeM_tc76F31GZZbF7MNdRnX-Osb6At8PTxAxxG7ChC46Quem_KfQsse2NRC_F8ATQmijWRDHtJ0fv7KZzU HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOZvrblTP1iRUu-D-_wOQRU&google_cver=1&google_push=AZmPxg_E2hXyWIcBEg7ivOSpAGZU93pt1bVIZto5Zw5i8tkFztyGZOkGgX9gveeM_tc76F31GZZbF7MNdRnX-Osb6At8PTxAxxG7ChC46Quem_KfQsse2NRC_F8ATQmijWRDHtJ0fv7KZzU&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_E2hXyWIcBEg7ivOSpAGZU93pt1bVIZto5Zw5i8tkFztyGZOkGgX9gveeM_tc76F31GZZbF7MNdRnX-Osb6At8PTxAxxG7ChC46Quem_KfQsse2NRC_F8ATQmijWRDHtJ0fv7KZzU
Request Chain 177
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPrk1ASulFdYjqc3lq1W80I&google_cver=1&google_push=AZmPxg_y1-2A3SBYskVw6nj3ftFGZrcud0kuMRRj33ZsnQgQFflEth_ckqahUiWXaos5avLZCCV5cFdRIAkQffMgxe2Tl1ujx5C-02Mfc3-nKjP_8BfWS9nf35ho0I_rPxF88jRAds9CE1A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==&google_push=AZmPxg_y1-2A3SBYskVw6nj3ftFGZrcud0kuMRRj33ZsnQgQFflEth_ckqahUiWXaos5avLZCCV5cFdRIAkQffMgxe2Tl1ujx5C-02Mfc3-nKjP_8BfWS9nf35ho0I_rPxF88jRAds9CE1A
Request Chain 178
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEL9Shi6LDfGzmp2TTrEyFrw&google_cver=1&google_push=AZmPxg-SFejwp3GyS9JjxQZQ376XNRf7dDQGs5KL29iM7irvUZZaCs4v-n5mmg3yJVokB4ji-2VQb31pDZsmVx9Z8F1kM4Do-OJesFDM4_NNR39skIbdvQN4-Gk8QbiLELJJtZIUHfy5sQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-SFejwp3GyS9JjxQZQ376XNRf7dDQGs5KL29iM7irvUZZaCs4v-n5mmg3yJVokB4ji-2VQb31pDZsmVx9Z8F1kM4Do-OJesFDM4_NNR39skIbdvQN4-Gk8QbiLELJJtZIUHfy5sQ&google_hm=ZzMxODYxYWJjNjVjOGRlZjQ1MWY=
Request Chain 180
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECbmQVRDOWJd_r10onzVA54&google_cver=1&google_push=AZmPxg-B-tirjU7WwPbYSqg1fDtH6I8MfAEAEVkSp2589UeJhcpU0E-BOdDA18KwbMj0qqbs1sLH-8wB-vIS88985sY25aWQw0sYRJK-DeRla6vnPliQlHkX0BwHd_mGuGhJ2yWWqzYuPuQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZWM5MTJmMjUtMDBjYi00NWMyLWE5NTItZDIxYjY3ZGZlZmNj&google_push=AZmPxg-B-tirjU7WwPbYSqg1fDtH6I8MfAEAEVkSp2589UeJhcpU0E-BOdDA18KwbMj0qqbs1sLH-8wB-vIS88985sY25aWQw0sYRJK-DeRla6vnPliQlHkX0BwHd_mGuGhJ2yWWqzYuPuQ
Request Chain 183
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_cver=1&google_push=AZmPxg8vjjK1B6h8YFL1UaH4sL3vf1jH-vZWdfM8CYcFsDik2TVb5wQ4ILRtyNKWYQYd5loX-kArPsA0GfNJcJggzPB6rskbiFINZFAe1PxDl8Gp8_IikWJOhwLTGERVsoxzkFtD1p7nZkFO HTTP 302
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=53c25f9e73d11aff&is_secure=true&networkId=14000&version=1&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_cver=1&google_push=AZmPxg8vjjK1B6h8YFL1UaH4sL3vf1jH-vZWdfM8CYcFsDik2TVb5wQ4ILRtyNKWYQYd5loX-kArPsA0GfNJcJggzPB6rskbiFINZFAe1PxDl8Gp8_IikWJOhwLTGERVsoxzkFtD1p7nZkFO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJsT04pwnuSwNdqMDIAAAAAAA&expiration=1665371822&google_cver=1&is_secure=true&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_push=AZmPxg8vjjK1B6h8YFL1UaH4sL3vf1jH-vZWdfM8CYcFsDik2TVb5wQ4ILRtyNKWYQYd5loX-kArPsA0GfNJcJggzPB6rskbiFINZFAe1PxDl8Gp8_IikWJOhwLTGERVsoxzkFtD1p7nZkFO
Request Chain 184
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKFa-e6C9c9-AcGk1VgQMnU&google_cver=1&google_push=AZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFa-e6C9c9-AcGk1VgQMnU&google_cver=1&google_push=AZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 185
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPXleyVwtaqJ_vvmbIwXI7E&google_cver=1&google_push=AZmPxg9OUyXZSKKNtXzlTtIP0NhD7bufuaHjEzANP0Z1_TdPseXDVKJPdoHU0HpaKIxuPYVJobXELigH4jYd5TVif3xPfzzhreZ-P8J6tDDueCN2WMs1qKLSI3c69TnQ9-7tmgV1kLVQSl3U HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPXleyVwtaqJ_vvmbIwXI7E&google_push=AZmPxg9OUyXZSKKNtXzlTtIP0NhD7bufuaHjEzANP0Z1_TdPseXDVKJPdoHU0HpaKIxuPYVJobXELigH4jYd5TVif3xPfzzhreZ-P8J6tDDueCN2WMs1qKLSI3c69TnQ9-7tmgV1kLVQSl3U
Request Chain 186
  • https://a.c.appier.net/gcm?google_gid=CAESEEN9IcOrYihGfrv4moET0oU&google_cver=1&google_push=AZmPxg8jPjxvmBvjZrD01J7yrEhzB8EgXmF3OJA6i14mcMohr12gT6axFDuJszd9EkGhi46YTCZ826hnhf_rnclgO9F0UGsTf6Bt-xh-vbiIQ9UyVQjtQ2JKOLkbmlzTPtD6Qh3K8FRUeSCU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg8jPjxvmBvjZrD01J7yrEhzB8EgXmF3OJA6i14mcMohr12gT6axFDuJszd9EkGhi46YTCZ826hnhf_rnclgO9F0UGsTf6Bt-xh-vbiIQ9UyVQjtQ2JKOLkbmlzTPtD6Qh3K8FRUeSCU
Request Chain 187
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEL2ug4B-XT8kng0Fld27yNs&google_cver=1&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzdGAVukljlsyZmRcx5rfIk4AxqTSMtEtM7ymh3ezBMxUysR7iZbSv5QN263CROHf HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEL2ug4B-XT8kng0Fld27yNs&google_cver=1&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzdGAVukljlsyZmRcx5rfIk4AxqTSMtEtM7ymh3ezBMxUysR7iZbSv5QN263CROHf&prevuid=05030002_63423d2ed48a1&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzdGAVukljlsyZmRcx5rfIk4AxqTSMtEtM7ymh3ezBMxUysR7iZbSv5QN263CROHf&google_hm=MDUwMzAwMDJfNjM0MjNkMmVkNDhhMQ%3D%3D
Request Chain 188
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEL9Shi6LDfGzmp2TTrEyFrw&google_cver=1&google_push=AZmPxg_JdkpgdAV9cljFTSOeNTNjUbiQKORxHfyPW-37XdenuLjnSCcaydr2kcAFSl2rZ7JqKaUpRuRJZNmEzSdT-97bPfVnS37Nixeah9fPe-Pu1awQrh9Scm1KSyWVz8hq-bsLZWbAoJWe HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_JdkpgdAV9cljFTSOeNTNjUbiQKORxHfyPW-37XdenuLjnSCcaydr2kcAFSl2rZ7JqKaUpRuRJZNmEzSdT-97bPfVnS37Nixeah9fPe-Pu1awQrh9Scm1KSyWVz8hq-bsLZWbAoJWe&google_hm=ZzgyMmMzMjA4MzEwNDNkNmY5NTc=
Request Chain 189
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEBq5f9OxD-89tNxCPRTE_6E&google_cver=1&google_push=AZmPxg8J7GLY0-tS5ef2K0Y-waamkqulxJOXKOFwWy-k7t-WpWf9dGP0xVzoQ2bRgs9TJs0ycNMsS5n3Ta59K2Np5booLGAARtWyiWsHnNlkeoYt5QA22wgF83cHTkhpDcgMtmXJgA7zgKlO HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8J7GLY0-tS5ef2K0Y-waamkqulxJOXKOFwWy-k7t-WpWf9dGP0xVzoQ2bRgs9TJs0ycNMsS5n3Ta59K2Np5booLGAARtWyiWsHnNlkeoYt5QA22wgF83cHTkhpDcgMtmXJgA7zgKlO&google_hm=ec9c82ba11a9ed9b1776e5d0a20b77cd
Request Chain 251
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 254
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAlOEyfXJ7ssI-6vbsS465M&google_cver=1&google_push=AZmPxg-L8T4hBeG8Z-_ACw5Ev2WOb5KaD2gc6AWYvt4slalNq0vEY7hCK0LO4v0ynnuPKKqW3RUrbXFwotl-mitoJC4IgtvdWjDkR_0UR-m8oM0q_d2EBQmnvtamv4XcXFnLwDOz94iLwB0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-L8T4hBeG8Z-_ACw5Ev2WOb5KaD2gc6AWYvt4slalNq0vEY7hCK0LO4v0ynnuPKKqW3RUrbXFwotl-mitoJC4IgtvdWjDkR_0UR-m8oM0q_d2EBQmnvtamv4XcXFnLwDOz94iLwB0
Request Chain 255
  • https://fksnk.com/cs/google?google_gid=CAESEB8JYUObvUFDUK5NbGEnn2c&google_cver=1&google_push=AZmPxg-1oJ5xr1s0J0qVvzl81i45gKd1FnkPgnneB0rXajRuqUAUWtVhF19_slylK3ReA95S--7jnj8fLbvxRczklliwaV5Gcsykl-rHimwhzlW0QckIXePAL3igP3NWRc-HqRuqH25nPUwB HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUJCQUVEMDJERTMzQkUxRA==
Request Chain 256
  • https://a.c.appier.net/gcm?google_gid=CAESEEN9IcOrYihGfrv4moET0oU&google_cver=1&google_push=AZmPxg9CKVcu_fcWFzw_hJJS4Lk_xx5K84kuLfNZgKqkjLBnuVUwP9dAeyZd0lZcPT32ESkBTZCT6O9w8Q5JmkDNpG8wbOFb3MJS1bdqZbAII0u7qSJjRffu6E06s-HiiVS62J-TmclnEAYK HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg9CKVcu_fcWFzw_hJJS4Lk_xx5K84kuLfNZgKqkjLBnuVUwP9dAeyZd0lZcPT32ESkBTZCT6O9w8Q5JmkDNpG8wbOFb3MJS1bdqZbAII0u7qSJjRffu6E06s-HiiVS62J-TmclnEAYK
Request Chain 257
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEED616YZOiusN_7nOuB7Hso&google_cver=1&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw3DksGXNksQSQgLHYuz9c2DE_zgPw6IZYei3NAOgFk-0fbzABuGwloJd720x2WzqcYE HTTP 302
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEED616YZOiusN_7nOuB7Hso&google_cver=1&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw3DksGXNksQSQgLHYuz9c2DE_zgPw6IZYei3NAOgFk-0fbzABuGwloJd720x2WzqcYE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NDAyOTEyNDk5MDA2MDgyOA&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw3DksGXNksQSQgLHYuz9c2DE_zgPw6IZYei3NAOgFk-0fbzABuGwloJd720x2WzqcYE
Request Chain 258
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOZvrblTP1iRUu-D-_wOQRU&google_cver=1&google_push=AZmPxg-7e3CZUsPDsvthaQ7wv08Dr7UZ0uF0IDIJHT3y61phJo1WycO_HVu7NSE6DbybGeCJ9UHz9TZHJBbmrp6xBynm5cd-PTa1UrpV15C3wWOpi20yGF2BIGq8CeNFLRAErOwar8eyjGo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-7e3CZUsPDsvthaQ7wv08Dr7UZ0uF0IDIJHT3y61phJo1WycO_HVu7NSE6DbybGeCJ9UHz9TZHJBbmrp6xBynm5cd-PTa1UrpV15C3wWOpi20yGF2BIGq8CeNFLRAErOwar8eyjGo
Request Chain 259
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFjggj5xKtnlnHVZKnQMJms&google_cver=1&google_push=AZmPxg8yiCyIHfiO0f7q9LL8RvjO-NAFSKz86oWDxV9Z7ob6WG4rBtYsw3aWcRUfLcrXJqkFcf-CIXGykGFpPcwdeOw0TTejmRqAZ21A4kiW7r3Hd4kRaoP-8YRqqttgvyXFFi1jr6XTokubEw HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFjggj5xKtnlnHVZKnQMJms&google_push=AZmPxg8yiCyIHfiO0f7q9LL8RvjO-NAFSKz86oWDxV9Z7ob6WG4rBtYsw3aWcRUfLcrXJqkFcf-CIXGykGFpPcwdeOw0TTejmRqAZ21A4kiW7r3Hd4kRaoP-8YRqqttgvyXFFi1jr6XTokubEw&s=2 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8yiCyIHfiO0f7q9LL8RvjO-NAFSKz86oWDxV9Z7ob6WG4rBtYsw3aWcRUfLcrXJqkFcf-CIXGykGFpPcwdeOw0TTejmRqAZ21A4kiW7r3Hd4kRaoP-8YRqqttgvyXFFi1jr6XTokubEw&google_hm=WGtLWnpJYTBrTXVYVHB3Tkd0cjQ= HTTP 302
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Request Chain 263
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA4Mjg3MDIzNjgzNTc1MzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
Request Chain 264
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Request Chain 269
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8057414613641581855&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 270
  • https://match.adsrvr.org/track/cmf/openx?oxid=1c6294f7-297a-702d-eb5b-9b552fa85283&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&ttd_puid=1c6294f7-297a-702d-eb5b-9b552fa85283&gdpr=0&gdpr_consent=
Request Chain 271
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0I9MMCo5soAAIRKWsUAAAAA
Request Chain 272
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQOw4XD-Dgugks8ADv76KSeXCM8AAAGDur8Fdg
Request Chain 274
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKbwbSVXeBGWV7uKoMe76Q&google_cver=1
Request Chain 282
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 283
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Drkt%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=rkt&refUrl=&vid=52854239033082870236835727000V10&ovsid=1972928490584900185
Request Chain 284
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Request Chain 286
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dapx%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=apx&refUrl=&vid=52854239033082870236835727000V10&ovsid=7993443584297490447
Request Chain 287
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dopx%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=opx&refUrl=&vid=52854239033082870236835727000V10&ovsid=d44efd68-827a-4acd-8814-e53b9d47c05f
Request Chain 288
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dmma%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=mma&refUrl=&vid=52854239033082870236835727000V10&ovsid=7f226342-3d30-4300-83b1-ae8dc245d74e
Request Chain 289
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%5BRX_UUID%5D&cb=1665285424407 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7995011025 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e1bb0f61-3c9a-4f95-a068-e89de9aa94ba HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=r1&refUrl=&vid=52854239033082870236835727000V10&ovsid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Request Chain 290
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA4Mjg3MDIzNjgzNTcyNzAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
Request Chain 291
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=dxu&refUrl=&vid=52854239033082870236835727000V10&ovsid=7tHXRMjn1OHmOk5
Request Chain 293
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54617ede-b486-4bb0-9574-013e4d35eaea&ssp=medianet&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dmedianet%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f995ac6e-82bf-4a00-8c62-3b419a54e52d&ssp=medianet&gdpr_consent=&gdpr=0
Request Chain 294
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dzem%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=68P6Mwi1bqV1AGd2GGxc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJWHBIDMTLXNEYWE4KWGFAUOZBSI5DXQYZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2TEOBVGQZDGOJQGMZTAOBSHA3TAMRTGY4DGNJXGI3TAMBQKYYTAJTWONUWIPJTGA4DEOBXGAZDGNRYGM2TOMRXGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJWHBIDMTLXNEYWE4KWGFAUOZBSI5DXQYZGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2TEOBVGQZDGOJQGMZTAOBSHA3TAMRTGY4DGNJXGI3TAMBQKYYTAJTWONUWIPJTGA4DEOBXGAZDGNRYGM2TOMRXGAYDAVRRGA HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&ovsid=68P6Mwi1bqV1AGd2GGxc&refUrl=&type=zem&vid=52854239033082870236835727000V10&vsid=3082870236835727000V10
Request Chain 295
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3082870236835727000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3082870236835727000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=585340b5-f2f0-471d-b139-64b85004e900&cs=1
Request Chain 315
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=52402137-d824-4ab7-903c-7b4e839cf088&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=52402137-d824-4ab7-903c-7b4e839cf088&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526601180881868014&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526601180881868014&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=40b55cc3-7f86-4f38-a1e5-e00800a17220&ssp=adaptmx&gdpr_consent=&gdpr=0
Request Chain 316
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=52402137-d824-4ab7-903c-7b4e839cf088 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=52402137-d824-4ab7-903c-7b4e839cf088&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-cJ.CH4tE2uESEr8LJ4l594zZzi8mQT6AhqxM.7g-~A&gdpr=0&gdpr_consent=
Request Chain 317
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L90RXXGX-15-7FLE&gdpr=0
Request Chain 319
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dzeta%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
Request Chain 320
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=smartadserver&uid=1514135113636332924
Request Chain 321
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D52402137-d824-4ab7-903c-7b4e839cf088%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkMzMUE3N0ItODU5OC00MzdCLTlFQjEtNjNEMzhFRDkzNUQ2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Request Chain 322
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_privacy=&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=index_rtb&uid=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
Request Chain 323
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=sovrn&uid=FczFELZH2LayEkruSlSP_xxx
Request Chain 324
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=appnexus&uid=7993443584297490447
Request Chain 329
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&dongle=0cfd
Request Chain 330
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzEzOTQ0MTcyNDE2Mjc3Mzk1NzY3 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 331
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMZo44xOpK5pXtTC1yvxuIc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 332
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzEzOTQ0MTcyNDE2Mjc3Mzk1NzY3
Request Chain 333
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=713944172416277395767&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=713944172416277395767&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c7c8b8d8-d71c-448a-8872-d421bddbe872&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c7c8b8d8-d71c-448a-8872-d421bddbe872&_noobservation=1&_expected_cookie=ca3d9f2ad2e393b4826cb136f03f751c
Request Chain 335
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/713944172416277395767?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vt.o8bxE2oS5xpexFyziwWGbJ1hH4Lj0xqN__vuvkg--~A&dongle=0883
Request Chain 336
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=713944172416277395767 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=713944172416277395767&dcc=t
Request Chain 338
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=uZHTiT3h8nw_m9D_5h3E&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OVNEQVDJKQZWQODOO5PW2OKEL42WQM2F&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OVNEQVDJKQZWQODOO5PW2OKEL42WQM2F HTTP 302
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=uZHTiT3h8nw_m9D_5h3E
Request Chain 357
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 358
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90RXXGX-15-7FLE&gdpr=0&us_privacy=1YN-
Request Chain 359
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7993443584297490447
Request Chain 360
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FczFCRZHe7OM3hj0Q0m68vn5
Request Chain 361
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FczFELZHqT3uphtkTdulgaB6
Request Chain 362
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=f8f57ed5-285b-41c2-82c5-362d88484e85
Request Chain 363
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6856119465 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/e1bb0f61-3c9a-4f95-a068-e89de9aa94ba HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Request Chain 364
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1974054389975318772
Request Chain 366
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3396%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dzeta%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/cchain/1/3396?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F3396%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 367
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
Request Chain 368
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iNzRlYWI1OS0xMWQ1LTNhMTktOGExMS1lNDMwMjI4NjYxNmIqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtYjc0ZWFiNTktMTFkNS0zYTE5LThhMTEtZTQzMDIyODY2MTZiMgEGOAE=%26buyeruid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F3367%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Request Chain 369
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
Request Chain 370
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8_fthosWDZ_uocZaw8eZM&google_cver=1
Request Chain 371
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 372
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDAxZmU0NjY0Y2I5ZjlmZTFiOWJhZmU3Njc5ZGM5NDk0OWIyZTE3Zg
Request Chain 373
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=F6AFIdfDQgaFKhtvWFwtBA&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F6AFIdfDQgaFKhtvWFwtBA
Request Chain 374
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SjqSmj6CDN6KdnN7caYXNMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8679439431539563615
Request Chain 375
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90RXXGX-15-7FLE
Request Chain 376
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&gdpr=0&gdpr_consent=&expires=30
Request Chain 377
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==
Request Chain 384
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAlOEyfXJ7ssI-6vbsS465M&google_cver=1&google_push=AZmPxg_LJqooyW16Bo-m-NjpafAGpUz669OaJ3U8pYrdq8J3wBphckoX3lpIznXoDTB2VFav4hHPbHGVth4UDH2Nks45HLX390i8EM2vU3UvzAfYfODBO_q5zTl9uWTB_nNJnQLXIMVmB1E HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=fyJjQj0wQwCDsa6NwkXXTg&google_push=AZmPxg_LJqooyW16Bo-m-NjpafAGpUz669OaJ3U8pYrdq8J3wBphckoX3lpIznXoDTB2VFav4hHPbHGVth4UDH2Nks45HLX390i8EM2vU3UvzAfYfODBO_q5zTl9uWTB_nNJnQLXIMVmB1E
Request Chain 385
  • https://um.simpli.fi/gp_match?google_gid=CAESELyAPsqERrarD5AwXNLbFTI&google_cver=1&google_push=AZmPxg_YeHnlLSWMVpMX8qyN9ocqCgnoJBuUohnrhMDyAEFNBuDZ5Y9ePDcyoQ74dvm6uQh5x4u3fD1WYdzec6TxHa1x-Bcqrd28F0EHzZ2XUhswwveXJyYVBNQNLT1fJbFenT_3BWJ7SrE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DB63FA15CC1C46B99544A21AB07F82FA&google_push=AZmPxg_YeHnlLSWMVpMX8qyN9ocqCgnoJBuUohnrhMDyAEFNBuDZ5Y9ePDcyoQ74dvm6uQh5x4u3fD1WYdzec6TxHa1x-Bcqrd28F0EHzZ2XUhswwveXJyYVBNQNLT1fJbFenT_3BWJ7SrE
Request Chain 386
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEJzIlTsNE5IFF3olver57GY&google_cver=1&google_push=AZmPxg8p6hT2j2FEbFK9osPm1lLtAj8dcsdmg1h1ZQ4P1p5qJFrq6Rl1xBluGT3bj916iEat1Bi4mILHGeUkHGijac9H4WUMo56T2ngok28MtX2tPdcBIAP3C32HlnMJscCgDbC8mF4XoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8p6hT2j2FEbFK9osPm1lLtAj8dcsdmg1h1ZQ4P1p5qJFrq6Rl1xBluGT3bj916iEat1Bi4mILHGeUkHGijac9H4WUMo56T2ngok28MtX2tPdcBIAP3C32HlnMJscCgDbC8mF4XoQ&google_hm=ftHVuwtHRZCgXK1053tXN6U
Request Chain 387
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPZGW-0fdy-QAW4Gp5F7t5Y&google_cver=1&google_push=AZmPxg9i-rpy0_Zf1Lh-lkpRBoPmPgjCdpB_zd7P7L3VK-evzlBQO0n2RB502t9jksbV1MCiYN5jLgTZ6ONETFDPV83GrBAx9HP_7b8zvnUfaXGpOcDE4-k7iYkVDMzSnA-sJJKwPmQ7rH8 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9i-rpy0_Zf1Lh-lkpRBoPmPgjCdpB_zd7P7L3VK-evzlBQO0n2RB502t9jksbV1MCiYN5jLgTZ6ONETFDPV83GrBAx9HP_7b8zvnUfaXGpOcDE4-k7iYkVDMzSnA-sJJKwPmQ7rH8&google_hm=ODY3OTQzOTQzMTUzOTU2MzYxNQ%3D%3D
Request Chain 388
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEK_kMVlLgeGzzBM52aaBDD8&google_cver=1&google_push=AZmPxg89ji12wdEVSttdnZfqXJeJDPA_OcEfUoSdabHMEgAP_UaYtbSzKLiwu7K2-bV29L4Mvw6C63jZGMCVGnl4QiHDIs0s_Sr5AgYzgaad42vK1GkpjXe0ftyxMaQyASRuqBYn9GQ_FXY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GJW5RGn0QKhqpnUXGxXuIq310aU&google_push=AZmPxg89ji12wdEVSttdnZfqXJeJDPA_OcEfUoSdabHMEgAP_UaYtbSzKLiwu7K2-bV29L4Mvw6C63jZGMCVGnl4QiHDIs0s_Sr5AgYzgaad42vK1GkpjXe0ftyxMaQyASRuqBYn9GQ_FXY
Request Chain 389
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1&google_push=AZmPxg_Mb_QeTjPagFSS-pZtfcIn2h_Avh91arS6WJTmonYdsFRrXC_vioZXakgicjGwCQ-vNlDnshr6Exi-iE87kFxobZuZK5Z-bTgaErDkw-L3Par5rdejaVMir3wbQ44exz5WyIC-XFc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&mn_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_Mb_QeTjPagFSS-pZtfcIn2h_Avh91arS6WJTmonYdsFRrXC_vioZXakgicjGwCQ-vNlDnshr6Exi-iE87kFxobZuZK5Z-bTgaErDkw-L3Par5rdejaVMir3wbQ44exz5WyIC-XFc&gdpr=&gdpr_consent=
Request Chain 390
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBfbmd9qdsGRspa1qU4XIb4&google_cver=1&google_push=AZmPxg_cbO7ws1kdQKSiTjAVv_2FaP-IUcwWEdD8eOmW5WWD0XoAYZKtI2O-IztrLZzMZA8vdAAmo9EKJS5RaDAE3ddEqv7CB99ijdnKrPwB917GKBFCVmgfIAaFl66QoGK_4iP3T7zBx6g HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_cbO7ws1kdQKSiTjAVv_2FaP-IUcwWEdD8eOmW5WWD0XoAYZKtI2O-IztrLZzMZA8vdAAmo9EKJS5RaDAE3ddEqv7CB99ijdnKrPwB917GKBFCVmgfIAaFl66QoGK_4iP3T7zBx6g HTTP 302
  • https://onetag-sys.com/match/?int_id=19&google_error=5
Request Chain 395
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f226342-3d30-4300-83b1-ae8dc245d74e&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 396
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0I9LgAAAbmjqABe&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 397
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xd10e2oo8bl HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 398
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GiSvux9zqeoBIai7TSG2vhVy-LwBIKu_TS7KYriM HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Request Chain 401
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=46mVHwbHBUebihk3Lj1CYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Request Chain 403
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67df00decc374be299b47072c4146d74 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 404
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004&rndcb=4078131065 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&google_hm=Y2U2YjU4ZGEtNmUxZS00MjJhLWEyZGQtMDEyMmM3ZGJmNjZj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDcE78KOVNZe3pYEPyJvik8&google_cver=1&ssp=adconductor&bsw_param=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/ce6b58da-6e1e-422a-a2dd-0122c7dbf66c?gdpr=&gdpr_consent= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Request Chain 405
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da1accaa-4780-11ed-bb17-3455f57e8f4a
Request Chain 406
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7tHXRMjn1OHmOk5&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 407
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=44198010-4fa8-4715-8f36-cd9e916968e9-tucta3bc2b1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 412
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB2812A23EC14D1797A418A16CAA296F HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 414
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 415
  • https://idsync.rlcdn.com/420486.gif?partner_uid=FC31A77B-8598-437B-9EB1-63D38ED935D6 HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEZDMzFBNzdCLTg1OTgtNDM3Qi05RUIxLTYzRDM4RUQ5MzVENhAAGg0IsfqImgYSBQjoBxAAQgBKAA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2ff4095b857d2a8fc8d45a23bedd65d966ec7de007f84a9283845061ae558492791426b5417dce21&_=2
Request Chain 416
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7f226342-3d30-4300-83b1-ae8dc245d74e
Request Chain 417
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELQVl7crd6IC-e0HpJ2Dx6A&google_cver=1 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Request Chain 418
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:526FDAAC93984CBC810F5A3DF0091B9A HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 420
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Request Chain 421
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7993443584297490447&gdpr=0&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Request Chain 422
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4184029124990060828 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 423
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FC31A77B-8598-437B-9EB1-63D38ED935D6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vqPh67dE2uUYq5yPi.7iuTGpXhkIK_U-~A&gdpr=0&gdpr_consent=
Request Chain 424
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7993443584297490447
Request Chain 425
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54617ede-b486-4bb0-9574-013e4d35eaea&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dpubmatic%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=51fa4190-1b56-4ba9-929c-02e99a0d4b4a&ssp=pubmatic&gdpr_consent=&gdpr=0
Request Chain 426
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8057414613641581855&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 427
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5ac4dffaca651aff&is_secure=true&networkId=17100&version=1&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJl03o9B6BWwNE8Zr4AAAAAAA&expiration=1665371825&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 429
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0I9MJXdAGVVfXkjAF5y2AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGuwQ-ecac9jpDx8F9AhiLo&google_cver=1
Request Chain 430
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE8yp419yOPDTb3MLvs_xN4&google_cver=1
Request Chain 431
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&dcc=t
Request Chain 432
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&expiration=1667877425&gdpr=0&gdpr_consent=
Request Chain 433
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7ff09ced-5ba8-29ab-dcedeeb1
Request Chain 435
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f226342-3d30-4300-83b1-ae8dc245d74e
Request Chain 436
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
Request Chain 440
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=05030002_63423d2ed48a1&knw=1
Request Chain 441
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dsmartadserver%26bsw_param%3D54617ede-b486-4bb0-9574-013e4d35eaea HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=7tHXRMjn1OHmOk5&expires=30&ssp=smartadserver&bsw_param=54617ede-b486-4bb0-9574-013e4d35eaea HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&gdpr=&gdpr_consent=
Request Chain 442
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjM2MzA5MDE2NDgxODcyNDIzMA==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPNO1iJCZXdNtA0F8-RZ_00&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 443
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4184029124990060828&gdpr=0&gdpr_consent=
Request Chain 444
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7993443584297490447
Request Chain 446
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
Request Chain 447
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0I9LgAAAbmjqABe
Request Chain 448
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1 HTTP 302
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=05030002_63423d2ed48a1&knw=1
Request Chain 449
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7993443584297490447
Request Chain 450
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
Request Chain 451
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0I9MJXdAGVVfXkjAF5y2AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGuwQ-ecac9jpDx8F9AhiLo&google_cver=1
Request Chain 454
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7993443584297490447
Request Chain 455
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5704fddb-2c89-449c-8f5f-65f7dfe97812&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=3eCBJti3h3fG5YYmiuWYI9K21iHG5IUiiurW7xhH HTTP 302
  • https://usersync.gumgum.com/usersync?b=bsw&i=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
Request Chain 457
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=eb5f3087-016f-487b-8c20-8bb8e7f853c5
Request Chain 459
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-pD7go19E2peaHRfdy0siSNHSWOQF71diphKk~A
Request Chain 463
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5704fddb-2c89-449c-8f5f-65f7dfe97812&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=XkKZzIa0kMuXTpwNGtr4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WDLJNNHUSLBGBVU25KYKRYHOTSHORZDIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WDLJNNHUSLBGBVU25KYKRYHOTSHORZDIJTVONPXA4TJOZQWG6J5GEWS2LI
Request Chain 464
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=13184d7e-feec-48f7-a412-f3f56ffebc43
Request Chain 465
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004&rndcb=1759578563 HTTP 302
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
Request Chain 466
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=9cTuFwx1Mp7m&ev=1&pid=558355
Request Chain 467
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2363090164818724230
Request Chain 469
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=7f226342-3d30-4300-83b1-ae8dc245d74e&gdpr=0&gdpr_consent=
Request Chain 470
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=Y0I9LgAAAbmjqABe&gdpr=0&gdpr_consent=
Request Chain 473
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Request Chain 475
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=Y0I9McCo5soAAIRKW7gAAAAA
Request Chain 476
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
Request Chain 478
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 486
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L90RXXGX-15-7FLE HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90RXXGX-15-7FLE

490 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
www.bg3.co/a/ 		53 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
2ba9dac5c0b1d258e3fc8a71c09701e5a52d6a98896e24b72387100285ba6afd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 09 Oct 2022 03:16:55 GMT
ETag
"d58a-OVKvmp+1UycywlLaL5loZybXT50"
Expires
Sun, 09 Oct 2022 04:16:55 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 03:16:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72501
x-xss-protection
0
server
sffe
etag
"b0a9bc3cc165f0cd"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 03:16:56 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 03:16:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9664
x-xss-protection
0
server
sffe
etag
"b2cba6000b3c8a65"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 03:16:56 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 03:16:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7571
x-xss-protection
0
server
sffe
etag
"87d590c66fd5781f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 03:16:56 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Sun, 09 Oct 2022 03:16:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31967
x-xss-protection
0
server
sffe
etag
"dfda97fe2a1b5ffc"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=604800, stale-while-revalidate=604800
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 09 Oct 2022 03:16:56 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:56 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3562
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d%2FYK4UATSKI7%2FAb1olwV5PJjEvHFyINs7E%2FjbEHnLMVm8Vkv64HncedzUAhrG4OjFwOh9ij%2F5sUltTr6LE44f3gsu4q1zs1QnaMrNBCg4I674c3tFeNFWOqtaMrISqOXsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7573f5dd5a396a5a-SYD

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.211.140.152 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-211-140-152.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 03:16:57 GMT
content-encoding
br
last-modified
Sat, 08 Oct 2022 06:00:30 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=9, origin; dur=905
x-cf-geodata
AU
content-length
9571
expires
Sun, 09 Oct 2022 04:16:57 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 03:16:56 GMT
content-encoding
br
last-modified
Wed, 05 Oct 2022 09:36:33 GMT
server
nginx/1.18.0
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=5
x-cf-geodata
AU
content-length
105274
expires
Sun, 09 Oct 2022 04:16:56 GMT
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
612 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:56 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
6231
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj
minify
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ocyGYQZtwiBlFC5agsvhUvaCz7bfuPuv3yRyhuoA0SOxxr1R5FRDfDnVVt96ymAEuixoNrFrvoEoIM4SNNdcdvTMbV5Btpo0b3riU2MFvIMMyR0vmWLY5S9J8P8n%2Fn8jVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7573f5de1adf6a5a-SYD
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:16:57 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:16:57 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5163198537178606&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:16:57 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.6869525927669213&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
209.58.171.197 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:16:57 GMT
X-Width
336
X-Height
280
X-AdStyle
banner
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
Vary
Accept-Encoding
Access-Control-Allow-Credentials
true
X-AdSource
PSA
X-Adtype
html
Connection
close
Content-Length
508
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
tlb.hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1665285417.dop037.la3.t,1665285417.cds206.la3.hn,1665285417.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
98957f2f0a559ccb8b2793b7816792ac.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/98957f2f0a559ccb8b2793b7816792ac.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e39b9ec811737676bbd154a520e929dacd2b5c3f8641ab4b5cb6791138a49f4b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 04:26:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"98957F2F0A559CCB8B2793B7816792AC"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMAYSoZm4OZFDvNILxHSbbiviIGK%2FeRmI5sFcvPXK5E3t1OQBpiXy3qD4dRl5anCZdcTN5vmbf5juo51i1hBu%2FqHgeL89aVT9Qhq9UPm4XqqpHsfvZvWwk%2BwBP9nKtg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb88a8b6-SYD
content-length
8563
expires
Sun, 16 Oct 2022 03:16:57 GMT
406aefeb87b9ace341054ab8c149afab.jpg
static.bg3.co/imgs/202106/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/406aefeb87b9ace341054ab8c149afab.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddef8e65ab98b54067ef11cde27612a524d5cc5d4fabe8f00f41e0bddba1a21a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 21:36:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"406AEFEB87B9ACE341054AB8C149AFAB"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1DtUkrqmkQWly3ohOHlL1gOlq9J3dXVge5YFTyFzfe1ykReXJ6562y7jTq%2B7TuRjkrNX64%2Bw9CPhoGOV1H5ldevINuCssZpGbYKxWDurUd8cEaNJe9I7Ypa0cRq8j0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e15bdba8b6-SYD
content-length
11355
expires
Sun, 16 Oct 2022 03:16:57 GMT
ec72e9e62b4731fd877e82da7d3f7e23.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ec72e9e62b4731fd877e82da7d3f7e23.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f02c5cafa2b3ba7c9bee0a4c7b13af8176a268d5ef6b40fa8a880a29b2b8025f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 02:39:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"EC72E9E62B4731FD877E82DA7D3F7E23"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CVgO36Bi505J%2BXqhhxlphdp4tBjdQIJLAvahp4ZPVYr2Bj6aoDbEBsde2kAghWfsPAnNJYSKo8iBE4mR%2FO0pZZmHG8R6ZjBOn54LmSD8gzr6Y7qbgsYhYs1A%2BxtOrn0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb89a8b6-SYD
content-length
8124
expires
Sun, 16 Oct 2022 03:16:57 GMT
b10c683769f6ddf68d646df63541b4a1.jpg
static.bg3.co/imgs/202106/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/b10c683769f6ddf68d646df63541b4a1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b3705befda2cd9e9710de22d22a1155236210cc1992f5d1520be6b10bb54e72

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 21:27:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"B10C683769F6DDF68D646DF63541B4A1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yHr%2FDntal7wFSJZF4IyKR8pCBG%2FsHG9OKedJKGOWBqB0DrwXsaXcS96gT3Zwksg2g1dyAUR3LIKtoNwl3jAN4a7%2BWfBKQ3m4%2FyUNFwQG5L9fi32znNnB0kc3FWFNNuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb81a8b6-SYD
content-length
7068
expires
Sun, 16 Oct 2022 03:16:57 GMT
de8a04dc995117de419650f3fa9076d5.jpg
static.bg3.co/imgs/202111/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202111/de8a04dc995117de419650f3fa9076d5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a7fec778190c25ad960d64b179677b5ad389e4c6cfe2c4d71a4d24b94b100f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Fri, 19 Nov 2021 04:32:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"DE8A04DC995117DE419650F3FA9076D5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iIEtj8bR49FuCJ8VTrzZzyqPb3kTiTcHuHmf2BUebY3sefeQB79Vo4Ks1I%2BHAtiS5Yil2tuQDgOxH3H4ZwM%2FQY52pI5zHrFsys8cbyCJj%2FXBq%2FAK3rDtAdBCyV1ejTE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb82a8b6-SYD
content-length
4200
expires
Sun, 16 Oct 2022 03:16:57 GMT
47e1989e2ddcc1a2e177aa55d9708629.jpg
static.bg3.co/imgs/202201/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202201/47e1989e2ddcc1a2e177aa55d9708629.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b065a0bc366edebff6fcfc99ec260517bf15322c3dc5dcf066e04cf5e628c75

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Fri, 21 Jan 2022 06:16:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"47E1989E2DDCC1A2E177AA55D9708629"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lvGGv8trDj4hK3BRjULhdioGKqmGhpdpxM%2FYrdz2UlWjQDASI%2Bx7L5ST9S0jE%2BUQPKOgLCdtrHmJIMsMXa7kxzU3YDCXnyby11bPc9KJcPmD9EVo0%2FP9%2F%2FKNvz2r3og%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb83a8b6-SYD
content-length
5734
expires
Sun, 16 Oct 2022 03:16:57 GMT
36d253663e1b50efbdee130c971273de.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/36d253663e1b50efbdee130c971273de.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9041489036856c196c3738d770b8e6153ebe43cdb4bb55045dd3a118687f93e5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 19:45:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"36D253663E1B50EFBDEE130C971273DE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wT5URugTCYR8HGgl1woWODMUIcmh65FgHHx8EDGFAx2uUr5t1M%2FMb3sUpf%2FYXQJViRa5e2fqgcfYAcpUyzLqMNqz1TWKlKH4YR2M8B%2B4jkirAlZ9ww1ic5MjTHAmI4E%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb86a8b6-SYD
content-length
4864
expires
Sun, 16 Oct 2022 03:16:57 GMT
e9b3d0d24431d86ddd470e89c5ce0ad4.jpg
static.bg3.co/imgs/202011/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202011/e9b3d0d24431d86ddd470e89c5ce0ad4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c15770ea5fda104eed49d9d2d687795993b6e281e5832989195254563e98e4b9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 21 Nov 2020 05:29:57 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"E9B3D0D24431D86DDD470E89C5CE0AD4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRxs%2FHra%2BPVuHt%2Bi9HYrzj%2FrjgwxsXn3PGZBBgTBXP5KI9dkl90pt64jfS4khflFpy9dMeZUIo6qwwTYRvlU0cLZjgmpA1tYOX9A2Nax4oY9kg3oz3UY9TW6h6ToOwk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb84a8b6-SYD
content-length
5255
expires
Sun, 16 Oct 2022 03:16:57 GMT
01b50a87d2a9e9d3e964f20b48b442b9.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/01b50a87d2a9e9d3e964f20b48b442b9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3583f44aa72c5db69054afbfb7a97a360b0ef1ce9a0bb76b55a7dfc00f7e2ac3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 05 Jun 2021 09:32:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"01B50A87D2A9E9D3E964F20B48B442B9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PYk0eWyQaWDWxVyLjVNWKqNwNHFRHmkEeOgzfpg%2B%2FqYq3BmiEfDkDnPWKnV0XpyoMQc93aC36GChHReb5Hz1SLdlJzoLnK%2BB4VQsRrmESeIPbM%2BWryLEAynjkHvntkA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e0bb87a8b6-SYD
content-length
6373
expires
Sun, 16 Oct 2022 03:16:57 GMT
f86bb17b733cc5647703f202906aae2f.jpg
static.bg3.co/imgs/202106/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f86bb17b733cc5647703f202906aae2f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
59a82c2b3592566809f7e44c8cda8afdbd3c81b33a3ed04d96b876472bb5c4c8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 17:16:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"F86BB17B733CC5647703F202906AAE2F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZL6ztXrNZTLK9uFbu8C5yfHHQFMkZkwNkQWCX7uC9kJG89Ujpt%2Bvb6nFU1iFy%2FoDPw6OLRONfNLLYS8zTS7zvssHEwseNPpkuIQtssu0rwpUzrYZrhyHjXZCO6jRZRU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2bccca8b6-SYD
content-length
2717
expires
Sun, 16 Oct 2022 03:16:57 GMT
4fd62bd26cc8c9561bd5695b060e38e2.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4fd62bd26cc8c9561bd5695b060e38e2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
871237103117473310dbf2fc5ea68d6fe614558834387b031d2c3947184b90da

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 13:38:08 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4FD62BD26CC8C9561BD5695B060E38E2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27Yw48y7cbdIA3kUD6TMPegc0hatvGQcbUm8NM4mL5G6IkSW8zvOIVqitGGsmzda4tumOYvvg3A6wBbmGWuAKTDSAkFM7kUTwk%2F9BMEaq9n79eDa9LURCncF9F9NwWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2bccda8b6-SYD
content-length
7338
expires
Sun, 16 Oct 2022 03:16:57 GMT
5b24612740023001e94dee67e12d3f98.jpg
static.bg3.co/imgs/202112/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202112/5b24612740023001e94dee67e12d3f98.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6fb299c8b5e3e459a8ee282199f99a15c3aa8811d0e0d898f5c1176182f72159

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 25 Dec 2021 13:33:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"5B24612740023001E94DEE67E12D3F98"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mThfvWWBeRd6VC29ci5HIX92jLjfXHbp9K1Zi3Jutgjb1dx%2FemukgQ6%2FuvRCSwWjJUvgTQrpVbpyPnVO7Bsh9L18on%2FZO0Zi3hmCA7Tr3ntMjOyoNhE8G1WnIc8BAkc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2bccea8b6-SYD
content-length
10207
expires
Sun, 16 Oct 2022 03:16:57 GMT
68d17be9b9181f2f5c6f21708828ed2b.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/68d17be9b9181f2f5c6f21708828ed2b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35c643365bd4d0e7f39532ac9bf6b606173f4d1a7cb68ae635713c6e172542f8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 11:24:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"68D17BE9B9181F2F5C6F21708828ED2B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bJEe2HqaZKm%2BuIwDfhMmLtx4tiBdCCDStCBzy2NtSREeYTlOqaa8gb9T1Hg%2B6NdOyacJ1PpncRtLYSmjDlLs6PbobfkUnTpi0N%2Bq6p72e%2FzSjOpVHJcDq%2Bc2pmH%2BsEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2bccfa8b6-SYD
content-length
4527
expires
Sun, 16 Oct 2022 03:16:57 GMT
320489b8903caec63ca36372260ea979.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/320489b8903caec63ca36372260ea979.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43f6ac3b71a1f97823f7de6f557a8d5f2ec1f90f7159467d9bc47facc52a6eb1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 20:49:41 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"320489B8903CAEC63CA36372260EA979"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bYBiqszUfkbogp%2BogkcfBMiz5W9vHgbmRFfVJmVC%2F0UVbTC%2B21aWo%2BzC2IGvNQpI4IrkSRNOblIurPA66CmqBqglMQ9B7WsfgV8HEr3Eu02vDAt7zbJcWbVJjovANBg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2bcd0a8b6-SYD
content-length
5944
expires
Sun, 16 Oct 2022 03:16:57 GMT
90ecd365a3ebde62cdfa659f8b66b128.jpg
static.bg3.co/imgs/202202/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202202/90ecd365a3ebde62cdfa659f8b66b128.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0af6ddd6674b610ba75a30d85fa0379cafa752e720bbb37e50b9ad6ecec6d54f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Wed, 16 Feb 2022 10:12:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"90ECD365A3EBDE62CDFA659F8B66B128"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NsxHDrFUgLpiYek5GLc3K6LOE8fHNS7Xjd1uF3OCkqUySY7Fie%2B9aeSOAhakjG3uUn5iqVD3SHag5CdMnZUjPRqSsE6kI3FsnREXzLW2zAzjXFwkTXPEoWhI0lGfR%2B0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2bcd1a8b6-SYD
content-length
5372
expires
Sun, 16 Oct 2022 03:16:57 GMT
4ec428b64c34fe253310392eabafcd87.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/4ec428b64c34fe253310392eabafcd87.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55313bc8662242f54a18176109122338d4af14e256a4300feccc43ad4fbb4a48

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 12:55:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"4EC428B64C34FE253310392EABAFCD87"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhtXXVzFw0zAOYWDmX0C3svrUZQSLMgUJkBJloHcURWoNz0h2rmw3h8rKjuqkdO4vax2c%2F0AGJHQV4q1FLQ1kwu0n46JjvcjlO6w1fBivWEfYdBJjb1aDce5YD1cweo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd2a8b6-SYD
content-length
6437
expires
Sun, 16 Oct 2022 03:16:57 GMT
530199567da3208307f4cf972b55bd16.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/530199567da3208307f4cf972b55bd16.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321e38abc6ea18ec95f34c5421e8ee87ee85f03085a8fcb27ff1fa6d0100f53e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 13:54:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"530199567DA3208307F4CF972B55BD16"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6xKuDyv1IZFNg1P65ngy%2BtPkv%2F4SWyQ09QPRhcKyd2uLRLhchIfe%2FeCfPDqmkUKdaMnVQuNRmsLVrANG65BuZqxI12dXWxw2xHlDWixJ9FTUpcuqeN1k39XCM7wjH1o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd3a8b6-SYD
content-length
4748
expires
Sun, 16 Oct 2022 03:16:57 GMT
a1d6bd06d7351cb083e7556f44985a6b.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/a1d6bd06d7351cb083e7556f44985a6b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ade2d7c4ceabcaa54f749ed4fda8aeddad57937631cd9ff40f385442f712d4ab

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 20:00:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"A1D6BD06D7351CB083E7556F44985A6B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5Q98iS9QbIvpSRAP7C5Lre4gE6QvDyb2KvkXZWwSBcbZEpcpYWorcq13Z4XdbGlxtfUSPmjhzPpvOLNSemWbUzc%2ByXs6sg0yGcnAh5CPMfHYb7thkrb0hlSnxqDm%2FM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd4a8b6-SYD
content-length
4310
expires
Sun, 16 Oct 2022 03:16:57 GMT
25ecf51bd2d39e2eee5d0bd44c0b0669.jpg
static.bg3.co/imgs/202105/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/25ecf51bd2d39e2eee5d0bd44c0b0669.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dd3eca41f0ce6cfbabf8b4af1bc722ec221854d7be0f21a7bd5171801219d518

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 11:51:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"25ECF51BD2D39E2EEE5D0BD44C0B0669"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l75xQ%2BLFXxSPPvsOk97VO9zghYc8LuoV%2BFMkJIywTs1JZqtBUymZGmZiAMB2y0gKe5Atr0dC0MHc%2BeMe01hTxEUd7LmvNXBHsWy1fwcNtEkEM1rdymWQFHo%2BHdk9UH8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd5a8b6-SYD
content-length
3273
expires
Sun, 16 Oct 2022 03:16:57 GMT
9415c0d89e20e2361e8b7d594f258e0d.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9415c0d89e20e2361e8b7d594f258e0d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4889ba3d0312a3032a91057d196f9568a44305daf677d52cab4d518f0dd0ff6c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 04:59:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"9415C0D89E20E2361E8B7D594F258E0D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=658m4QiAQgIHq8wgy0PeWsmryGeCPkYIkvsrXG%2FUJDfY34Fa4AR%2BDn64tClU8hGdFGGvTBQJswEqSxAqaldsaVkeSD29DTGtIu7Ye2MsxYo7PQOyEJAy6qnYVOVkyZs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd6a8b6-SYD
content-length
5912
expires
Sun, 16 Oct 2022 03:16:57 GMT
c8725e00e4da614c9b1ae5dfbff808d5.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c8725e00e4da614c9b1ae5dfbff808d5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aacafb7e90e1a18b26f4d9047e8b6af4e9cab7039ab928edc2786c6b011c63a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Tue, 25 May 2021 02:34:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"C8725E00E4DA614C9B1AE5DFBFF808D5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rVmVj5Ewfet8NemGTqVx3TOy4v4OC7xh0nFmJDNk8xP%2BFnV0BJNMsoPv%2F%2BElmb%2BGKXzAZzOQvDgGdMi%2FbUDfIx5KvabTmb4ScT4D7cb81TeAb4JwRGstR%2FzYjE9qwZ4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd7a8b6-SYD
content-length
7416
expires
Sun, 16 Oct 2022 03:16:57 GMT
251c3678408bc8eb19d15e0b46bfa859.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/251c3678408bc8eb19d15e0b46bfa859.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
795b0ca490fa1c8aee1cf2a877c9d9a69b65ccd99c737692fd54961a8ec9bdbf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 16:56:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"251C3678408BC8EB19D15E0B46BFA859"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m0vKreZ37KjXmBheVQPCpm0y7tu45QtsCmCOHcD3RG1KzBLnKuQRiQwosC%2BSe5TNSqCGQV0E%2BPa1d8GZK9pLeAEJEdIWMxEStIzI5Rzd0J%2BQJAu5DRf7%2Fsr%2F8MuHNIk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccd9a8b6-SYD
content-length
5855
expires
Sun, 16 Oct 2022 03:16:57 GMT
3d6e8889cb2bea2f6d3784973effe19b.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/3d6e8889cb2bea2f6d3784973effe19b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ad2431dab8c22b1aa6f8d64ebf409dbcdd1654f03805cca27edcafffc72cb1a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sun, 23 May 2021 04:11:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"3D6E8889CB2BEA2F6D3784973EFFE19B"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZtnNo9MHXm0H02Wz4ihfZtKVaOtvhiSiRHM92cy2LYa0lvJJwlzafZnzcwH0ynasne9udHBUA32IVn8fLskHNBLckD%2FgO5QN%2Bjqf2vM004dj7f%2BYdYoglYFFo0Ch5Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccdaa8b6-SYD
content-length
8765
expires
Sun, 16 Oct 2022 03:16:57 GMT
466d392dd2ba26d25c68da0e94f68995.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/466d392dd2ba26d25c68da0e94f68995.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9e2698251b755771c65da49af80f25f6b19b252d8f5a3f040844aa020c0bfe3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Thu, 27 May 2021 09:01:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"466D392DD2BA26D25C68DA0E94F68995"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=019lbS8eID3xCrtDBye%2FiwrHWvjgRQC5xfkr1B0ioMx%2B4L%2F1VUFyW330UZvtZp4WGfdhCTXMUa7iGVcNQzppJ8niPL9Ylw9GjU%2B5oOxvyzBrlLTOUqWQFu3Csz03BDU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccdba8b6-SYD
content-length
6355
expires
Sun, 16 Oct 2022 03:16:57 GMT
2c09bfc8331c014a9f3caf78110feb8f.jpg
static.bg3.co/imgs/202107/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/2c09bfc8331c014a9f3caf78110feb8f.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f57be13e990c872ffb2d0b1c074b5c126d99eab1bd589291428f163b5e501c09

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
cf-cache-status
MISS
last-modified
Sat, 17 Jul 2021 16:41:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"2C09BFC8331C014A9F3CAF78110FEB8F"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7mQ4lYxqA%2Bx%2BLnUD7wDWzWNjDPlX%2BQb%2Bg1aIHmr%2BCe5dy8KexwS6qhOpjTyOxN2DlQUgTQh58kN0JOrGrug3kk6Wv93fvYBsh%2FZZvYSnNlxePpOPv6RODCrYFPO6Qg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
7573f5e2ccdca8b6-SYD
content-length
3286
expires
Sun, 16 Oct 2022 03:16:57 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Oct 2022 23:17:21 GMT
age
100776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2980
x-xss-protection
0
server
sffe
etag
"ac16e77745c88a40"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Oct 2023 23:17:21 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Oct 2022 13:48:59 GMT
age
307678
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23032
x-xss-protection
0
server
sffe
etag
"17406dee48d4bcdb"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Oct 2023 13:48:59 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
998 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
64be99cbc239387b3a425f0204d401134bf82c23057da176759f8e3cc790d70f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Oct 2022 23:17:21 GMT
age
100776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3844
x-xss-protection
0
server
sffe
etag
"02cbbdb857ad171c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Oct 2023 23:17:21 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 75D4 		112 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b966aa36c9e5220a83cc8c3021eed093449d6bb531c03df512fbf8adc78cfa68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38007
x-xss-protection
0
server
cafe
etag
1758296067292404817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:16:57 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 59BB 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
b966aa36c9e5220a83cc8c3021eed093449d6bb531c03df512fbf8adc78cfa68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38007
x-xss-protection
0
server
cafe
etag
1758296067292404817
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:16:57 GMT
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 23:10:44 GMT
age
360373
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10253
x-xss-protection
0
server
sffe
etag
"76108468fe259c2d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Oct 2023 23:10:44 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209142312000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Oct 2022 23:25:48 GMT
age
100269
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57872
x-xss-protection
0
server
sffe
etag
"9dc55ff1bd63fdb7"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Oct 2023 23:25:48 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 4D5F 		714 B
797 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3707
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7573f5e4af91dfbd-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 03:16:57 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnqONV0B%2FIsssWWCJo7BeZcpD5iunaJeSjJ5egNZdvWsUWX5nf0n3Y4wykajTOcsvFGSj4qVF%2BnDLNoD33cQJkjxKumtU3Oe7YECJaurOskIDw%2BqCBnt591Qas0iOYT%2BGw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:16:57 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=9
content-length
94168
expires
Mon, 09 Oct 2023 03:16:58 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-length
211
expires
Mon, 09 Oct 2023 03:16:58 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-length
17440
expires
Sun, 09 Oct 2022 04:16:58 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
7395c7dee2903d771c03b0f6314437d598be6f0b47cdff942408405a380b1fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27700
x-xss-protection
0
server
sffe
etag
"1358 / 525 of 1000 / last-modified: 1665180292"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Oct 2022 03:16:58 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:58 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 3883 		714 B
757 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
3707
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
7573f5e63920dfbd-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 03:16:57 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HR1WGAm3uviEsYTxZW%2BTBwo5db5oxwHj5xqFiR1RWsIqLQMURhxt8fpuwPhtHSxgsGv6AgJYvCUtrghJdXxXQsB1zj3SYU85ojl0G1u5QSUMUDVZSsLqbs9Rfd49oAaDSA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 4D5F 		79 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
7395c7dee2903d771c03b0f6314437d598be6f0b47cdff942408405a380b1fbc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27700
x-xss-protection
0
server
sffe
etag
"1358 / 913 of 1000 / last-modified: 1665180292"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Oct 2022 03:16:58 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-2104935580351686742.ampproject.net/2209142312000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-2104935580351686742.ampproject.net/2209142312000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjUyODU0MTc5MzIsInBhY2tldElkIjoiMDAwMEE3MDEtYjlmZWZiYWMtM2RhNy00NzUzLTg2ZWItZjliMDk1NWY3MTBjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1iZWktMm51LTFuYW4td3UtbmVpLWt1LWR1LXRhLXNodWkteGluZy1saWFuZy1odS1tZW5nLWRhby1iZWkteWktcXVuLWd1aS16aHVhLW5hbi10b25nLXh1ZS1taWFvLXhpYS1kYW8uaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=3880.0999999046326
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjUyODU0MTc5MzIsInBhY2tldElkIjoiMDAwMEE3MDEtYjlmZWZiYWMtM2RhNy00NzUzLTg2ZWItZjliMDk1NWY3MTBjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1iZWktMm51LTFuYW4td3UtbmVpLWt1LWR1LXRhLXNodWkteGluZy1saWFuZy1odS1tZW5nLWRhby1iZWkteWktcXVuLWd1aS16aHVhLW5hbi10b25nLXh1ZS1taWFvLXhpYS1kYW8uaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D&c_b=3880.7000000476837
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjUyODU0MTc5MzIsInBhY2tldElkIjoiMDAwMEE3MDEtYjlmZWZiYWMtM2RhNy00NzUzLTg2ZWItZjliMDk1NWY3MTBjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1iZWktMm51LTFuYW4td3UtbmVpLWt1LWR1LXRhLXNodWkteGluZy1saWFuZy1odS1tZW5nLWRhby1iZWkteWktcXVuLWd1aS16aHVhLW5hbi10b25nLXh1ZS1taWFvLXhpYS1kYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19&c_b=3881
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjUyODU0MTc5NDEsInBhY2tldElkIjoiMDAwMEE3MDEtYjlmZWZiYWMtM2RhNy00NzUzLTg2ZWItZjliMDk1NWY3MTBjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1iZWktMm51LTFuYW4td3UtbmVpLWt1LWR1LXRhLXNodWkteGluZy1saWFuZy1odS1tZW5nLWRhby1iZWkteWktcXVuLWd1aS16aHVhLW5hbi10b25nLXh1ZS1taWFvLXhpYS1kYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D&c_b=3889
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjUyODU0MTc5NDMsInBhY2tldElkIjoiMDAwMEE3MDEtYjlmZWZiYWMtM2RhNy00NzUzLTg2ZWItZjliMDk1NWY3MTBjIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3hpbi1iZWktMm51LTFuYW4td3UtbmVpLWt1LWR1LXRhLXNodWkteGluZy1saWFuZy1odS1tZW5nLWRhby1iZWkteWktcXVuLWd1aS16aHVhLW5hbi10b25nLXh1ZS1taWFvLXhpYS1kYW8uaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D&c_b=3891.5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:58 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
gtag.json
cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Sat, 08 Oct 2022 06:57:22 GMT
age
73176
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
etag
"4d194710e2f2f90c"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 08 Oct 2023 06:57:22 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 3883 		79 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
ed1b0051c068474feec1c23d2e7e48f4686a08f5bacbd8990f5cb28dff3999ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27720
x-xss-protection
0
server
sffe
etag
"1358 / 193 of 1000 / last-modified: 1665180320"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 09 Oct 2022 03:16:58 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
vary
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame 75D4 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
5b0974d218ed5dc2a7bba6d9dc467cdfd5a33657ccfb63d2e9cd0fddb181a9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125830
x-xss-protection
0
server
cafe
etag
11909884476248161158
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:17:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame 59BB 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
63670807627285c1fce0dbd36e010eae2cd10accc7eeecf613ffe2a604b0c88f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125836
x-xss-protection
0
server
cafe
etag
9065362627455453247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:17:00 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
etag
"+b0B6ncQDCugPb96DWf2QA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 16 Oct 2022 03:16:59 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/ Frame 4D5F 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 05:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Oct 2023 05:55:25 GMT
pubads_impl_2022100301.js
securepubads.g.doubleclick.net/gpt/ 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 05:55:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
76894
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
130906
x-xss-protection
0
last-modified
Mon, 03 Oct 2022 08:35:04 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Oct 2023 05:55:25 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		120 B
123 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
b11210a864bc50c101c023a4aec046b4c96ff6a0ca9a7bcf9f35939a1596165e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98
x-xss-protection
0
expires
Sun, 09 Oct 2022 03:16:59 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E6%96%B0%E5%8C%972%E5%A5%B31%E7%94%B7%E5%B1%8B%E5%85%A7%E8%8B%A6%E8%AE%80%E3%80%80%E5%A5%B9%E7%9D%A1%E9%86%92%E9%A9%9A%E5%91%BC%E3%80%8C%E5%A4%A2%E5%88%B0%E8%A2%AB%E4%B8%80%E7%BE%A3%E9%AC%BC%E6%8A%93%E3%80%8D%E7%94%B7%E5%90%8C%E5%AD%B8%E7%A7%92%E5%9A%87%E5%88%B0%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-D2Y5Pvi9zsbce5jX27maXg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.12832670746034447&gjid=0.3192022500509053&_r=1&a=6065&z=0.19461444055060784&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 967C 		603 B
392 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-35780323343034303421&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3387&oid=2&is_amp=5&amp_v=2209142312000&d_imp=1&c=259527006065&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&ga_hid=6065&dt=1665285418044&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&bdt=2380&dtd=468&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:16:59 GMT
expires
Sun, 09 Oct 2022 03:16:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022100501.js
securepubads.g.doubleclick.net/gpt/ Frame 3883 		380 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 05:14:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79360
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131414
x-xss-protection
0
last-modified
Wed, 05 Oct 2022 08:35:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 08 Oct 2023 05:14:19 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20221009
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9366751ced845c6d1c245ef69594aeb3eefb211dfe2dbfd534e9b30177f2b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
916
x-jsd-version
1.0.1487
content-encoding
br
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19153-FRA, cache-yyz4545-YYZ
x-jsd-version-type
version
server
cloudflare
etag
W/"664-px1vyhByb/6FmMBgcz2Yy9Ovr40"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7gx34FAcR663YEEc7ZrwmgZAnII0pddbnbIJ9O9sZjGtqrzycpP8DirbNiIRLO%2B%2BLSJzOOY50%2BLKptmPHHHDUDSRN13GH6Jo9ttc8vhY4sHVFQedKI7pN%2FnOOb0wouKE8nw%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
7573f5ed7d76aac9-SYD
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.bg3.co
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
bbe5da9edb91899fbf48ef777315d6530bd32c3c94bb2f5913ac8d46d9f4e611

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c3b992337e07d6ab5d946facf20cb799b6226a3d4564234e6a8f0ac91f9ad3c5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
d422bebc37bee6e1624526ce4eedd48e2f2ad9ce5c2461fa0fa077763f8ce309

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-prebid
pbs-java/1.101.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=cfceabae-80fd-4fda-b18d-53bd4b8f617e%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=6aeb78f0-a970-4089-b6db-f274d5f577e7%3B7f62cfce-032c-4ab8-a770-ed5d9e282d8a%3B362ac5f9-1512-4b38-88bb-b906a90dbec5&l_pb_bid_id=65eacbf2080da5%3B771a3a169a5be3%3B891787b7ceee55&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6167223032285121
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
68f051bb130bde98729274a4825c1b3235e1f849e7a81c65e9ebd303f1d8755f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:16:59 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://www.bg3.co
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hbjson
grid.bidswitch.net/ 		23 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
d3964ce5a919cc67612c065e9159b6f8a22a5baf32c86b9ba0d7e04022e83dfd

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sun, 09 Oct 2022 03:16:59 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
48
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.197.63 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-197-63.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Sun, 09 Oct 2022 03:17:00 GMT
adreq
ads.servenobid.com/ 		752 B
624 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=9489
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
06a55574709ebf1fbbb4e954c8e470d019f7e0609e8b8bd18dafedc3fe580c72

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
prebid
prebid.media.net/rtb/ 		1 KB
922 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1c56374b3c8665e3aa15997aeb02054c74797a314baaa21a89df192944922ff7

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
via
1.1 google
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
121
alt-svc
clear
prebid
ib.adnxs.com/ut/v3/ 		373 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7ea0f869760c8358a338fd293cbdbe2ea91a1590151e6a44925a839ca666435f
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:16:59 GMT
AN-X-Request-Uuid
f2e6cbbc-70e5-46e8-85f9-9ccaebf0f5e6
Server
nginx/1.21.3
Content-Type
application/json; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
373
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cygnus
htlb.casalemedia.com/ 		37 B
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%2229aafcf11b100a6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2236c0cc4da66739a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%223908f4c3f50f3f8%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2240246ee04129175%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cfceabae-80fd-4fda-b18d-53bd4b8f617e%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3341101ed9a50b4ffdd45bc99453157c9b1183731def531802b0668c8389fbf5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fw26jYZceyI1Nl%2Bh4LaDoZzkxSMBIHOJSiuyldBgLN3X5cMmoFdvgSOkFF9XBo3c7dhynoHm%2F1HOqJuHXG5IkqExfCvO6Utq3pD6acuvtIhUohiXu%2Bq10QAOfcQe3pxbQiJ%2BLr1s"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7573f5edcac2553f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2229aafcf11b100a6%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%223908f4c3f50f3f8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2240246ee04129175%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22cfceabae-80fd-4fda-b18d-53bd4b8f617e%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3341101ed9a50b4ffdd45bc99453157c9b1183731def531802b0668c8389fbf5

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LQ1oRZA4ZXV5IdRZeLl8X7pdKeGYQDmlr%2By9XrR7eGtbcTNvvSL%2Fzstilt7omIbN6xUd06Pclh2ayPX5hWGE1zWs0yaDe1rzFajK0v%2F%2F0NyZet51ktMEyC0qswQNEiHa%2F5WQvT4J"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7573f5edcac3553f-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
arj
adpushup-d.openx.net/w/1.0/ 		174 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b0aa94c9-454f-4338-9ddc-78832a0bc48f%2C8a4a119b-60bf-40fb-8678-a5d0cc54e1ea%2Cad455f94-779a-424e-8985-a3042dd879d9&nocache=1665285418906&pubcid=cfceabae-80fd-4fda-b18d-53bd4b8f617e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
d022a5f41aa8ebd280e804630a05b33618f383d644d30595e998d5c7589ec7cf

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
163
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=a4574cd2-bfeb-4d20-ac3d-5f500adbcb52&nocache=1665285418907&pubcid=cfceabae-80fd-4fda-b18d-53bd4b8f617e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e41b8a01-2ecc-45ef-a434-b9024c8c98d8&nocache=1665285418907&pubcid=cfceabae-80fd-4fda-b18d-53bd4b8f617e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c34de366-9724-4084-9fd1-9826459e2adc&nocache=1665285418907&pubcid=cfceabae-80fd-4fda-b18d-53bd4b8f617e&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
via
1.1 google
server
OXGW/0.0.0
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
c
prebid.a-mo.net/a/ 		486 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
3b1ece590e29aa49b81cbba9149bdbba883b73ab61a0a282e0507cd92270bbeb

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
185
content-length
261
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
518 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.203.144.13 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-203-144-13.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
27
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=39712049279
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 03:16:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.228.151.119 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-228-151-119.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:16:59 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-save-data,sec-ch-device-memory,sec-ch-dpr,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-viewport-width,sec-ch-ua-platform,sec-ch-viewport-height,sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua,sec-ch-ua-bitness,sec-ch-prefers-color-scheme,sec-ch-width,sec-ch-ect,user-agent,sec-ch-downlink
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 4D5F 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 4D5F 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 4D5F 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2771569315945354&correlator=2915340155152652&eid=31068458%2C31069634%2C31070043%2C31070046%2C31070193%2C31069353%2C31068921&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665285419378&lmt=1644386353&dlt=1665285417899&idt=1451&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=n9likgreb90b&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=2121151666.1665285419&ga_sid=1665285419&ga_hid=1813141877&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
442461baac0ca36ad7f1217e8bf06131280b2463cab2bf57614c1edcd1747600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E530 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:16:59 GMT
expires
Mon, 09 Oct 2023 03:16:59 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-118.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:01:23 GMT
via
1.1 475d669d6a669094dfa09def007f90d6.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P1
age
937
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Sf3jLd8OVPNiH7DFOK4oHtSjL9Z87lk4t4f7q9XSB69wEpifNZBofQ==
integrator.js
adservice.google.com.au/adsid/ Frame 3883 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3883 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:16:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 3883 		492 B
263 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2266630913647439&correlator=4115258294810279&eid=31068501%2C31069634%2C31070166%2C44742767&output=ldjh&gdfp_req=1&vrg=2022100501&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1665285419892&lmt=1644386353&dlt=1665285418013&idt=1858&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=1pisy01hll1d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=667244389.1665285420&ga_sid=1665285420&ga_hid=1350039409&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
524958e8da57d853aaa8c32c25ee43c663b39fe156b1dba41de7d6d18610c4c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 317B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:00 GMT
expires
Mon, 09 Oct 2023 03:17:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI5MjM0MzJfMTY2NTI4NTQxOTkxOCIsInVzZXJJZCI6IjIzNTc0Nl8xNjY1Mjg1NDE5OTE5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODUwMzA2XzE2NjUyODU0MTk5MTkiLCJwYWdlUGF0aCI6IiUyRmElMkZ4aW4tYmVpLTJudS0xbmFuLXd1LW5laS1rdS1kdS10YS1zaHVpLXhpbmctbGlhbmctaHUtbWVuZy1kYW8tYmVpLXlpLXF1bi1ndWktemh1YS1uYW4tdG9uZy14dWUtbWlhby14aWEtZGFvLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGeGluLWJlaS0ybnUtMW5hbi13dS1uZWkta3UtZHUtdGEtc2h1aS14aW5nLWxpYW5nLWh1LW1lbmctZGFvLWJlaS15aS1xdW4tZ3VpLXpodWEtbmFuLXRvbmcteHVlLW1pYW8teGlhLWRhby5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2NTI4NTQxOTkxOX0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
server
nginx/1.14.0 (Ubuntu)
L2EveGluLWJlaS0ybnUtMW5hbi13dS1uZWkta3UtZHUtdGEtc2h1aS14aW5nLWxpYW5nLWh1LW1lbmctZGFvLWJlaS15aS1xdW4tZ3VpLXpodWEtbmFuLXRvbmcteHVlLW1pYW8teGlhLWRhby5odG1s.json
cdn.adpushup.com/42753/ 		99 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EveGluLWJlaS0ybnUtMW5hbi13dS1uZWkta3UtZHUtdGEtc2h1aS14aW5nLWxpYW5nLWh1LW1lbmctZGFvLWJlaS15aS1xdW4tZ3VpLXpodWEtbmFuLXRvbmcteHVlLW1pYW8teGlhLWRhby5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
72.247.81.178 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a72-247-81-178.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
65bdccd7c53f1852009096a1e4e043c025030e4ba539d26f11e635fb4b037b20

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
last-modified
Thu, 06 Oct 2022 01:04:15 GMT
server
nginx/1.18.0
etag
"633e298f-18d32"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-akamai-device
mobile:false&tablet:false
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=7, origin; dur=1105
accept-ranges
bytes
expires
Sun, 09 Oct 2022 04:17:01 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 4D5F 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100301&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
1dd6a373aa68269ffb8531776e255d13c56b07ad6669bf1d70622b50914ef512
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11198
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3883 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022100501&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
3d39786142fb88b24afdd3ffda992c119717687309e7144b96a56ef039c59dbf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11357
x-xss-protection
0
pixel
pxl.qccerttest.com/ 		35 B
549 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=124182638;fpan=1;fpa=P0-502107777-1665285420303;pbc=cfceabae-80fd-4fda-b18d-53bd4b8f617e;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1665285420303;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-58.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 23:21:21 GMT
via
1.1 efb1b7f3f8c49c642a3c171f148004fe.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
x-amz-cf-pop
SIN2-P1
age
14140
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
x-frame-options
SAMEORIGIN
content-type
image/gif
accept-ranges
bytes
x-amz-cf-id
yUj-abOSt0qkOV9XBzgXV1e5x2NY8tY0kuIzBxvm83TChOV3cMb-PA==
pixel;r=404207109;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html;uh=e51ed6...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=404207109;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-502107777-1665285420303;pbc=cfceabae-80fd-4fda-b18d-53bd4b8f617e;ns=0;ce=1;qjs=1;qv=39016d63-20220929161725;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1665285420306;tzo=0;ogl=;ses=0a5a8e25-f983-4a04-82e4-7209f94d29df
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:00 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		123 KB
31 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1375092620784736&correlator=3916486190576615&eid=31069635%2C31070044%2C44775018%2C31069563&output=ldjh&gdfp_req=1&vrg=2022100301&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie_enabled=1&arp=1&abxe=1&dt=1665285420414&lmt=1665285420&dlt=1665285415664&idt=4160&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=266397392.1665285420&ga_sid=1665285420&ga_hid=6065&ga_fc=false&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
efe3832af98158f566c886440d83ae75a09d76104eaa94df1e96b748a3939896
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31660
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C3AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:00 GMT
expires
Mon, 09 Oct 2023 03:17:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 4D5F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:03 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3883 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100501.js?cb=31070166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:03 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 75D4 		379 B
316 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
aab26feebff5cdaf1d0a5979b3b780eae728f820e3b9b6a2c17589d0b7cc0361
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
247
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 75D4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 75D4 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame EF1D 		26 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
976da37d3d92656542a86468219c6150ba42361e4f0c8d88f47e9e5056fad654
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
12149
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:01 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
container.html
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4D67 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:00 GMT
expires
Mon, 09 Oct 2023 03:17:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012209142312000/ Frame A304 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 03 Oct 2022 17:07:17 GMT
age
468584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61591
x-xss-protection
0
server
sffe
etag
"e54f9754f7fcb5b6"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 03 Oct 2023 17:07:17 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame A304 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 07 Oct 2022 23:16:27 GMT
age
100834
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5187
x-xss-protection
0
server
sffe
etag
"59737ceedde8bf1d"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 07 Oct 2023 23:16:27 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame A304 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 02:25:42 GMT
age
435079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28888
x-xss-protection
0
server
sffe
etag
"e2dd099ef3a2ca02"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Oct 2023 02:25:42 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame A304 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-animation-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
e0237d72692e1e22f6c0781fbcd43b5f1855890b2c93b65bbce1ad93ed3f60e7
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Oct 2022 17:31:05 GMT
age
294356
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16659
x-xss-protection
0
server
sffe
etag
"70bb4406104465d4"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Oct 2023 17:31:05 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame A304 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 04 Oct 2022 20:03:40 GMT
age
371601
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
etag
"01e154329648e832"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 04 Oct 2023 20:03:40 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012209142312000/v0/ Frame A304 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209142312000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.118.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sl-in-f132.1e100.net
Software
sffe /
Resource Hash
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 05 Oct 2022 12:57:44 GMT
age
310757
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12955
x-xss-protection
0
server
sffe
etag
"45d7f146b93052d9"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Thu, 05 Oct 2023 12:57:44 GMT
css
fonts.googleapis.com/ Frame A304 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Rubik:400,700,300,500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
4ac1a8d538b97f4ff94f27c20647bd5b52af10dbda66108504c59c00ebbcddaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Oct 2022 03:17:01 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Oct 2022 03:17:01 GMT
container.html
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1274 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022100301.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:00 GMT
expires
Mon, 09 Oct 2023 03:17:00 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zh_tw.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A304 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/zh_tw.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 18:02:23 GMT
x-content-type-options
nosniff
server
cafe
age
33278
etag
7688947696963022458
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3430
x-xss-protection
0
expires
Sun, 09 Oct 2022 18:02:23 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame A304 		344 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 08 Oct 2022 13:05:00 GMT
x-content-type-options
nosniff
server
cafe
age
51121
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sun, 09 Oct 2022 13:05:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame A304 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkVsuLD1CY8GRIsWIyAP06rP4Bqmgh8pnkYaR87wOloLNhYgWEAEguoTAM2ClgICAkAGgAdaUyKgByAEJqQLNrth91GOlPuACAKgDAcgDCKoE7gJP0NWRTwP_Fi8-Nu9l5e4a3cUocHqQ0pqnoAOKv2eL9aiJB7obnm2AEEn9lsb2blK2wVNq1I6pXO3A6IOK14arTBKuXPrSunPddHIyaW-_vEfxxUe5jL80GjqCJFz07B4KNlzNimyRfABVuHHPL8AKSIRUDn_2GD9d_tifybzuXYbIZBjZY-MUNOkPUFmx_2v78FFxoj_vn7oKMAYTladsBk2F3LlAdcL0_ndVCGSVkZot8SPT7fedkODtjqNm0UZXiaMGlsFJ5Bv8DSaMJiQoF3FJ-NeOMoRtSQVN6fW3gFOf9ag4CsHFWUf9jt88xHP4yOOec58iZr8r5dWFe9t831Pdz9HN1sK-khkbM9BHccliZPR1fLFbLftXFHPUx_cZQdd2lpWh8rkhi94p7SI27cp22_kJekVObTG6LNrI7kIdacmko6a9W9_UBZLmaFiHZFcaugyfOMRCb4VIgDLXJms2xpxctM4dg9TtR97ABN3QrcDQA-AEAZIFBAgEGAGSBQQIBRgEoAYugAeS67fXAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEENzPA9IIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi04OTMzMzI5OTk5MzkxMTA0GMqrHg&sigh=wUlIvDsTtVI&uach_m=[UACH]&template_id=419
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
02b426d2c8feed2f28cb1a4d9ad53ab3.jpg
tpc.googlesyndication.com/sadbundle/3806833081653007621/media/ Frame A304 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3806833081653007621/media/02b426d2c8feed2f28cb1a4d9ad53ab3.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
fa08ef5186083fbed4b42b58c11d63aa72d3ca6b48a59470f9642fb48e0b2eb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6605
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 05:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Oct 2023 03:17:01 GMT
c899bce6eebfd02d92a54add2f7d358b.png
tpc.googlesyndication.com/sadbundle/3806833081653007621/media/ Frame A304 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3806833081653007621/media/c899bce6eebfd02d92a54add2f7d358b.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
91e1430e0ff9fc6a4c15b37683c31c18a412e2cfa45529fe5b554544f5dd0fc1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2661
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 05:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Oct 2023 03:17:01 GMT
60d7775764f8eba8b06a4f4796d23de9.jpg
tpc.googlesyndication.com/sadbundle/3806833081653007621/media/ Frame A304 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3806833081653007621/media/60d7775764f8eba8b06a4f4796d23de9.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8767d7729f9a11e14d0c687ee2c05b6e884850a72e7d911f866f5c0166e7c272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3366
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 05:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Oct 2023 03:17:01 GMT
e32ba0058f6f2b76ed9b36806172fb03.png
tpc.googlesyndication.com/sadbundle/3806833081653007621/media/ Frame A304 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3806833081653007621/media/e32ba0058f6f2b76ed9b36806172fb03.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
672f7646526d14fa32ba60e2a0ff41a10a593e667d2c0a9f629f3c7b1de7e89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3256
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 05:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Oct 2023 03:17:01 GMT
a22e1cdde0a9620bd3d076f87cb2c7bc.jpg
tpc.googlesyndication.com/sadbundle/3806833081653007621/media/ Frame A304 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3806833081653007621/media/a22e1cdde0a9620bd3d076f87cb2c7bc.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
320b20ff2b90461d5add97a59372c168016ba232fde4133f8c1f8f96689f9c8b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3204
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 05:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Oct 2023 03:17:01 GMT
30ace2f28337240a8002c3478888d049.jpg
tpc.googlesyndication.com/sadbundle/3806833081653007621/media/ Frame A304 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/3806833081653007621/media/30ace2f28337240a8002c3478888d049.jpg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
85cce7c9935819acc47cbf137bfe189bd70cd36c45c88439c7e127c9f51f8369
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3195
x-xss-protection
0
last-modified
Wed, 25 Aug 2021 05:15:18 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 09 Oct 2023 03:17:01 GMT
truncated
/ Frame A304 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4f12ef207ad84aa680fa6e5cdbaec557dcf6e99b875c40cf845ae048e92f8d14

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cookie.js
partner.googleadservices.com/gampad/ Frame 59BB 		210 B
641 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3D6ac0a61591736459%3AT%3D1665285420%3AS%3DALNI_MYuyCWKmtYZqEFhQQx4xhZCLoY-Mg&gpic=UID%3D00000a2457415d43%3AT%3D1665285420%3ART%3D1665285420%3AS%3DALNI_MarQmHbRg5VIissbvlSggdbsi958Q&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f155.1e100.net
Software
cafe /
Resource Hash
1f6d593c37064c79ef8fc96e5c1375bb6a084700442ab1e23238141cbb16cf30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 59BB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 59BB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame BDFB
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.33.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-33-38.sin2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1652
content-length
673
content-type
text/html
date
Sun, 09 Oct 2022 02:49:37 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 ba8bc65829da40e60d0f5a1aec087956.cloudfront.net (CloudFront)
x-amz-cf-id
L4o0aLxg-N-6TiXAog2BH27RKm-Dt4P1H-jPkXxvBDibvVIYFNBuuw==
x-amz-cf-pop
SIN2-P1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:01 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 4D67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CUX1SLD1CY8CRIsWIyAP06rP4BqzX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQngAgCoAwGqBM8CT9CqEctS0-DtD5w3Jnm_nr_bDJgltz0XKFyr07j8pTfl3H_JB8E3t1vMtvkPJymXMpFrYpmODoShkfKsS8j3_C3rBCMWF3jWQW92il1IvBI-Zq6Hs_LvyZ89jMPX7eeY2BdTpBYc1cvp8Yc30kLFUmcTga33TTTeRpSou1diw5OGjXgGcpjWqVC2A6WHq2Abx2q-q3yhNZ6zr0aglwTsZOv5AQm31lxLsDDo8JEHWl4gyMVJLMA8SEyfrUr6t24Z4RcO1oibEutMfz-UiV4P1sHiLJYIE3fMiUdrt2h1_p5h1MXZZfNVhSyBe3OZzPB8k8wgIGGgKhvQIYtt5V9Y32p4SZTc4etBd0f1L-SQQE2UVQ5X0wTaPaCrFQO4B5WGTfp3e9axaIsb-VWGfRicJIsLAC2ABmuIdErNgjnDnFEcoBBynqysFs2JNgoyoW7gBAGABtrisZ7Kkva7NKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBA8ggbYWR4LXN1YnN5bi01MjM5OTM4MjEzODcwMzgwgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg5MzMzMjk5OTkzOTExMDQYyqse&sigh=BvAVp9-tV8E&uach_m=[UACH]&cid=CAQSOwDq26N9Ct1cDkEttzXRlugjmmgyKSUYwkx5OPnRTueW0i4-8aD6NfnRbdFViJbfBbzj1zlQdaQAzWNNGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
hblg.media.net/ Frame 4D67 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=7.039775E-4&viewability=77&device_id=4&cbdp=0.02&slotVisibility=1&dn=bg3.co&acid=3c27da02f5d5433fb388e034f6eb794b&ugd=4&size=300x250&pvid=313&csip=rtb-common-istio-c5ddbccdc-6blwt.SG&ogbdp=0.02&prvReqId=16304301467737_2004562338_12560846613131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&scrid=1700080807683300300025000039600&mang=1&bidrestime=1665285420695&cid=8CUSE6W07&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 09 Oct 2022 03:17:02 GMT
log
qsearch-a.akamaihd.net/ Frame 4D67 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0200&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=0.0&adtyp=0&req_id=Y0I9LAAJ4u8Kj-AKUQm2Dg&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=300x250&url_l1=a&f_seg=&url_l2=xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.7700&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html%2F&bidrestime=1665285420695&cc=AU&strg=no_strategy&ss=&current_hour=2&time_stamp=2022-10-09+03%3A17%3A00&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=3c27da02f5d5433fb388e034f6eb794b&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=1&totalTime=2210020&dmm_m1=2022-10-09+03%3A17%3A00.696974459&e_rpm=0.0000&dmm_m22=0.0200&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CUSE6W07&bcrid=1700080807683300300025000039600&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-c5ddbccdc-6blwt.SG&dfp_bucket=0.0&adblk=1420297610&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=125608466&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.87.193.156 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:02 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 09 Oct 2022 03:17:02 GMT
nmedianet.js
contextual.media.net/ Frame 4D67 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU84X179
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
56e5447052b8b0b4d07a88d32abd669fb7aac3704c91f886da382ad8aca89f8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-tx5k
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 09 Oct 2022 03:17:02 GMT
server
Apache
etag
"21f0b8c9cd9466c6969cb4df731cb092"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-32
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:22:02 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 4D67 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 09 Oct 2022 03:17:02 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=55333
access-control-allow-credentials
true
content-length
62892
expires
Sun, 09 Oct 2022 18:39:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 4D67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 4D67 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:51:51 GMT
l
www.google.com/ads/measurement/ Frame 4D67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSbNDQsBqjMVEifJvDdL4k7nvOZTnpkCfwBjDp-zII_XVqqhTjeiWdEfV6xiQqh4IBw-ZV5_10j950a_H54SxveEW1TUQ
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4D67 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 21:32:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4D67 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:01 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame EF1D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame EF1D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:51:51 GMT
l
www.google.com/ads/measurement/ Frame EF1D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSTyf0l-Y8gBDBV_uh92K6i6PK0LaGzDGCL1jYqjrxBxMfIat5d8vBMkwfPKzhkiOqZrs68_Amm-4QG1XlghRErG4p-QA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EF1D 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:01 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame EF1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1XUqLT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSoAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlUTZPu8zFXl0tabtQGfI66kxu4hGfRMcDM-lOGw5JPHJip0Mq_flgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgECACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNDQ4NTIzOTQyNTkyNDc4NxjizBk&sigh=TgmpD1Qkfhw&uach_m=[UACH]&cid=CAQSKQDq26N9n1709QNaWNiBzr_g0GCijyx6T7jVOyeK3Y-jN1rlq_gpqDinGAEgEw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 03:17:01 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.jp2.as.criteo.com/google/auction/ Frame EF1D 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=k4XhE5zIC9ACmAJi-C0SAgAAACE5AQwCW-6I5uT8IWU3JEEQLT1CY6NYDtFAEsoHQ-RhABIAAA&wp=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
227447
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 08CA 		37 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
fd811bea0deea20810d220f94dcb21e9403ea6f7661ebc753ca290bcd48f9490
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:02 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=5k1eCmJpLjkrKZ6-HMtVg1UtqwRcmolJ7yU_mTKrmyxy2Pr-rOyNu8ZKa7P6QyKEuBpCeTzxGp1RnP_uojSt4Twvb846ihxHhNssvA4huD4vf5khF4SSKpWiC4borfWYtJcTlNLCCDoiQHBgfcYqmEu2AVN5LChOrH-Voh-FGg77KPjLA85MHLRRVF0Kgfj9Ct4D-QxNOIELsICOFoI_99iwkvL6_QC_PyfvWkzVyqF49ktINZRbnPNCUDrCC1Od7Lgkoxr9TZNyQbdT"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
5162989
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame FDA1 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:35:02 GMT
etag
48472445140208031
expires
Mon, 10 Oct 2022 01:35:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
securepubads.g.doubleclick.net/pagead/ Frame 1274 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CEb_mLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTQAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6CDLYLGhlEWpUNvEoe5vCmqqokUTTQAp8Xs2Q4PbhvVGFa2gKmIU-AEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=fJrPiZ8Gv6w&uach_m=[UACH]&cid=CAQSOwDq26N9Ct1cDkEttzXRlugjmmgyKSUYwkx5OPnRTueW0i4-8aD6NfnRbdFViJbfBbzj1zlQdaQAzWNNGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 1274 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kKPkDc7xBnjYBGL4LRICAAAA-ONZtFtuTcMQLD1CY3zwppvqubMOvqdLABIAAA&wp=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
174528
content-length
0
afr.php
ads.as.criteo.com/delivery/r/ Frame 9471 		126 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f36f771a4abc46436e7eab89fcc42bb7b1c7df9588e63ca9ed7ce6be92e4bd6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:01 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=wIhCK2JpLjkrKZ6-43Ek6p5D1QygxJm1QBHINzzgVMJ5n17tcC8hvM3lplqmJrZiqRPB4NLZV3WcWJlLwARBCw1nNxYRVsVEdIkdS2D0R3O2pw6w6mrN90zuDrAkGHTYAqCbiD9cb58jCOQyl_0Qb_lVGy_CYTO3CqjItWolFVdmChjWd6TxNKC0tNk68DSVAEbAuea2w936D51rsyMQeovgXrv3T6elpis7GTUA-S0NsHAw855D7l92KQXhP0mePyfg-g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60811536
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1274 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:35:47 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 51CE 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6119
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:35:02 GMT
etag
48472445140208031
expires
Mon, 10 Oct 2022 01:35:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 1274 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1510
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:51:51 GMT
l
www.google.com/ads/measurement/ Frame 1274 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSGuQD1zzjzTVKGDcS-Wbpnk17o0JELTGX2w-DtH1XEs86aQGarxuF0MrVWQmHfq4w4o9yO4u3QqnZGp1TrvYfpcJ7-gQ
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 1274 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 04 Oct 2022 21:32:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
366286
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 04 Oct 2023 21:32:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1274 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:01 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
2141416af3ce8aaba13baae795b83a89ebdc5d534d2bb863f55427193e3e9916
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76544
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Sun, 09 Oct 2022 03:17:02 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageVisited&data=eyJzZXNzaW9uSWQiOiI5MjM0MzJfMTY2NTI4NTQxOTkxOCIsInVzZXJJZCI6IjIzNTc0Nl8xNjY1Mjg1NDE5OTE5Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiODUwMzA2XzE2NjUyODU0MTk5MTkiLCJwYWdlUGF0aCI6IiUyRmElMkZ4aW4tYmVpLTJudS0xbmFuLXd1LW5laS1rdS1kdS10YS1zaHVpLXhpbmctbGlhbmctaHUtbWVuZy1kYW8tYmVpLXlpLXF1bi1ndWktemh1YS1uYW4tdG9uZy14dWUtbWlhby14aWEtZGFvLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGeGluLWJlaS0ybnUtMW5hbi13dS1uZWkta3UtZHUtdGEtc2h1aS14aW5nLWxpYW5nLWh1LW1lbmctZGFvLWJlaS15aS1xdW4tZ3VpLXpodWEtbmFuLXRvbmcteHVlLW1pYW8teGlhLWRhby5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2NTI4NTQyMTc0OH0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
server
nginx/1.14.0 (Ubuntu)
css2
fonts.googleapis.com/ 		3 KB
605 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins:wght@400;500;600&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 09 Oct 2022 02:55:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Oct 2022 03:17:02 GMT
iJWKBXyIfDnIV7nBrXw.woff2
fonts.gstatic.com/s/rubik/v21/ Frame A304 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Rubik:400,700,300,500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f94.1e100.net
Software
sffe /
Resource Hash
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 05 Oct 2022 08:07:35 GMT
x-content-type-options
nosniff
age
328167
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33580
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Oct 2023 08:07:35 GMT
pixel
cm.g.doubleclick.net/ Frame FDA1
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESELbhkCQQZP42yhVj7_K-hGY&google_cver=1&google_push=AZmPxg-UZ7eJ0xxjpPdtMkEbrGYGTQzSLylkPkzEPqT1gjD2-aKKFpcPOGMZEkCVFG7H42aRX_cBuulOIPBvay7bzb...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESELbhkCQQZP42yhVj7_K-hGY&google_cver=1&google_push=AZmPxg-UZ7eJ0xxjpPdtMkEbrGYGTQzSLylkPkzEPqT1gjD2-aKKFpcPOGMZEkCVFG7H42aRX_cBuulOIPBvay7bzb...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTFiYjBmNjEtM2M5YS00Zjk1LWEwNjgtZTg5ZGU5YWE5NGJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
170 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTFiYjBmNjEtM2M5YS00Zjk1LWEwNjgtZTg5ZGU5YWE5NGJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=ZTFiYjBmNjEtM2M5YS00Zjk1LWEwNjgtZTg5ZGU5YWE5NGJh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
423
pixel
cm.g.doubleclick.net/ Frame FDA1
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESECjZE_Z3slB4PInhizkGZfs&google_cver=1&google_push=AZmPxg8xQp9ZoRmhRDiVIS_p8CTOFd7p6vQAmOKaRgZTUMj-TfRqtNedBXVTRHkxgPOLkYjmo3DVKm_i3LUsrCC8qYnPihynwwg0n...
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8xQp9ZoRmhRDiVIS_p8CTOFd7p6vQAmOKaRgZTUMj-TfRqtNedBXVTRHkxgPOLkYjmo3DVKm_i3LUsrCC8qYnPihynwwg0ni9R_4oPlBcXVRV9feq-LrvN8bUcuvsJR6...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8xQp9ZoRmhRDiVIS_p8CTOFd7p6vQAmOKaRgZTUMj-TfRqtNedBXVTRHkxgPOLkYjmo3DVKm_i3LUsrCC8qYnPihynwwg0ni9R_4oPlBcXVRV9feq-LrvN8bUcuvsJR6jPjgXR7KQ&google_hm=wzQey4D8yQMNL9fi_LFoOQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:01 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AZmPxg8xQp9ZoRmhRDiVIS_p8CTOFd7p6vQAmOKaRgZTUMj-TfRqtNedBXVTRHkxgPOLkYjmo3DVKm_i3LUsrCC8qYnPihynwwg0ni9R_4oPlBcXVRV9feq-LrvN8bUcuvsJR6jPjgXR7KQ&google_hm=wzQey4D8yQMNL9fi_LFoOQ==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
r4c8i0rumehu2tj47rd8bcuhloh4kvu6
pixel
cm.g.doubleclick.net/ Frame FDA1
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_E2hXyWIcBEg7ivOSpAGZU93pt1bVIZto5Zw5i8tkFztyGZOkGgX9gveeM_tc76F31GZZbF7MNdRnX-Osb6At8PTxAxxG7ChC46Quem_KfQsse2NRC_F8ATQmijWRDHtJ0fv7KZzU
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_E2hXyWIcBEg7ivOSpAGZU93pt1bVIZto5Zw5i8tkFztyGZOkGgX9gveeM_tc76F31GZZbF7MNdRnX-Osb6At8PTxAxxG7ChC46Quem_KfQsse2NRC_F8ATQmijWRDHtJ0fv7KZzU
date
Sun, 09 Oct 2022 03:17:02 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame FDA1
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEPrk1ASulFdYjqc3lq1W80I&google_cver=1&google_push=AZmPxg_y1-2A3SBYskVw6nj3ftFGZrcud0kuMRRj33ZsnQgQFflEth_ckqahUiWXaos5avLZCCV...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==&google_push=AZmPxg_y1-2A3SBYskVw6nj3ftFGZrcud0kuMRRj33ZsnQgQFflEth_ckqahUiWXaos5avLZCCV5cFdRIAkQffMgxe2Tl1ujx5C-0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==&google_push=AZmPxg_y1-2A3SBYskVw6nj3ftFGZrcud0kuMRRj33ZsnQgQFflEth_ckqahUiWXaos5avLZCCV5cFdRIAkQffMgxe2Tl1ujx5C-02Mfc3-nKjP_8BfWS9nf35ho0I_rPxF88jRAds9CE1A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==&google_push=AZmPxg_y1-2A3SBYskVw6nj3ftFGZrcud0kuMRRj33ZsnQgQFflEth_ckqahUiWXaos5avLZCCV5cFdRIAkQffMgxe2Tl1ujx5C-02Mfc3-nKjP_8BfWS9nf35ho0I_rPxF88jRAds9CE1A
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
pixel
cm.g.doubleclick.net/ Frame FDA1
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEL9Shi6LDfGzmp2TTrEyFrw&google_cver=1&google_push=AZmPxg-SFejwp3GyS9JjxQZQ376XNRf7dDQGs5KL29iM7irvUZZaCs4v-n5mmg3yJVokB4ji-2VQb31pDZsmVx9Z8F1kM4Do-OJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-SFejwp3GyS9JjxQZQ376XNRf7dDQGs5KL29iM7irvUZZaCs4v-n5mmg3yJVokB4ji-2VQb31pDZsmVx9Z8F1kM4Do-OJesFDM4_NNR39skIbdvQN4-Gk8QbiLELJ...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-SFejwp3GyS9JjxQZQ376XNRf7dDQGs5KL29iM7irvUZZaCs4v-n5mmg3yJVokB4ji-2VQb31pDZsmVx9Z8F1kM4Do-OJesFDM4_NNR39skIbdvQN4-Gk8QbiLELJJtZIUHfy5sQ&google_hm=ZzMxODYxYWJjNjVjOGRlZjQ1MWY=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg-SFejwp3GyS9JjxQZQ376XNRf7dDQGs5KL29iM7irvUZZaCs4v-n5mmg3yJVokB4ji-2VQb31pDZsmVx9Z8F1kM4Do-OJesFDM4_NNR39skIbdvQN4-Gk8QbiLELJJtZIUHfy5sQ&google_hm=ZzMxODYxYWJjNjVjOGRlZjQ1MWY=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pub
cs.chocolateplatform.com/ Frame FDA1 		0
0
pixel
cm.g.doubleclick.net/ Frame FDA1
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESECbmQVRDOWJd_r10onzVA54&google_cver=1&google_push=AZmPxg-B-tirjU7WwPbYSqg1fDtH6I8MfAEAEVkSp2589UeJhcpU0E-BOdDA18KwbMj0qqbs1sLH-8wB-vIS88985...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZWM5MTJmMjUtMDBjYi00NWMyLWE5NTItZDIxYjY3ZGZlZmNj&google_push=AZmPxg-B-tirjU7WwPbYSqg1fDtH6I8MfAEAEVkSp2589UeJhcpU0E-BOdDA18Kw...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZWM5MTJmMjUtMDBjYi00NWMyLWE5NTItZDIxYjY3ZGZlZmNj&google_push=AZmPxg-B-tirjU7WwPbYSqg1fDtH6I8MfAEAEVkSp2589UeJhcpU0E-BOdDA18KwbMj0qqbs1sLH-8wB-vIS88985sY25aWQw0sYRJK-DeRla6vnPliQlHkX0BwHd_mGuGhJ2yWWqzYuPuQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=ZWM5MTJmMjUtMDBjYi00NWMyLWE5NTItZDIxYjY3ZGZlZmNj&google_push=AZmPxg-B-tirjU7WwPbYSqg1fDtH6I8MfAEAEVkSp2589UeJhcpU0E-BOdDA18KwbMj0qqbs1sLH-8wB-vIS88985sY25aWQw0sYRJK-DeRla6vnPliQlHkX0BwHd_mGuGhJ2yWWqzYuPuQ
date
Sun, 09 Oct 2022 03:17:02 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame FDA1 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L-awNBC3sq13qvnd55iXGWWmXIlUE2ZI6F0bSFwhbyqQ3fZeS1sYDFtlXn98g4WdRjiBzHRw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Oct 2022 03:17:02 GMT
pixel
cm.g.doubleclick.net/ Frame 51CE
Redirect Chain
  • https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_cver=1&google_push=AZmPxg8vjjK1B6h8YFL1UaH4sL3vf1jH-vZWdfM8CYcFsDik2TVb5wQ...
  • https://dclk-match.dotomi.com/match/bounce/current?DotomiTest=53c25f9e73d11aff&is_secure=true&networkId=14000&version=1&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_cver=1&google_push=AZmPxg8vjjK1...
  • https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJsT04pwnuSwNdqMDIAAAAAAA&expiration=1665371822&google_cver=1&is_secure=true&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJsT04pwnuSwNdqMDIAAAAAAA&expiration=1665371822&google_cver=1&is_secure=true&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_push=AZmPxg8vjjK1B6h8YFL1UaH4sL3vf1jH-vZWdfM8CYcFsDik2TVb5wQ4ILRtyNKWYQYd5loX-kArPsA0GfNJcJggzPB6rskbiFINZFAe1PxDl8Gp8_IikWJOhwLTGERVsoxzkFtD1p7nZkFO
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
nginx
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP NID OUR STP"
location
https://cm.g.doubleclick.net/pixel?google_nid=dotomi&google_ula=17128,0&google_hm=AAAJsT04pwnuSwNdqMDIAAAAAAA&expiration=1665371822&google_cver=1&is_secure=true&google_gid=CAESEC8GBMoPm2PYxbLGl5xb2rI&google_push=AZmPxg8vjjK1B6h8YFL1UaH4sL3vf1jH-vZWdfM8CYcFsDik2TVb5wQ4ILRtyNKWYQYd5loX-kArPsA0GfNJcJggzPB6rskbiFINZFAe1PxDl8Gp8_IikWJOhwLTGERVsoxzkFtD1p7nZkFO
cache-control
no-cache, private, max-age=0, no-store
content-length
0
expires
0
i.match
s.tribalfusion.com/z/ Frame 51CE
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEKFa-e6C9c9-AcGk1VgQMnU&google_cver=1&google_push=AZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUV...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFa-e6C9c9-AcGk1VgQMnU&google_cver=1&google_push=AZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10D...
43 B
414 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFa-e6C9c9-AcGk1VgQMnU&google_cver=1&google_push=AZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
content-type
image/gif; charset=utf-8
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7573f60258e1a7f5-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
612
content-type
text/html
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEKFa-e6C9c9-AcGk1VgQMnU&google_cver=1&google_push=AZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg8dsW62-AhBRt7_XpbmnGvepGwScoyLUMC4O_FEvqasieculky_GW5c5gn0IIerKFcsX82VAP3fZJIq_I0WPOLPsDKc10DUVj2F8Za4s3OqVQ8bKV10zHuiV8KqNOlh8gBA7Fs4lnM%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
cf-ray
7573f6009f4fa7f5-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 51CE
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPXleyVwtaqJ_vvmbIwXI7E&google_push=AZmPxg9OUyXZSKKNtXzlTtIP0NhD7bufuaHjEzANP0Z1_TdPseXDVKJPdo...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPXleyVwtaqJ_vvmbIwXI7E&google_push=AZmPxg9OUyXZSKKNtXzlTtIP0NhD7bufuaHjEzANP0Z1_TdPseXDVKJPdoHU0HpaKIxuPYVJobXELigH4jYd5TVif3xPfzzhreZ-P8J6tDDueCN2WMs1qKLSI3c69TnQ9-7tmgV1kLVQSl3U
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1665285422.178741,VS0,VE213
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPXleyVwtaqJ_vvmbIwXI7E&google_push=AZmPxg9OUyXZSKKNtXzlTtIP0NhD7bufuaHjEzANP0Z1_TdPseXDVKJPdoHU0HpaKIxuPYVJobXELigH4jYd5TVif3xPfzzhreZ-P8J6tDDueCN2WMs1qKLSI3c69TnQ9-7tmgV1kLVQSl3U
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 51CE
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEEN9IcOrYihGfrv4moET0oU&google_cver=1&google_push=AZmPxg8jPjxvmBvjZrD01J7yrEhzB8EgXmF3OJA6i14mcMohr12gT6axFDuJszd9EkGhi46YTCZ826hnhf_rnclgO9F0UGsTf6Bt-xh-v...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg8jPjxvmBvjZrD01J7yrEhzB8EgXmF3OJA6i14mcMohr12gT6axFDuJszd9EkGhi46YTCZ826hnhf_rn...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg8jPjxvmBvjZrD01J7yrEhzB8EgXmF3OJA6i14mcMohr12gT6axFDuJszd9EkGhi46YTCZ826hnhf_rnclgO9F0UGsTf6Bt-xh-vbiIQ9UyVQjtQ2JKOLkbmlzTPtD6Qh3K8FRUeSCU
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg8jPjxvmBvjZrD01J7yrEhzB8EgXmF3OJA6i14mcMohr12gT6axFDuJszd9EkGhi46YTCZ826hnhf_rnclgO9F0UGsTf6Bt-xh-vbiIQ9UyVQjtQ2JKOLkbmlzTPtD6Qh3K8FRUeSCU
date
Sun, 09 Oct 2022 03:17:02 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
287
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame 51CE
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEL2ug4B-XT8kng0Fld27yNs&google_cver=1&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzd...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEL2ug4B-XT8kng0Fld27yNs&google_cver=1&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzd...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzdGAVukljlsyZmRcx5rfIk4AxqTSMtEtM7ymh3ezBMxUysR7iZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzdGAVukljlsyZmRcx5rfIk4AxqTSMtEtM7ymh3ezBMxUysR7iZbSv5QN263CROHf&google_hm=MDUwMzAwMDJfNjM0MjNkMmVkNDhhMQ%3D%3D
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 09 Oct 2022 03:17:03 GMT
server
nginx
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
access-control-allow-origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AZmPxg-z43x4V7UQzHbiTkWIwh2Lt2XgIW-Q_4q6iDFBHL4wNjAMFHQaKUyE3gtsgiH29jo3SC8271mRzdGAVukljlsyZmRcx5rfIk4AxqTSMtEtM7ymh3ezBMxUysR7iZbSv5QN263CROHf&google_hm=MDUwMzAwMDJfNjM0MjNkMmVkNDhhMQ%3D%3D
content-type
text/html; charset=UTF-8
cache-control
no-cache
keep-alive
timeout=10
access-control-allow-headers
Origin
pixel
cm.g.doubleclick.net/ Frame 51CE
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEL9Shi6LDfGzmp2TTrEyFrw&google_cver=1&google_push=AZmPxg_JdkpgdAV9cljFTSOeNTNjUbiQKORxHfyPW-37XdenuLjnSCcaydr2kcAFSl2rZ7JqKaUpRuRJZNmEzSdT-97bPfVnS37...
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_JdkpgdAV9cljFTSOeNTNjUbiQKORxHfyPW-37XdenuLjnSCcaydr2kcAFSl2rZ7JqKaUpRuRJZNmEzSdT-97bPfVnS37Nixeah9fPe-Pu1awQrh9Scm1KSyWVz8h...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_JdkpgdAV9cljFTSOeNTNjUbiQKORxHfyPW-37XdenuLjnSCcaydr2kcAFSl2rZ7JqKaUpRuRJZNmEzSdT-97bPfVnS37Nixeah9fPe-Pu1awQrh9Scm1KSyWVz8hq-bsLZWbAoJWe&google_hm=ZzgyMmMzMjA4MzEwNDNkNmY5NTc=
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=AZmPxg_JdkpgdAV9cljFTSOeNTNjUbiQKORxHfyPW-37XdenuLjnSCcaydr2kcAFSl2rZ7JqKaUpRuRJZNmEzSdT-97bPfVnS37Nixeah9fPe-Pu1awQrh9Scm1KSyWVz8hq-bsLZWbAoJWe&google_hm=ZzgyMmMzMjA4MzEwNDNkNmY5NTc=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 51CE
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEBq5f9OxD-89tNxCPRTE_6E&google_cver=1&google_push=AZmPxg8J7GLY0-tS5ef2K0Y-waamkqulxJOXKOFwWy-k7t-WpWf9dGP0xVzoQ2bRgs9TJs0ycNMsS5n3Ta59K2Np5booLGAARtWyi...
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8J7GLY0-tS5ef2K0Y-waamkqulxJOXKOFwWy-k7t-WpWf9dGP0xVzoQ2bRgs9TJs0ycNMsS5n3Ta59K2Np5booLGAARtWyiWsHnNlkeoYt5QA22wgF83cHTkhpDc...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8J7GLY0-tS5ef2K0Y-waamkqulxJOXKOFwWy-k7t-WpWf9dGP0xVzoQ2bRgs9TJs0ycNMsS5n3Ta59K2Np5booLGAARtWyiWsHnNlkeoYt5QA22wgF83cHTkhpDcgMtmXJgA7zgKlO&google_hm=ec9c82ba11a9ed9b1776e5d0a20b77cd
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AZmPxg8J7GLY0-tS5ef2K0Y-waamkqulxJOXKOFwWy-k7t-WpWf9dGP0xVzoQ2bRgs9TJs0ycNMsS5n3Ta59K2Np5booLGAARtWyiWsHnNlkeoYt5QA22wgF83cHTkhpDcgMtmXJgA7zgKlO&google_hm=ec9c82ba11a9ed9b1776e5d0a20b77cd
date
Sun, 09 Oct 2022 03:17:02 GMT
content-type
text/html; charset=UTF-8
server
nginx
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame 51CE 		0
49 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Jw6-cjXLYpolKtDrJG1JE4mIB5dBxOCaTLYXn1wpgQc4W7BbXOslYXQQ2xeQ35xYkWBZUp
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
truncated
/ Frame EF1D 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f3839041050316885af9517d3d3e96f4084fdcc7c02d3ca0b865dc693d1d0fce

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 1274 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5377c2105c7ec9ea7c60ecab0f97e0b0beddc219f554f21661a390135cf25dc1

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 08CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 08CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 08CA 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Oct 2023 03:17:02 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame BDFB 		112 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
d582338a3f0f86297d8546be5c0e9096ac4375ce2e29899e45d1294ee72ce41d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38008
x-xss-protection
0
server
cafe
etag
10874768951945520967
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:17:02 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 08CA 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Oct 2023 03:17:02 GMT
index.html
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/ Frame 1327 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2a42afe3f95e065e32f837ef95125257c1e16f6464cb981b1b5e6faae2a5fae5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-origin
*
cache-control
max-age=31104000 public
content-encoding
gzip
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:02 GMT
etag
W/"62bcee38-66d"
expires
Wed, 04 Oct 2023 03:17:02 GMT
last-modified
Thu, 30 Jun 2022 00:28:40 GMT
server
nginx
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 08CA 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=I_5KNaVwL7YB83wwQLaOx8MZCpeqQfYyvD84TGFTN-e05Z22bapQkzwkFsaEciKQp-pirSyKUQkF-JuiEsaVG8P0uGnut6qfZXwslTAqovD6Wyvwo5TZkBtWx592lxK49RtcIHvLT_JkpCueZurtnluDjyeXIqor-w6MqaMZ2FH2ddkoLf6mjGC-y6qhwr9evHphBbi9j_LtB5iDfOTAseTLMpxoDHJUS1HaRElgt5mq6jqTdlw1XHKCK2VboicDO8ldeMirQe9UPW_NiXkrXKiEacC3rNoBW4ly-A4cgl0bHqch8vFL5rcbnu8odJwM4qHyPMHsoypTljJrdQPR9Pf1VWoGiPLGHBcboK4n8G5ZBkGoC22Ki9nLIj8GxLytxRnLvRfRRH-dGkYgdRKmXHV1IkQvvWHno5mkItdlFHrUMoguXQO_7nerymNG0HfGDBQLbQ
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2711323
expires
Mon, 26 Jul 1997 05:00:00 GMT
all
csm.as.criteo.net/ Frame 08CA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=5k1eCmJpLjkrKZ6-HMtVg1UtqwRcmolJ7yU_mTKrmyxy2Pr-rOyNu8ZKa7P6QyKEuBpCeTzxGp1RnP_uojSt4Twvb846ihxHhNssvA4huD4vf5khF4SSKpWiC4borfWYtJcTlNLCCDoiQHBgfcYqmEu2AVN5LChOrH-Voh-FGg77KPjLA85MHLRRVF0Kgfj9Ct4D-QxNOIELsICOFoI_99iwkvL6_QC_PyfvWkzVyqF49ktINZRbnPNCUDrCC1Od7Lgkoxr9TZNyQbdT&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 08CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 08CA 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame 9471 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame 9471 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 9471 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Wed, 04 Oct 2023 03:17:02 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 9471 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Wed, 04 Oct 2023 03:17:02 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame 9471 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=dodnnAgxYtGFaRj-fw1D5TonsUHUBfxra30TXinGL_gVx-lwS6842MD3W218_qfC4nnY8v51l7r8bWZbSA6w0fNFdi1V_6YtZmB-DWhkMNazxntLZreUyNVWF-GKSi4Wt9f0so1tqtMWVuBDkwuHqrKM2f108VN0KZOO-huklu9MOdEUAblBM7XEHHC-VBKqYDE-On9FZq1WV-hAVQINZmqluEfggJ00HUlBVvWEpx2uyXW8xJrk6JTmvX8snGoUqlznCnWvMwwRaHGxLk6WW1WDLIW-zzkfn0bHgQGZW__3vd-Pwfd56e0jahP38Ycdv6V_4sV7lBmJZhi2kI1xOygIIBDwv5RRFWYOu4S1FOpHLge5YwOey_IPaS4FOwLdfNC5i5PHPpwqWr00PLMMmGttMs8uFlAVOb5oUkIVVVCcjUKr6QH1LxaACLGH3ihe3ZyK2g
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3390871
expires
Mon, 26 Jul 1997 05:00:00 GMT
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oea50&_p=6065&cid=266397392.1665285420&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1665285422&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&dt=%E6%96%B0%E5%8C%972%E5%A5%B31%E7%94%B7%E5%B1%8B%E5%85%A7%E8%8B%A6%E8%AE%80%E3%80%80%E5%A5%B9%E7%9D%A1%E9%86%92%E9%A9%9A%E5%91%BC%E3%80%8C%E5%A4%A2%E5%88%B0%E8%A2%AB%E4%B8%80%E7%BE%A3%E9%AC%BC%E6%8A%93%E3%80%8D%E7%94%B7%E5%90%8C%E5%AD%B8%E7%A7%92%E5%9A%87%E5%88%B0%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview_to_pub_ga_failed_unique&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 9471 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
img
pix.as.criteo.net/img/ Frame 9471 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=110&m=0&partner=14334&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F14334%2F171101%2F9f551d1148a74daea217922b5119e413_logo_all_horizontal.png&v=3&w=236&s=VqFQpMbi2dx0kTgp4tVEW60W
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
af0e2b11115d7e046116496a52897b899e8af4b8c1bc735862c922d340a1be18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=27661216
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6204
expires
Fri, 25 Aug 2023 06:57:20 GMT
img
pix.as.criteo.net/img/ Frame 9471 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=14334&q=80&r=0&u=https%3A%2F%2Fstatic.petersofkensington.com.au%2Fimages%2FProductImages%2F445470-Large.jpg&v=3&w=400&s=6MA7i881pCfQ0oAGKlvaLE4K&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
1ed09b9b62065fa41718a7fa635f283a5e1228b455d21e5d25c100520c8d2517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1908311
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
18710
expires
Mon, 31 Oct 2022 05:22:15 GMT
img
pix.as.criteo.net/img/ Frame 9471 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=14334&q=80&r=0&u=https%3A%2F%2Fstatic.petersofkensington.com.au%2Fimages%2FProductImages%2F451387-Large.jpg&v=3&w=400&s=XJZbHAvlV_LKzFPIRgB174Mn&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
cd0e59b47a7d39641f7853b5ee1120fa1706def86951dc91043cc515b0bdddad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1902639
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
12166
expires
Mon, 31 Oct 2022 03:47:42 GMT
img
pix.as.criteo.net/img/ Frame 9471 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=14334&q=80&r=0&u=https%3A%2F%2Fstatic.petersofkensington.com.au%2Fimages%2FProductImages%2F563218-Large.jpg&v=3&w=400&s=TYlpUiDJNCtPw8zXaC5BWUMP&b=400
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
12d64f39e11247479711a190b417b5e37f3c4cb5b28322de69d35df29fcf23b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1899156
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6848
expires
Mon, 31 Oct 2022 02:49:39 GMT
all
csm.as.criteo.net/ Frame 9471 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=wIhCK2JpLjkrKZ6-43Ek6p5D1QygxJm1QBHINzzgVMJ5n17tcC8hvM3lplqmJrZiqRPB4NLZV3WcWJlLwARBCw1nNxYRVsVEdIkdS2D0R3O2pw6w6mrN90zuDrAkGHTYAqCbiD9cb58jCOQyl_0Qb_lVGy_CYTO3CqjItWolFVdmChjWd6TxNKC0tNk68DSVAEbAuea2w936D51rsyMQeovgXrv3T6elpis7GTUA-S0NsHAw855D7l92KQXhP0mePyfg-g&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 03:17:02 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9471 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 9471 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Sat, 01 Oct 2022 02:55:29 GMT
server
nginx
etag
W/"6337ac21-161a8"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 10 Oct 2022 03:17:03 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/ Frame BDFB 		349 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
0aba74a89b95fb34186f6daed031c199222ff2abf4ae9a69a71a07abf44abf16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125836
x-xss-protection
0
server
cafe
etag
12016004277091134075
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:17:02 GMT
style.css
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/css/ Frame 1327 		1013 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/css/style.css
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:02 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:40 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bceeec-3f5"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:02 GMT
gsap_3.2.4_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 1327 		57 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.200.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sa-in-f149.1e100.net
Software
sffe /
Resource Hash
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23276
x-xss-protection
0
last-modified
Thu, 05 Mar 2020 03:53:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 09 Oct 2022 03:17:03 GMT
image-3.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/image-3.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
3e32821d9fb7d097ae2947687180f9d72e8d6587ca146961aff1e5c91cfe7957
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef5-3b22"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
15138
expires
Wed, 04 Oct 2023 03:17:03 GMT
image-2.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/image-2.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
689d691bc0a94e08a5731d2e34dd06ea9b907d40c1ccca65e8f9a4feb4fa9742
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:51 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef7-51a2"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
20898
expires
Wed, 04 Oct 2023 03:17:03 GMT
image-1.jpg
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/image-1.jpg
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b7f8a33337b7fce3e7b3dd76d839d1e9bf3b83dc7c5c6fabdc44e2795459c2e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:49 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef5-29cf"
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
10703
expires
Wed, 04 Oct 2023 03:17:03 GMT
copy-2.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/copy-2.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:47 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef3-88f"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2191
expires
Wed, 04 Oct 2023 03:17:03 GMT
copy-1.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/copy-1.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef4-768"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
1896
expires
Wed, 04 Oct 2023 03:17:03 GMT
logo.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/logo.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef4-809"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
2057
expires
Wed, 04 Oct 2023 03:17:03 GMT
endframe.png
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/ Frame 1327 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/img/endframe.png
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:31:47 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"62bceef3-25c7"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
9671
expires
Wed, 04 Oct 2023 03:17:03 GMT
leos-display.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/lib/ Frame 1327 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/lib/leos-display.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Jun 2022 00:32:30 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bcef1e-77a"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:03 GMT
animation.js
static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/ Frame 1327 		477 B
567 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/js/animation.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://static.criteo.net/html5/97390/20220630_newcustomeracquisition1/336x280/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
last-modified
Thu, 30 Jun 2022 00:31:40 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"62bceeec-1dd"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Oct 2023 03:17:03 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
server
nginx/1.14.0 (Ubuntu)
activeview
pagead2.googlesyndication.com/pcs/ Frame A304 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3YMX7E9_a4heRrKUEmjSLEnqSZVHv4ndNcQgeTCuuccsrn0Opo3kxCGRZ73OHpq4-MmS05d_n40jopx2orwL7grhO8Rg1dqRjOD4bWUrRQg8kcBe8yseQFtCNakf4iv7GzDU&sai=AMfl-YSSqeCQ60QC5Q_FtbAIQAv6cr_2zSfkdaV1ICTuAUj7FN6pJjZisBgi8GO5kZD9RslmWFpA_AVKShmaOb0sLvAdbge8gD0CmHCgn5hvTNgHKVNf4t7c296M33-y3Q&sig=Cg0ArKJSzLK2LQWovlQWEAE&cid=CAASFeRoDqz7_RgwpCoKtul1tAr6PjbfhQ&id=ampim&o=436,1110&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=695&tls=1696&g=100&h=100&tt=1696&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:02 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EF1D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyBqJF_Blszu4qwB82M-lAndA3EUa4YKiEBlvDxifLLEPtSh_2FoTRip2Y5QmC0M-EVPbkcNyYtjUqtMlmbli0lCo6&sig=Cg0ArKJSzJI3evmhOpwaEAE&cid=CAASFeRoyO_ernrtdF_927wjDi3sZ-ntFw&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665285421120&rpt=859&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 1274 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuzKmUqX7sA-6kcIoZ6HO2JELDDI-tqfWY48WNtIc32jlyiTnRrjQB-vg1DkYNclx6gkY1HsPFX6phabJ4XsJYpXR9F&sig=Cg0ArKJSzHR5wkzxNU42EAE&cid=CAASFeRo3O23DAU7jDg4ne9VwFgTpraiXQ&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665285421159&rpt=869&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
smtr
contextual.media.net/ Frame 4D67 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CU84X179&cpcd=ZbZ10Kmc6xAQM5DfjXsbhQ%3D%3D&crid=966716711&size=300x250&cc=AU&chnm=NO_STRATEGY&pid=8POW856F7&tpid=T1E3668&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&nse=5&vi=1665285422776511561&lw=1&ugd=4&adt1=8CUSE6W07&adt2=125608466&itid=17&bae=B44zgq4ege&bcpf=B44zg8fOnRrolnfOur8q4ege&bdrId=313&ntv=0&matchstring=hr%3D0%7C&kttle=SafeFrame%20Container&katpre=1&katbid=-103&pgid=p074189506t202210090317&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR-tzTzq2cANvQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CU84X179
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
5056cf2d1e7fb55d3d2f7cafbdb9f72483fcab3ccd435ae680c9bcd44b5ac719
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
22-sr0p
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-fdtn
timing-allow-origin
*
content-length
33680
expires
Sun, 09 Oct 2022 03:17:03 GMT
checksync.php
contextual.media.net/ Frame 0BBA 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSE6W07&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2a4914190edb349d258281eb2e73d7db14284118ff88314ca135ba9f27de755f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:17:03 GMT
expires
Tue, 11 Oct 2022 03:17:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 4D67 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4609&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&ifst=0&vid=Y0I9LAAJ4u8Kj-AKUQm2Dg&s_city=singapore&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=7.039775E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=04943111&scrid=1700080807683300300025000039600&itypeid=17&mx_SPRIG=0&viewability=77&renderer=1&be=0&rtime=29.0&adj0=0.0&tmax=300&s_ip=172.217.47.1&adj2=0.0&adj1=0.0&feedback_id=Y0I9LAAJ4u8Kj-AKUQm2Dg&adtypes=0&mx_aabpc=0&reqid=Y0I9LAAJ4u8Kj-AKUQm2Dg&sc=AU-NSW&sd=1&mowxReqId=3c27da02f5d5433fb388e034f6eb794b_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&bidrestime=1665285420695&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CU84X179-966716711-42-23&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CU84X179&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dn=bg3.co&dt=O&acid=3c27da02f5d5433fb388e034f6eb794b&actltime=34&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-2&bfs=103&rfc=-1&prvApiId=8CU84X179&epcexp=false&pubid=pub-ADX-101418826937-pub-rep&mx_bsProfile=0&cid=8CUSE6W07&bcrid=1700080807683300300025000039600&omul=1.0&res_mtype=0&suid=CAESEFTwTQ4lOiaHlJDqlbFuo7A&chnl=NO_STRATEGY&pst=0&reqsize=300x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU84X179&tgtval=pub-ADX-101418826937-pub-rep&__expireat=1665286020948&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=966716711&ckfl=0&lper=1&mx_tgs=300x250&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=34.0&epc=966716711&ctr_vendor=EXCHANGE&prvReqId=16304301467737_2004562338_12560846613131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-8933329999391104&ybnca_erpm=0.02&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=39&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-595f68d68b-xk6ls&currsrc_date=2022-10-07+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-09+03%3A17%3A00&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=0&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_PnozY9AgL7DuhRxqrX_i4zUlnDX3thumTZ4KN271H1ptxhvGI-SUkKlqIxAJN4w8H92&dmm_ogerpm=false&csip=rtb-common-istio-c5ddbccdc-6blwt.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=1420297610&fpuReq=0&vcmplrt=-1.0&crid=125608466&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.02~vw_exc%3D0.77~smm_bid%3D0.02~vis_sd%3D214~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022100818~iurl_b%3D8556.52~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.26~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D117%2C117~et%3D29~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100823~vis_b%3D715.43~url_b%3D0.12~url_tvi%3D0~smm_wr%3D2.6458~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.02~bm%3D1~smm_sd%3D2022100820~sid%3Deec915957ea00e30955522a4e6e0415c~sd%3D1~uid%3DaQw3XjRL9rz9eWeL2~btd%3D248904513883016793927609123321287397898124166738575218076333649218757026050344637239296~d2p_l%3D10~3pcf%3D600.6~uim%3D133~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.97~vurl_b%3D0.15~ss%3DNA~uiw%3D40~ce%3D0~rps_b%3D30.1~vurl_l%3D30~CI%3D2749~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D6.61~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.1~ivurl_l%3D30~supply_tag_id%3D%7Eviewability%3D0.77%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEFTwTQ4lOiaHlJDqlbFuo7A%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-8933329999391104%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D1420297610%7Esobp%3D%7Ectr%3D7.039775E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D300x250~bsb%3D0~bsp%3D0~tmx%3D253&utime=2458&sf=0&cpr=0.46290656075585956
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 09 Oct 2022 09:17:03 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame A95B 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6121
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:35:02 GMT
etag
48472445140208031
expires
Mon, 10 Oct 2022 01:35:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 4D67 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1888933cf1a7c6753cbe0dc4098845dc626a2491529c74959a7d7851fa7763de

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
integrator.js
adservice.google.com.au/adsid/ Frame BDFB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame BDFB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7B6E 		40 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
44a384915d8b1a0235b3c15b0743125d2735fc3f2ead1d9cec383ec2ec615c7b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
15863
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:03 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
json
gum.criteo.com/sid/ 		324 B
634 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
5b50faad5a36611054360f4d7cfcb8dfb0c5900b7fc6d3d1f1da819be3dc106b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
720353
expires
0
rid
match.adsrvr.org/track/ 		108 B
671 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
c42169de77426726816a7ccd38d4c30573c9ebb0156d2cbe2626d312299e9d08

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Tue, 08 Nov 2022 03:17:03 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 559A 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.65.229.2 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 03:17:04 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 28F1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.129.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
77545
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sun, 09 Oct 2022 03:17:03 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 28 Sep 2022 05:44:18 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
5, 74799
X-Served-By
cache-lga13626-LGA, cache-syd10139-SYD
X-Timer
S1665285424.737038,VS0,VE0
sync.html
public.servenobid.com/ Frame DE25 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.85 -, , ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
72251
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Sat, 08 Oct 2022 07:12:54 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cb605905cea2427f1d9f13acc778e822.cloudfront.net (CloudFront)
x-amz-cf-id
phj8Tw-FVNB7zlQRn-9sUYNVo2LXrHgtv4e3Lp7poeqr7RluJXYGOg==
x-amz-cf-pop
FRA60-P3
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
/
onetag-sys.com/usync/ Frame D252 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1665285419478
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame 7CD0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 03:17:04 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
isyn
prebid.a-mo.net/ Frame D6D9 		2 KB
764 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
891727451899af0ae2d33e9b9b2237964460587a8775e293fb31fff0bb482d38

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
675
content-type
text/html; charset=utf-8
date
Sun, 09 Oct 2022 03:17:03 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
1
pd
u.openx.net/w/1.0/ Frame BB04 		533 B
636 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
12ff814911d5d3474cc49f10417f5f5074f8ed1e56857143aa4e2e99d3bba355

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
324
content-type
text/html
date
Sun, 09 Oct 2022 03:17:03 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame AC08
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
8b281caef0d2a95f8abd283c8f98f17e8fb9c2f176592948a3d86f8550bca3d8

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
457
content-type
text/html; charset=utf-8
date
Sun, 09 Oct 2022 03:17:04 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Sun, 09 Oct 2022 03:17:03 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
checksync.php
contextual.media.net/ Frame C176 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
52338b59a98b541b934f627b3c1113d2389f60a246f2917289650fe60d912d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11837
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:17:03 GMT
expires
Tue, 11 Oct 2022 03:17:03 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
dpixel
cms.quantserve.com/ Frame A95B 		35 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFBjEBZ1f3tdV26u30RWYhM&google_cver=1&google_push=AZmPxg9LHE_TC2bbFHPkF-n7qGp9ypzb_lvvYMETuUFJuBuN_4h85HTy120nTu62yrLdbxJ0ChvsPU7Qb5w7RvtoJVMogm3JZVSkxpBUYPe_jXtLCnIDxqjqSCR5lx3mfT_TQkjl4KcRATBa
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.247 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A95B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAlOEyfXJ7ssI-6vbsS465M&google_cver=1&google_push=AZmPxg-L8T4hBeG8Z-_ACw5Ev2WOb5KaD2gc6AWYvt4slalNq0vEY7hCK0LO4v0ynnuPKKqW3RUrbXFwotl-mito...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-L8T4hBeG8Z-_ACw5Ev2WOb5KaD2gc6AWYvt4slalNq0vEY7hCK0LO4v0ynnuPKKqW3RUrbXFwotl-mitoJC4IgtvdWjDkR_0UR-m8oM0q_d2EBQ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-L8T4hBeG8Z-_ACw5Ev2WOb5KaD2gc6AWYvt4slalNq0vEY7hCK0LO4v0ynnuPKKqW3RUrbXFwotl-mitoJC4IgtvdWjDkR_0UR-m8oM0q_d2EBQmnvtamv4XcXFnLwDOz94iLwB0
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 09 Oct 2022 03:17:04 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x7 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AZmPxg-L8T4hBeG8Z-_ACw5Ev2WOb5KaD2gc6AWYvt4slalNq0vEY7hCK0LO4v0ynnuPKKqW3RUrbXFwotl-mitoJC4IgtvdWjDkR_0UR-m8oM0q_d2EBQmnvtamv4XcXFnLwDOz94iLwB0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Oct 2022 03:17:03 GMT
pixel
cm.g.doubleclick.net/ Frame A95B
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEB8JYUObvUFDUK5NbGEnn2c&google_cver=1&google_push=AZmPxg-1oJ5xr1s0J0qVvzl81i45gKd1FnkPgnneB0rXajRuqUAUWtVhF19_slylK3ReA95S--7jnj8fLbvxRczklliwaV5Gcsykl-rH...
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUJCQUVEMDJERTMzQkUxRA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUJCQUVEMDJERTMzQkUxRA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OUJCQUVEMDJERTMzQkUxRA==
date
Sun, 09 Oct 2022 03:17:04 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame A95B
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEEN9IcOrYihGfrv4moET0oU&google_cver=1&google_push=AZmPxg9CKVcu_fcWFzw_hJJS4Lk_xx5K84kuLfNZgKqkjLBnuVUwP9dAeyZd0lZcPT32ESkBTZCT6O9w8Q5JmkDNpG8wbOFb3MJS1bdqZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg9CKVcu_fcWFzw_hJJS4Lk_xx5K84kuLfNZgKqkjLBnuVUwP9dAeyZd0lZcPT32ESkBTZCT6O9w8Q5Jm...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg9CKVcu_fcWFzw_hJJS4Lk_xx5K84kuLfNZgKqkjLBnuVUwP9dAeyZd0lZcPT32ESkBTZCT6O9w8Q5JmkDNpG8wbOFb3MJS1bdqZbAII0u7qSJjRffu6E06s-HiiVS62J-TmclnEAYK
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=NDZtVkh3YkhCVWViaWhrM0xqMUNZdw%3D%3D&google_push=AZmPxg9CKVcu_fcWFzw_hJJS4Lk_xx5K84kuLfNZgKqkjLBnuVUwP9dAeyZd0lZcPT32ESkBTZCT6O9w8Q5JmkDNpG8wbOFb3MJS1bdqZbAII0u7qSJjRffu6E06s-HiiVS62J-TmclnEAYK
date
Sun, 09 Oct 2022 03:17:03 GMT
cache-control
no-store
content-type
text/html; charset=utf-8
server
nginx
content-length
287
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame A95B
Redirect Chain
  • https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEED616YZOiusN_7nOuB7Hso&google_cver=1&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw3D...
  • https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEED616YZOiusN_7nOuB7Hso&google_cver=1&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG...
  • https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NDAyOTEyNDk5MDA2MDgyOA&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NDAyOTEyNDk5MDA2MDgyOA&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw3DksGXNksQSQgLHYuz9c2DE_zgPw6IZYei3NAOgFk-0fbzABuGwloJd720x2WzqcYE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDE4NDAyOTEyNDk5MDA2MDgyOA&google_push=AZmPxg_rDW9fmEZ7QWk9Hx7JNBVrqQ2Z1_wjKJIeK2MFtHCMMv92xbvyGW826VdmUlO-bSqs7qG0Rw3DksGXNksQSQgLHYuz9c2DE_zgPw6IZYei3NAOgFk-0fbzABuGwloJd720x2WzqcYE
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
pixel
cm.g.doubleclick.net/ Frame A95B
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-7e3CZUsPDsvthaQ7wv08Dr7UZ0uF0IDIJHT3y61phJo1WycO_HVu7NSE6DbybGeCJ9UHz9TZHJBbmrp6xBynm5cd-PTa1UrpV15C3wWOpi20yGF2BIGq8CeNFLRAErOwar8eyjGo
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg-7e3CZUsPDsvthaQ7wv08Dr7UZ0uF0IDIJHT3y61phJo1WycO_HVu7NSE6DbybGeCJ9UHz9TZHJBbmrp6xBynm5cd-PTa1UrpV15C3wWOpi20yGF2BIGq8CeNFLRAErOwar8eyjGo
date
Sun, 09 Oct 2022 03:17:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
/
b1sync.zemanta.com/usersync/googleadx/ Frame A95B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEFjggj5xKtnlnHVZKnQMJms&google_cver=1&google_push=AZmPxg8yiCyIHfiO0f7q9LL8RvjO-NAFSKz86oWDxV9Z7ob6WG4rBtYsw3aWcRUfLcrXJqkFcf-CIXGykGFpP...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEFjggj5xKtnlnHVZKnQMJms&google_push=AZmPxg8yiCyIHfiO0f7q9LL8RvjO-NAFSKz86oWDxV9Z7ob6WG4rBtYsw3aWcRUfLcrXJqkFcf-CIXGykGFpP...
  • https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=AZmPxg8yiCyIHfiO0f7q9LL8RvjO-NAFSKz86oWDxV9Z7ob6WG4rBtYsw3aWcRUfLcrXJqkFcf-CIXGykGFpPcwdeOw0TTejmRqAZ21A4kiW7r3Hd4kRaoP-8YRqqttgvyX...
  • https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Server
50.31.142.191 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Content-Length
26
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://b1sync.zemanta.com/usersync/googleadx/?google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame A95B 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KqulpWXYNJKVyYD5EHbdU4TDNye09EV4NPzj4eC5yl8Eh7z4M32-YXqO1F4YDXwc0M6NTQgA
Requested by
Host: 949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
URL: https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sun, 09 Oct 2022 03:17:03 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
351418
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
all
csm.as.criteo.net/ Frame 08CA 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=5k1eCmJpLjkrKZ6-HMtVg1UtqwRcmolJ7yU_mTKrmyxy2Pr-rOyNu8ZKa7P6QyKEuBpCeTzxGp1RnP_uojSt4Twvb846ihxHhNssvA4huD4vf5khF4SSKpWiC4borfWYtJcTlNLCCDoiQHBgfcYqmEu2AVN5LChOrH-Voh-FGg77KPjLA85MHLRRVF0Kgfj9Ct4D-QxNOIELsICOFoI_99iwkvL6_QC_PyfvWkzVyqF49ktINZRbnPNCUDrCC1Od7Lgkoxr9TZNyQbdT&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LQADfloKcIHBAAbq9AHCQ2mlHOXTTdLL-g&u=%7CvVFUdj05uVI5RVGqtX6LTNXZRa%2FgVXdWESTqedl6sF0%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqdr-j8wgahTZIGe3vs2osFhPHrvdV8e4bdi0WXgjzEEqyfczOwjUm-QSxeVCtBiVfzcDEZ-6DDxTQQGTxyzg-sXS0dldwCG-VB61OR0btkTjkAuU4-bohIQU5r_Xlu_2hBWBXkDE8BtgQu2a-viJWbnAg4P_ryBnoU0iZzyszcmHf8gaK5DyXCzdJnDEwdxcniJQHO8e-XeFx2iZFJQt3VSXZZseYbz9sLtrT2Tngif58Hd2R7lEYmFvTRtpu7VvrnBmwT4WA_8eCg56iSpnx3FLgVBIZcgFeOfu6n6Uqk5UCwDrH8JhCbFSyEsWUAE539mkvI8-BSakXvmtBFFxJAG_-xu19joPLzUOpubO3h1-vzwnDcfB_4rlAOhW6qRcOr96-yuYRYmHJ9y5reAyGFCHkXnpFzWJVUNFIl0BJYBYZvLkAdzjd-NWU3BJcLOlZlwXLtqVWLp-REuRWhbkhWBRrG8l6gXXkeuObxyw0vtYfzS3ZRfxNC82kNHLb_QcjCPv69XgYgC3CuNCFkBn7F3cOo1fEcXfXwbs_1BJ0U8iH6zPKGAFyzAiyjU2a2q9QeE51DkKZpUO8RXQe1LsjBu83tEzaT-aRtQCE1jxmZ1lg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYPs5LT1CY9r8DcGDwgP01ZvIDpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmpAs2u2H3UY6U-qAMBqgSrAk_Qrn7dt1dLqiQxisbiNIL6l83nm1LuBjejLAYLiPh5byC9AVnhTbYUK7jIYRDLeyVshHG-zkJ5HeyedFuS3ETOcMPIYs3PUffKSB77vb9Z6i69qiRArdOhppXYNEeoaxLbSlWlMHcet5Q0739vxp8n9lVpmOU7coNnuxxDehC6P-BYjpKVtSkiHS3X8ZJm8riqS2dfF-lRjXNE96s3QNvKU1QkL7gWJtM_QxNW5EGtge5JEuG_u6mjkbn7IUCP43ZrbnXRHuhQ1KIZ2MfJxrIQEx-8fbCK_MWHI_AUhORE4OQ3E_MzAAiCyHOzFLOJ8zX-GY3SNzt5jPNZdnvK5S6wlQbbH33W2_AKSi-c3oyecWoYr4LRdz0E5EdWbvbwmu_lknrnOokaWC2fgAaX5aK40a3VkPQBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1w8-imWSr4B87WJ0jd1VhKm798eQ%26client%3Dca-pub-4485239425924787%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
cksync
cs.media.net/ Frame 0BBA
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA4Mjg3MDIzNjgzNTc1MzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSE6W07&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:03 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0BBA
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CUSE6W07&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:03 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D530 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
202006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 119C 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
GSE /
Resource Hash
a55dade3f2494991935329aee7e596fbff17f8cf191aeee5d7e1802c7778c3de
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-OBIzmO1hHLD35T7rtB1g3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-OBIzmO1hHLD35T7rtB1g3g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:03 GMT
expires
Sun, 09 Oct 2022 03:17:03 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6C53 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
202006
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 76E8 		783 B
761 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
GSE /
Resource Hash
5b2439c9cec97f49132286628130061a92d155ff098166f15ce59f69bd2eb8e1
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-yuXAEpsyKWR8MSYR4QlfQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-yuXAEpsyKWR8MSYR4QlfQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:04 GMT
expires
Sun, 09 Oct 2022 03:17:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame BB04
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=8057414613641581855&gdpr=0&gdpr_consent=&us_privacy=
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8057414613641581855&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=8057414613641581855&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame BB04
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=1c6294f7-297a-702d-eb5b-9b552fa85283&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&ttd_puid=1c6294f7-297a-702d-eb5b-9b552fa85283&gdpr=0&gdpr_consent=
43 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&ttd_puid=1c6294f7-297a-702d-eb5b-9b552fa85283&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&ttd_puid=1c6294f7-297a-702d-eb5b-9b552fa85283&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame BB04
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0I9MMCo5soAAIRKWsUAAAAA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0I9MMCo5soAAIRKWsUAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
5
Date
Sun, 09 Oct 2022 03:17:04 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":5,"gdpr":false,"ipv4":"173.245.209.165","key":"Y0I9MMCo5soAAIRKWsUAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40321"}
X-SO-Key
Y0I9MMCo5soAAIRKWsUAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40321
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=Y0I9MMCo5soAAIRKWsUAAAAA
Cache-Control
private
X-SO-HostName
a-ad40321.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
0
X-SO-LB-Hostname
a-tgng40006.dc2p.scaleout.jp
X-SO-IP
173.245.209.165
sd
jp-u.openx.net/w/1.0/ Frame BB04
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://cr-p3.ladsp.com/cookiesender/3?cr=true
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQOw4XD-Dgugks8ADv76KSeXCM8AAAGDur8Fdg
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQOw4XD-Dgugks8ADv76KSeXCM8AAAGDur8Fdg
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
via
1.1 3a6d09c229b46334ae8150e9562036de.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN2-C1
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AQOw4XD-Dgugks8ADv76KSeXCM8AAAGDur8Fdg
cache-control
no-cache
content-length
0
x-amz-cf-id
WvaMoWmbARS_E6_9KpceeV0i5OZ3bwWkmZvDtMPk4SPw8tY99CKduw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame BB04 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MzAwZDQ3M2QtZTAwZC0yZTg5LWZlYmItYzFlY2U1NGE5Y2Uz
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame BB04
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKbwbSVXeBGWV7uKoMe76Q&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKbwbSVXeBGWV7uKoMe76Q&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEKKbwbSVXeBGWV7uKoMe76Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame 9471 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=wIhCK2JpLjkrKZ6-43Ek6p5D1QygxJm1QBHINzzgVMJ5n17tcC8hvM3lplqmJrZiqRPB4NLZV3WcWJlLwARBCw1nNxYRVsVEdIkdS2D0R3O2pw6w6mrN90zuDrAkGHTYAqCbiD9cb58jCOQyl_0Qb_lVGy_CYTO3CqjItWolFVdmChjWd6TxNKC0tNk68DSVAEbAuea2w936D51rsyMQeovgXrv3T6elpis7GTUA-S0NsHAw855D7l92KQXhP0mePyfg-g&sds=2&rev=83041&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=Y0I9LAAIiMIKcgRFAAz1dMaR_wFbpuATwR85Jg&u=%7CiNxSgm%2F7p%2FBoKNPoDSiEfBCxlr5ufsphFohzAlp7KNI%3D%7C&c1=0n2XosTo5cm2a-Hcp7XBswXP_Pnh5wGNJFnD5UhbQqekeA1_m8Uh9OgiV1dQ3Rz2KocDtEiMEOJhdlF6ppKG3Hne3ksc1k0ZEnuubHIPLu4t8NU2QKUZOTDbrP1VQsOZn9oWNwj3kqdfPWPEn6Pqqpr22n3ZMYPHkbkQ-eZ2mVzBy9Uqm2Mceco0mCadNKeSGnkKuAxeDgeU6mhPRC5WgPiZYCiIVOHNNsC5gADB3LEMyjfvU6RLmv5rRZQgpTe08RadHRUYyEdZxUbphGIOv5A0eQZrXQrPV3kGZDTMUCuQ7RfvQSB8EnD2Zj4OkIj35DzNz_SVQOdL_iItV8Wzx5LbQ0IageHmUFrYR1K4OZmEh3RW_xapWwn9SDu4W4WqsrMMOBK_icn609_nv2ztAHnQxqISL7YmQQCykrKBy4VQKo8N7TdVlVxIbB-hjhR3PpbsLAy4vQLZpqGONCkaC5158IRguAGOdbRbvxx__cNuv3YKRTqiUHRtsr9aqApjjTbaQf3qeByUwJdRY0Q9GgBehD7j4Hbc6i_OyfFYaYDl1HSoKTQbHXbBfm3I48QjJNE1RYAJ6tPC0N_ACGkmjLh7JRoGTM8MTpvXaD_qyD0lNgRDHpRm98RWN8gGFLQ22ZnFx0jIm8CyjTEEzqpTgw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCs90YLD1CY8KRIsWIyAP06rP4Bpj80bFcqoTM5IUBwI23ARABIABgpYCAgJABggEXY2EtcHViLTg5MzMzMjk5OTkzOTExMDTIAQmpAs2u2H3UY6U-4AIAqAMBqgTTAk_Q5sHQLcoSC8qVgMeps9lsBvFI1vrWy4ac4-GtZyXRPTYec3FQ4VdlxnXiTTSHExmbXP4ztEgV0lsXMEo5uQulHC4wFS0xsOPQT2uP2vYT8ZQAaWhf4qKeU6M5JYHqvSuq-XojlQxkkN9SyoexCqBXUMhBGenqfb4NsbIiugbcCE6YZ1EqRRNgSGHBKNbDfq1wXDAjX0vNqrzbvBO-Gb7JqGpRXQ8c5BJ3Ud2kNcPEIsvv2L75c2edFt2Jza1Pym8C-E0kTLDRc7UOk65Q2mpUnf8GXWLqO4HHePFHUz5KTkTgYkXg3RzH8Ck4yja6FkLFzmXFvbyPtWDbjJWwtu_y99VI6D5l4JWpJPwfGF7Jif8pCXbP4aCgN15jPCVe7OutQ2LTp4GjL6DBL6NUY5-f27zmYxlS6rNpg50e2j4uvy1kKliVp6XLNE5Razj2rBhP8OAEAYAG8-Dbw5at17NUoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1Yy0zYUCM9G1Mg9gi1a_ARRPECmw%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sun, 09 Oct 2022 03:17:03 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
async_usersync
ib.adnxs.com/ Frame 28F1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:03 GMT
AN-X-Request-Uuid
b386bbed-129c-4ac8-8fae-5bdad7ec790c
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cframe.js
assets.a-mo.net/js/ Frame D6D9 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.158.19 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
via
1.1 2a6cd2383f2f70d74f5acfbb719135b8.cloudfront.net (CloudFront)
content-encoding
br
cf-cache-status
HIT
x-amz-cf-pop
SYD62-P2
age
361
x-cache
Hit from cloudfront
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cf-ray
7573f60ccb0baad2-SYD
x-amz-cf-id
0NgEX79IrBY8z_evvJAbf73nx6wCvl1K630vQVy8xlezYW9QnLDeng==
expires
Sun, 09 Oct 2022 04:17:04 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame D530 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 07:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 07:24:08 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 6C53 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 07:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 07:24:08 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 75D4 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
72f44628f64789293516dbf6e742c887dd8cb14b8b9ba8f7b1c9f8a62cdc3f2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11391
x-xss-protection
0
sync
gum.criteo.com/ Frame C176 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:03 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
483336
expires
60
usync.html
eus.rubiconproject.com/ Frame 3D17
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 03:17:05 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 09 Oct 2022 03:17:04 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 9738
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Drkt%26refUrl%3D%26vid%3D528542390330828702368357270...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=rkt&refUrl=&vid=52854239033082870236835727000V10&ovsid=1972928490584900185
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=rkt&refUrl=&vid=52854239033082870236835727000V10&ovsid=1972928490584900185
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
Sun, 09 Oct 2022 03:17:05 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Sun, 09 Oct 2022 03:17:04 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=rkt&refUrl=&vid=52854239033082870236835727000V10&ovsid=1972928490584900185
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
cksync
cs.media.net/ Frame C176
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
199
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2FB9 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76768
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:17:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 10 Oct 2022 00:36:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame C176
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dapx%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=apx&refUrl=&vid=52854239033082870236835727000V10&ovsid=7993443584297490447
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=apx&refUrl=&vid=52854239033082870236835727000V10&ovsid=7993443584297490447
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:04 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:04 GMT
AN-X-Request-Uuid
6725d603-d4e5-4fd3-aa62-20239dffaedc
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=apx&refUrl=&vid=52854239033082870236835727000V10&ovsid=7993443584297490447
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame C176
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3082870236835727...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=opx&refUrl=&vid=52854239033082870236835727000V10&ovsid=d44efd68-827a-4acd-8814-e53b9d47c05f
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=opx&refUrl=&vid=52854239033082870236835727000V10&ovsid=d44efd68-827a-4acd-8814-e53b9d47c05f
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
text/html;charset=UTF-8
cache-control
max-age=0, no-cache, no-store
content-length
219
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:04 GMT

Redirect headers

date
Sun, 09 Oct 2022 03:17:04 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://contextual.media.net/cksync.html?cs=8&vsid=3082870236835727000V10&type=opx&refUrl=&vid=52854239033082870236835727000V10&ovsid=d44efd68-827a-4acd-8814-e53b9d47c05f
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cksync.php
contextual.media.net/ Frame C176
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dmma%26refUrl%3D%26vid%3D528542390330828702368357...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=mma&refUrl=&vid=52854239033082870236835727000V10&ovsid=7f226342-3d30-4300-83b1-ae8dc245d74e
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=mma&refUrl=&vid=52854239033082870236835727000V10&ovsid=7f226342-3d30-4300-83b1-ae8dc245d74e
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:04 GMT

Redirect headers

Date
Sun, 09 Oct 2022 03:17:04 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x6 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=mma&refUrl=&vid=52854239033082870236835727000V10&ovsid=7f226342-3d30-4300-83b1-ae8dc245d74e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Oct 2022 03:17:03 GMT
cksync.php
contextual.media.net/ Frame C176
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%26refUrl%3D%26vid%3D52854239033082870236...
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&zcc=1&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%26refUrl%3D%26vid%3D52854239033082...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7995011025
  • https://sync.1rx.io/usersync/tradedesk/e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
  • https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=r1&refUrl=&vid=52854239033082870236835727000V10&ovsid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=r1&refUrl=&vid=52854239033082870236835727000V10&ovsid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:05 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=r1&refUrl=&vid=52854239033082870236835727000V10&ovsid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
date
Sun, 09 Oct 2022 03:17:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1045189374d94ab9bfd7bdfaa4ae8c9e004
content-type
text/html
cksync
cs.media.net/ Frame C176
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MzA4Mjg3MDIzNjgzNTcyNzAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:04 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame C176
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52854239033082870236835...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Ddxu%26refUrl%3D%26vid%3D52854239033082870...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=dxu&refUrl=&vid=52854239033082870236835727000V10&ovsid=7tHXRMjn1OHmOk5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=dxu&refUrl=&vid=52854239033082870236835727000V10&ovsid=7tHXRMjn1OHmOk5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:05 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:04 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-02f7611d9bf2e5b40@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=dxu&refUrl=&vid=52854239033082870236835727000V10&ovsid=7tHXRMjn1OHmOk5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame C176 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
289825
expires
Sun, 09 Oct 2022 00:00:00 GMT
v2
odr.mookie1.com/t/ Frame C176
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://x.bidswitch.net/ul_cb/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54617ede-b486-4bb0-9574-013e4d35eaea&ssp=medianet&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f995ac6e-82bf-4a00-8c62-3b419a54e52d&ssp=medianet&gdpr_consent=&gdpr=0
0
0
cksync.php
contextual.media.net/ Frame C176
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dzem%26refUrl%3D%26vid%3D52854239033082870236835727...
  • https://stags.bluekai.com/site/23178?id=68P6Mwi1bqV1AGd2GGxc&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPJWHBIDMTLXNEYWE4KWGFAUOZBSI5DXQ...
  • https://contextual.media.net/cksync.php?cs=8&ovsid=68P6Mwi1bqV1AGd2GGxc&refUrl=&type=zem&vid=52854239033082870236835727000V10&vsid=3082870236835727000V10
0
0
cksync.php
contextual.media.net/ Frame C176
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3082870236835727000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3082870236835727000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=585340b5-f2f0-471d-b139-64b85004e900&cs=1
0
0
um
cs.emxdgt.com/ Frame C176 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Demx%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C112%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.33.18 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
adview
googleads.g.doubleclick.net/pagead/ Frame 7A67 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNG6vLz1CY5KFJJrWoQO8uLvIBazX_fBktPaok-ILwI23ARABIABgpYCAgJABggEXY2EtcHViLTQ0ODUyMzk0MjU5MjQ3ODfIAQmoAwGqBLIBT9DPjPn7KCd3xq3pY0r8W2CqjeTgwk-Irj21xLURI4YPomXGd-QRKquQjW9QtbupPe7TcOL83rO0scsYTk0UTHrk-1s_BgzmJbc0D3EnZWoc77BzgsjtzITjGusaWOEqsxL__P5JOqGpUGI7C4f2XrCdlgmxHj5NsoYemT9pxMEFMCLnduIDRDgBgtha4WrCnLn2adxliSpt_ysNAr2vCzT-arVo6KXgaBrPrxKNykcg74AGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=sLll6qJNWV0&uach_m=[UACH]&cid=CAQSKQDq26N9QtjIpBLDOIvXhTjKs8LUQ-lStp0-swf7eZyql1MMsrR9DZmfGAEgEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Sun, 09 Oct 2022 03:17:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 7A67 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=3.3274808E-4&viewability=-1&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=461c4f6b8b0144e7a6b22c09ace1dd2f&ugd=4&size=250x250&pvid=4&csip=rtb-common-istio-c5ddbccdc-rnvcx.SG&ogbdp=0.02&prvReqId=20294467415608_2037140234_52982010441&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co&scrid=1700080812610100250025000000500&mang=1&bidrestime=1665285423674&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 09 Oct 2022 03:17:04 GMT
log
qsearch-a.akamaihd.net/ Frame 7A67 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=4&jar_err=&current_day=0.0&adtyp=0&req_id=Y0I9LwAJ0f0KaEhGhgoPjA&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&f_seg=&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=-0.0100&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=4&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2F&bidrestime=1665285423674&cc=AU&strg=no_strategy&ss=&current_hour=2&time_stamp=2022-10-09+03%3A17%3A03&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=461c4f6b8b0144e7a6b22c09ace1dd2f&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=2&visibility=2&totalTime=2172999&dmm_m1=2022-10-09+03%3A17%3A03.675922101&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=186&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-c5ddbccdc-rnvcx.SG&dfp_bucket=0.0&adblk=3314916115&itype=adx&pvid_seat=4_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=4&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
184.87.193.156 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-87-193-156.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:04 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Sun, 09 Oct 2022 03:17:04 GMT
nmedianet.js
contextual.media.net/ Frame 7A67 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
26cffa9fa65dbc189eab4ebb9173aeba290c636dd3cca1a5cb934bf42ed48d4e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-mnt-h
21-tx5k
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
etag
"6934cab770662a1ac1cd7ef3f25b8a1c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
8-35
timing-allow-origin
*
expires
Sun, 09 Oct 2022 03:22:04 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 7A67 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
date
Sun, 09 Oct 2022 03:17:04 GMT
server
nginx
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=55331
access-control-allow-credentials
true
content-length
62892
expires
Sun, 09 Oct 2022 18:39:15 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 7A67 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2477
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:35:47 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/ Frame 7A67 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221003/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
cafe /
Resource Hash
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 02:51:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1513
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7528
x-xss-protection
0
server
cafe
etag
13775775994264215463
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Oct 2022 02:51:51 GMT
l
www.google.com/ads/measurement/ Frame 7A67 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVsU83UWXR_i_ZkZAVxtkEqARmilZkKzNyTzGz2b7iWIYzafOqbm7RVNCZ464NMAj3tR7Jf6i-0_R5C8-fn2OJm97MUA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7A67 		142 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45072
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664970042070988"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:04 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 75D4 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:04 GMT
truncated
/ Frame 6BB4 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6BB4 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 6BB4 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 6BB4 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5388&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxsNCUdsErN5R0xUAYq2B3WbaO4_S0McqY6sRX9Kg6fYdFNCWVgfstdTkPuRaa5-vgIM7rVV-gp864g-6qEZRAaUMnI6ho61uQrkNkH0AvAEh&cme=euXxSCmRR6OUxLqRDoiYrEF2k5sJcOmVNwCR1GnDMaeW4Ib_M-RfsCmXqq1oXjFq8JZRuq02nMQS1sEtnBcVcLOANy5SaEEGbwJJl5KlmP2iZaLG83NoUJDBLzQ7bzL0X7VQ8KkD6mVJBC_8fcrDk0EgopSmkH5EoXrlKVtZXZS_QHbvsx3i1NAISQAHaY1mb5Li0y1rXd6f4r1MxhHDVA%3D%3D%7C%7Cb-378LlPD7sO1wIjCRRt3aapcm4hamve%7CzX3XAtm_0cpt-a8SBehOerJxmaaXzHzZkFKPa4qI3rkPPMtiVUQxA5BMX5BetdgN9w608-rjWjXVaR8KF9XHWuKkYDT0Tf46tOhIMWWO3gseX7N4jPiwMLMr9L1pfmv0PeITgI6rbPFOIFSkOCDwzQ%3D%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CjhItBY7AcFFv6xpbQvQJOUpuOcB2VEipObiKs-jYBAENqK6YNUv3p9w5wrkviCofXtz1KzuDS4_9Gk02Cm1Ln7Keg_di1-Bh40vKWRd3DfhptbOcptpcvMjn0g7osKIe8PvbY-8y1xdzzDLjczwovODn4dIR3j4jgCu9NJr7TMq-l0xdHzTySry4FXdJHn6d63cmJW3z7M_OWzhTpwtsETxEZfpFLOcP8TDv_x1Fylk%3D%7Cu8A6SM53vAf7J4TF5lmmrAmR3vzliOaq%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=1&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785058&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=Top+3+Stocks+to+Buy&kwt[]=391&kbc[]=1224808751&kwp[]=1&kid[]=321206339&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D0.91%7C12%3D0.29%7C60%3D3.06%7C10%3D5.63%7C63%3D0.28%7C1%3D3.00%7Cps%3D0.545%7C3%3D0.97%7C4%3D4.10&ktd[]=274911592704&ktrkt[]=Top+3+Stocks+to+Buy&kwd[]=Vitamins+for+Hair+Loss&kwt[]=391&kbc[]=1224808751&kwp[]=2&kid[]=30111142&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D0.81%7C62%3D1.01%7C12%3D1.56%7C60%3D0.43%7C10%3D5.63%7C63%3D0.28%7C1%3D0.53%7Cps%3D0.545%7C3%3D0.17%7C4%3D4.29&ktd[]=274911592704&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Free+Robux+Codes&kwt[]=391&kbc[]=1224808751&kwp[]=3&kid[]=330007869&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D0.75%7C12%3D0.93%7C60%3D0.87%7C10%3D5.63%7C63%3D0.28%7C1%3D0.85%7Cps%3D0.545%7C3%3D0.34%7C4%3D4.29&ktd[]=274894815488&ktrkt[]=Free+Robux+Codes&kwd[]=Best+High+Return+Investments&kwt[]=240&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=326649050&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D0.83%7C12%3D0.87%7C60%3D0.31%7C10%3D5.63%7C63%3D0.28%7C1%3D0.31%7Cps%3D0.428%7C3%3D0.56%7C4%3D3.64&ktd[]=274894815488&ktrkt[]=Best+High+Return+Investments&kwd[]=Part-Time+Jobs+for+Retirees&kwt[]=391&kbc[]=1224808751&kwp[]=5&kid[]=321825842&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C66%3D1.24%7C62%3D0.73%7C12%3D0.88%7C60%3D0.76%7C10%3D5.63%7C63%3D0.28%7C1%3D0.86%7Cps%3D0.545%7C3%3D0.23%7C4%3D5.00&ktd[]=274911592704&ktrkt[]=Part-Time+Jobs+for+Retirees&cid=8CU84X179&vi=1665285422776511561&tdAdd[]=ib%3D0&vsid=3082870236835786&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=809&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CUSE6W07&vgd_hb_audit_2=125608466&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785058&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8POW856F7&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1665285422179176503&sttm=1665285423145&upk=1665285423.15748&hvsid=00001665285423145029185683573635&verid=3111299&vgd_matchstr=hr%3D0%7C&sbdrId=196&vgd_ecrid=1700080807683300300025000039600&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8POW856F7&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3082870236835786&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9f~eBMJ-Nv9.hh~QYYMG8Ov9.9f~e8QMQOvfuH~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ffu99WuW~8xLjMGvWXXF.Xf~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fF~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vuuh%2Cuuh~J7vfi~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu99WfA~e8QMGvhuX.HA~xLjMGv9.uf~xLjM7e8v9~QYYMBLvf.FHXW~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9f~GYvu~QYYMQOvf9ffu99Wf9~Q8OvJJNiuXiXhJ199JA9iXXXff1HJFJ9HuXN~QOvu~x8Ov1gBAtdDTiLliJpJTf~G7OvfHWi9HXuAWWA9uFhiAifhF9iufAAfufWhAihWiWufHuFFhAWXhXfuW9hFAAAFHifuWhXh9fF9X9AHHFAhfAifiF~OfEMjvu9~AENkvF99.F~x8YvuAA~OYYMQ7LyvzmMQ7L17Jy5~OfEMGvu~myOfEMGv9.ih~exLjMGv9.uX~QQvIK~x8BvH9~NJv9~LEQMGvA9.u~exLjMjvA9~%3DVvfhHi~z7Qvu~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvF.Fu~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGvu.u~8exLjMjvA9~QxEEj5M71yM8Ov~e8JB1G8j875v9.hh~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4s_B_gHja81qj6r%20jGsxmhK~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoWiAAAfiiiiAiuu9H~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvuHf9fihFu9~QmGEv~N7Lvh.9AihhX4oH~GOEN1EOv9~OYYMJLEYv7LxJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvu~7yQvA99-fX9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220926&vgd_scsver=328&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A300%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001665285423145029185683573635&subBdr=196&bdrid=313&rc=0&rand=1665285424128&acid=3c27da02f5d5433fb388e034f6eb794b&matm=1665285424128&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&vgd_ltimesrc=1&vgd_ltime=2505&vgd_rtime=2481&vgd_etm=11&vgd_l1hcsd=Otx5k%7C6666&vgd_l1ch=1&vgd_lhl=2834&vgd_pgid=p074189506t202210090317&vgd_adprefflag=11&vgd_csip=rtb-common-istio-c5ddbccdc-6blwt.SG&vgd_sbSup=1&vgd_nrrs=17795&vgd_cntrdt=SF%7C949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=43840
content-length
15
sodar
pagead2.googlesyndication.com/pagead/ Frame 119C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100301&jk=2771569315945354&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 76E8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022100501&jk=2266630913647439&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
log
hblg.media.net/ Frame 4D67 		35 B
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=1&spSource=0&ifst=0&vid=Y0I9LAAJ4u8Kj-AKUQm2Dg&s_city=singapore&ugd=4&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=7.039775E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=300x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=04943111&scrid=1700080807683300300025000039600&itypeid=17&mx_SPRIG=0&viewability=77&renderer=1&be=0&rtime=29.0&adj0=0.0&tmax=300&s_ip=172.217.47.1&adj2=0.0&adj1=0.0&feedback_id=Y0I9LAAJ4u8Kj-AKUQm2Dg&adtypes=0&mx_aabpc=0&reqid=Y0I9LAAJ4u8Kj-AKUQm2Dg&sc=AU-NSW&sd=1&mowxReqId=3c27da02f5d5433fb388e034f6eb794b_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&bidrestime=1665285420695&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CU84X179-966716711-42-23&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CU84X179&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online%2F&dn=bg3.co&dt=O&acid=3c27da02f5d5433fb388e034f6eb794b&actltime=34&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-2&bfs=103&rfc=-1&prvApiId=8CU84X179&epcexp=false&pubid=pub-ADX-101418826937-pub-rep&mx_bsProfile=0&cid=8CUSE6W07&bcrid=1700080807683300300025000039600&omul=1.0&res_mtype=0&suid=CAESEFTwTQ4lOiaHlJDqlbFuo7A&chnl=NO_STRATEGY&pst=0&reqsize=300x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CU84X179&tgtval=pub-ADX-101418826937-pub-rep&__expireat=1665286020948&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=966716711&ckfl=0&lper=1&mx_tgs=300x250&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=34.0&epc=966716711&ctr_vendor=EXCHANGE&prvReqId=16304301467737_2004562338_12560846613131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-8933329999391104&ybnca_erpm=0.02&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=39&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-595f68d68b-xk6ls&currsrc_date=2022-10-07+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-09+03%3A17%3A00&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=0&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AMVB_PnozY9AgL7DuhRxqrX_i4zUlnDX3thumTZ4KN271H1ptxhvGI-SUkKlqIxAJN4w8H92&dmm_ogerpm=false&csip=rtb-common-istio-c5ddbccdc-6blwt.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=1420297610&fpuReq=0&vcmplrt=-1.0&crid=125608466&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.02~vw_exc%3D0.77~smm_bid%3D0.02~vis_sd%3D214~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022100818~iurl_b%3D8556.52~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.26~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D117%2C117~et%3D29~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100823~vis_b%3D715.43~url_b%3D0.12~url_tvi%3D0~smm_wr%3D2.6458~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.02~bm%3D1~smm_sd%3D2022100820~sid%3Deec915957ea00e30955522a4e6e0415c~sd%3D1~uid%3DaQw3XjRL9rz9eWeL2~btd%3D248904513883016793927609123321287397898124166738575218076333649218757026050344637239296~d2p_l%3D10~3pcf%3D600.6~uim%3D133~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.97~vurl_b%3D0.15~ss%3DNA~uiw%3D40~ce%3D0~rps_b%3D30.1~vurl_l%3D30~CI%3D2749~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D6.61~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.1~ivurl_l%3D30~supply_tag_id%3D%7Eviewability%3D0.77%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEFTwTQ4lOiaHlJDqlbFuo7A%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-8933329999391104%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D1420297610%7Esobp%3D%7Ectr%3D7.039775E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D300x250~bsb%3D0~bsp%3D0~tmx%3D253&utime=2458&sf=0&cpr=0.46290656075585956&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Sun, 09 Oct 2022 03:17:04 GMT
usync
id.a-mx.com/ Frame D6D9 		0
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=52402137-d824-4ab7-903c-7b4e839cf088&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.154.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpX0NJvU%2FKLl8hb%2FGkuHH1mBcmjIYhujUe578Q%2BMk1av9SOEeryfF3%2BEbj1c3ja5rHB%2B%2BkJ%2BLVrAB8OP%2BZUih%2BNAEqYN3p2ud1InS%2FvnulZpxfDr80MB0CZ1%2F6vOnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
7573f60eedc5dfb3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
v2
odr.mookie1.com/t/ Frame D6D9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=52402137-d824-4ab7-903c-7b4e839cf088&gdpr=0&gdpr_consent=&us_privacy=
  • https://x.bidswitch.net/ul_cb/sync?ssp=adaptmx&user_id=52402137-d824-4ab7-903c-7b4e839cf088&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526601180881868014&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526601180881868014&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=40b55cc3-7f86-4f38-a1e5-e00800a17220&ssp=adaptmx&gdpr_consent=&gdpr=0
0
0
yahoo
prebid.a-mo.net/setuid/ Frame D6D9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=52402137-d824-4ab7-903c-7b4e839cf088
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=52402137-d824-4ab7-903c-7b4e839cf088&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-cJ.CH4tE2uESEr8LJ4l594zZzi8mQT6AhqxM.7g-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-cJ.CH4tE2uESEr8LJ4l594zZzi8mQT6AhqxM.7g-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-cJ.CH4tE2uESEr8LJ4l594zZzi8mQT6AhqxM.7g-~A&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
magnite
prebid.a-mo.net/setuid/ Frame D6D9
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
  • https://prebid.a-mo.net/setuid/magnite?uid=L90RXXGX-15-7FLE&gdpr=0
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L90RXXGX-15-7FLE&gdpr=0
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://prebid.a-mo.net/setuid/magnite?uid=L90RXXGX-15-7FLE&gdpr=0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
Expires
0
cookie
cm.adform.net/ Frame D6D9 		43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
server
nginx
content-length
43
content-type
image/gif
setuid
prebid.a-mo.net/ Frame D6D9
Redirect Chain
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dzeta%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=zeta&uid=ua-b74eab59-11d5-3a19-8a11-e4302286616b
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
setuid
prebid.a-mo.net/ Frame D6D9
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%...
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=smartadserver&uid=1514135113636332924
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=smartadserver&uid=1514135113636332924
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=smartadserver&uid=1514135113636332924
date
Sun, 09 Oct 2022 03:17:04 GMT
content-length
0
SPug
image4.pubmatic.com/AdServer/ Frame D6D9
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkMzMUE3N0ItODU5OC00MzdCLTlFQjEtNjNEMzhFRDkzNUQ2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D...
0
0
setuid
prebid.a-mo.net/ Frame D6D9
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dindex_rtb%26uid%3D&gdpr=0&gdpr_consent=&s=191503&us_priva...
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=index_rtb&uid=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=index_rtb&uid=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f0Od2Rp9axqVUKUtlYCPI2spbIisB7O0KXG4YFnOxw65u4oYktMMYJXjK9KXpRKQsPwLk%2B0YuXr%2FK4f%2BzY2diQVCxiZ55jUNIfMrWN9nzV0k6D1Jrqn%2B5hCh%2Buz7yyIHmfEXuj4V"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=index_rtb&uid=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
cache-control
no-cache
cf-ray
7573f612493daaf5-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame D6D9
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=sovrn&uid=FczFELZH2LayEkruSlSP_xxx
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=sovrn&uid=FczFELZH2LayEkruSlSP_xxx
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=sovrn&uid=FczFELZH2LayEkruSlSP_xxx
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
setuid
prebid.a-mo.net/ Frame D6D9
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=appnexus&uid=7993443584297490447
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=appnexus&uid=7993443584297490447
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:04 GMT
AN-X-Request-Uuid
0a80064e-d01d-4fe1-a933-253640e0ea5e
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://prebid.a-mo.net/setuid?A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=appnexus&uid=7993443584297490447
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame D6D9 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=52402137-d824-4ab7-903c-7b4e839cf088
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:04 GMT
AN-X-Request-Uuid
20b9caf5-323e-43f4-9098-0903c165bf65
Server
nginx/1.21.3
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ow.pubmatic.com/ Frame D6D9 		86 B
386 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=52402137-d824-4ab7-903c-7b4e839cf088
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:06 GMT
content-length
86
content-type
image/png
setuid
pbs.nextmillmedia.com/ Frame D6D9 		86 B
454 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.nextmillmedia.com/setuid?bidder=amx&uid=52402137-d824-4ab7-903c-7b4e839cf088
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.9.144 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:06 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
86
vary
Origin
expires
0
setuid
prebid-server.rubiconproject.com/ Frame D6D9 		86 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=52402137-d824-4ab7-903c-7b4e839cf088
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.150.80.212 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-150-80-212.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
expires
0
xuid
eb2.3lift.com/ Frame AC08
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&dongle=0cfd
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
209
ebda
eb2.3lift.com/ Frame AC08
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzEzOTQ0MTcyNDE2Mjc3Mzk1NzY3
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame AC08
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMZo44xOpK5pXtTC1yvxuIc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMZo44xOpK5pXtTC1yvxuIc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEMZo44xOpK5pXtTC1yvxuIc&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame AC08
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzEzOTQ0MTcyNDE2Mjc3Mzk1NzY3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzEzOTQ0MTcyNDE2Mjc3Mzk1NzY3
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=NzEzOTQ0MTcyNDE2Mjc3Mzk1NzY3
date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame AC08
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=713944172416277395767&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=713944172416277395767&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c7c8b8d8-d71c-448a-8872-d421bddbe872&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c7c8b8d8-d71c-448a-8872-d421bddbe872&_noobservation=1&_expected_cookie=ca3d9f2...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c7c8b8d8-d71c-448a-8872-d421bddbe872&_noobservation=1&_expected_cookie=ca3d9f2ad2e393b4826cb136f03f751c
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.98.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Sun, 09 Oct 2022 03:17:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7573f615ad3dab02-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=c7c8b8d8-d71c-448a-8872-d421bddbe872&_noobservation=1&_expected_cookie=ca3d9f2ad2e393b4826cb136f03f751c
date
Sun, 09 Oct 2022 03:17:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7573f6142b2cab02-SYD
content-length
0
sync
x.bidswitch.net/ Frame AC08 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=713944172416277395767&gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame AC08
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/713944172416277395767?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-vt.o8bxE2oS5xpexFyziwWGbJ1hH4Lj0xqN__vuvkg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vt.o8bxE2oS5xpexFyziwWGbJ1hH4Lj0xqN__vuvkg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
date
Sun, 09 Oct 2022 03:17:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-vt.o8bxE2oS5xpexFyziwWGbJ1hH4Lj0xqN__vuvkg--~A&dongle=0883
content-length
0
iu3
s.amazon-adsystem.com/ Frame AC08
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=713944172416277395767
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=713944172416277395767&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=713944172416277395767&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
BTH7S2B24M31Z5263S0R
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=713944172416277395767&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
c.gif
c.bing.com/ Frame AC08 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=713944172416277395767&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.21.200 -, , ASN (),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 5AD8750861A049AC991BF5B5B70AFD1B Ref B: SYD03EDGE1609 Ref C: 2022-10-09T03:17:04Z
etag
"8766f3fc1fc7d81:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
xuid
eb2.3lift.com/ Frame AC08
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=uZHTiT3h8nw_m9D_5h3E&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5OVNEQVDJKQZWQ...
  • https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=uZHTiT3h8nw_m9D_5h3E
0
0
generate_204
tpc.googlesyndication.com/ Frame D530 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?NciAMA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 6C53 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?p8QBSw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04EC 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
202007
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 41A5 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
GSE /
Resource Hash
276c5e6a9b3e12d3c926e0d728cfb84481142fc44e1b1d3376365fbf33bd876c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CI8LX0zdfcGfLcy1_qkXSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-CI8LX0zdfcGfLcy1_qkXSQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:04 GMT
expires
Sun, 09 Oct 2022 03:17:04 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 7CD0 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:04 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66487
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 41A5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=2015435252709430&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame 04EC 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 07:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157976
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 07:24:08 GMT
smtr
contextual.media.net/ Frame 7A67 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1665285424614756072&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&itid=17&bae=B44zgq4eg/&bcpf=8fOnRrolnfOur8B44zgq4eg%2F&bdrId=4&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p02100963619t202210090317&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6c43c80ebfa5a5a3eeeb8e7194348bd4de1e02657bd23465e8f7bf71a925841a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-sc-w
22-rj98
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-rp4l
timing-allow-origin
*
content-length
33486
expires
Sun, 09 Oct 2022 03:17:05 GMT
bping.php
lg3.media.net/ Frame 7A67 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=541&&vgd_cdv=809&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1665285424614756072&ugd=4&lf=6&cc=AU&sc=NSW&vsid=3082870236835786&lper=100&wsip=2886994807&r=1665285424606&requrl=https%3A%2F%2Fwww.bg3.co&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1665285424144790561&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p02100963619t202210090317&vgd_pgids=1&vgd_uspa=0&hvsid=00001665285424603029185683575062&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 09 Oct 2022 03:17:04 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=58294
content-length
15
checksync.php
contextual.media.net/ Frame CE1E 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1dc97d97c7a243affdada069a72ee9faf9b26f6ebd538dd13c2238dbefcdfcc3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9409
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:17:04 GMT
expires
Tue, 11 Oct 2022 03:17:04 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 7A67 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4577&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=Y0I9LwAJ0f0KaEhGhgoPjA&s_city=singapore&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Cfl_rl%3D1%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=3.3274808E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=04943111&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=-1&renderer=1&be=0&rtime=15.0&adj0=0.0&tmax=300&s_ip=172.217.47.4&adj2=0.0&adj1=0.0&feedback_id=Y0I9LwAJ0f0KaEhGhgoPjA&adtypes=0&mx_aabpc=0&reqid=Y0I9LwAJ0f0KaEhGhgoPjA&sc=AU-NSW&sd=4&mowxReqId=461c4f6b8b0144e7a6b22c09ace1dd2f_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co&bidrestime=1665285423674&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-42-5&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=461c4f6b8b0144e7a6b22c09ace1dd2f&actltime=21&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&suid=CAESEFTwTQ4lOiaHlJDqlbFuo7A&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1665286023927&lmt_status=N&reftype=0&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=21.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=20294467415608_2037140234_52982010441&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=186&mx_bsBucketRa=0&rtttime=26&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-595f68d68b-44cfc&currsrc_date=2022-10-07+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-10-09+03%3A17%3A03&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&pid=8PR113JGC&spTo=3&pvid=4&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_PnReKhcL_t9PdCG77sttDimJqbAEe29sdulbRIBwaKOT3E3nr0-eAZ1gi5q9Eb-_Tag&dmm_ogerpm=false&csip=rtb-common-istio-c5ddbccdc-rnvcx.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&cat=IAB-3&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=3314916115&fpuReq=1&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~smm_bid%3D0.02~vis_sd%3D212~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022100820~iurl_b%3D24588.15~url_tkc%3D1~std%3D~last%3D~vis_url_b%3D0.13~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D40~riipua%3D117%2C117~et%3D9~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100822~vis_b%3D115.96~url_b%3D0.04~url_tvi%3D1360~smm_wr%3D23.0716~url_l%3D50~gcat%3D-1~bb%3D186~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022100820~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D4~uid%3DaQw3FsX5ylSAIvGlp~btd%3D4227490405161309931204367054685288463517768714114209115249763098518074036470619460407296~d2p_l%3D70~3pcf%3D2.6~uim%3D0~og_msh%3D0.01~dmm_strg%3Dno_strategy~d2p_b%3D0.83~ogd2p_b%3D0.69~vurl_b%3D0.24~ss%3DNA~uiw%3D-1~ce%3D0~rps_b%3D50.26~vurl_l%3D50~CI%3D2749~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D4.11~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.41~ivurl_l%3D50~supply_tag_id%3D%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEFTwTQ4lOiaHlJDqlbFuo7A%7Esd%3D4%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D3314916115%7Esobp%3D%7Ectr%3D3.3274808E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&utime=936&sf=0&cpr=0.33687698136245126
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.48.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-48-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Sun, 09 Oct 2022 09:17:04 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame DF46 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6122
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 01:35:02 GMT
etag
48472445140208031
expires
Mon, 10 Oct 2022 01:35:02 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 7A67 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a3c8041261c1f2ea5e4e164a80d38ad3fee6291ec414401d9b7329cb4efd6b67

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9B9F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76768
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:17:04 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 10 Oct 2022 00:36:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame E165 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.4.232 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
fa30e534317e39613f28eb9bff30042cd3ac6dd36ebba7802c4f9efad4a959c8

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Sun, 09 Oct 2022 03:17:05 GMT
etag
W/"061ee066b36b67b3a8b4b3e905bb0eab6"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 9AA4 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 01B5 		944 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
9decfd58809c447abece287c428ca034e8447841ff18fb9b7d169e24c3bfab93

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
944
content-type
text/html
date
Sun, 09 Oct 2022 03:17:04 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 7AFD 		2 KB
977 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
fa9f530501d9cad5886eb72309362fef8c0622a421c3b029a34ce715a1671577

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7573f6129fdaa86b-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P2Amm07%2B3iY413NBFanMZpx%2Bdcok1RYeThOsvkHldTMloXwT6%2FLzyB3XJz831Rl4qT7Q7Yob5rbLa%2F8x4F8FmCKS0hNHimUSWsqmbyCI236u495I2axBTrmr8WmX1ykMaT8bVO6fJLU%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 16E7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 03:17:05 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 09 Oct 2022 03:17:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame DE25
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90RXXGX-15-7FLE&gdpr=0&us_privacy=1YN-
0
240 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90RXXGX-15-7FLE&gdpr=0&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
3.232.113.231 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Connection
keep-alive
Content-Length
0
Vary
Origin

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L90RXXGX-15-7FLE&gdpr=0&us_privacy=1YN-
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
94869a3d6d62a785bc2a9351b08a70bb
Expires
0
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7993443584297490447
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7993443584297490447
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:04 GMT
AN-X-Request-Uuid
7bb86a4d-463e-4a64-9b8b-086c89df5bf4
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://ads.servenobid.com/sync?pid=312&uid=7993443584297490447
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FczFCRZHe7OM3hj0Q0m68vn5
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FczFCRZHe7OM3hj0Q0m68vn5
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:05 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FczFCRZHe7OM3hj0Q0m68vn5
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap2sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FczFELZHqT3uphtkTdulgaB6
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FczFELZHqT3uphtkTdulgaB6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://ads.servenobid.com/sync?pid=310&uid=FczFELZHqT3uphtkTdulgaB6
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap4sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=f8f57ed5-285b-41c2-82c5-362d88484e85
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=f8f57ed5-285b-41c2-82c5-362d88484e85
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:06 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=f8f57ed5-285b-41c2-82c5-362d88484e85
Date
Sun, 09 Oct 2022 03:17:05 GMT
Connection
keep-alive
Content-Length
119
Vary
Origin
Content-Type
text/html; charset=utf-8
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6856119465
  • https://sync.1rx.io/usersync/tradedesk/e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
  • https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
  • https://ads.servenobid.com/sync?pid=321&uid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
0
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
date
Sun, 09 Oct 2022 03:17:05 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX1045189374d94ab9bfd7bdfaa4ae8c9e004
content-type
text/html
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1974054389975318772
0
0
usa
sync.go.sonobi.com/ Frame DE25 		0
0
pixel
ap.lijit.com/ Frame DE25
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ssp.disqus.com/redirectuser?partner=adaptmx&gdpr=1&gdpr_consent=&us_privacy=1YN-&r=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F1%2F3396%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D5...
  • https://prebid.a-mo.net/cchain/1/3396?gdpr=0&gdpr_consent=&us_privacy=1YN-&A=52402137-d824-4ab7-903c-7b4e839cf088&bidder=zeta&cbx=aHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%3D&uid=...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F3396%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D52402137-d824-4ab7-903...
0
0
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
pixel
ap.lijit.com/ Frame DE25
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D6%26r%3DCid1YS1iNzRlYWI1OS0xMWQ1LTNhMTktOGExMS1lNDMwMjI4NjYxNmIqU2h0dHBzOi8vYWRz...
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F3367%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D52402137-d824-4ab7-903c-7b4e83...
0
0
sync
ads.servenobid.com/ Frame DE25
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
0
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-AJB24I1E2uF94jBihnOeB4.0iH.UUt11Kl_r4nw-~A
date
Sun, 09 Oct 2022 03:17:04 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
tap.php
pixel.rubiconproject.com/ Frame 7CD0
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8_fthosWDZ_uocZaw8eZM&google_cver=1
42 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8_fthosWDZ_uocZaw8eZM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
f60a7260b0ebb7a40a81234af4a9e826
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEK8_fthosWDZ_uocZaw8eZM&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
aax-eu.amazon-adsystem.com/s/ Frame 7CD0
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
pixel
cm.g.doubleclick.net/ Frame 7CD0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDAxZmU0NjY0Y2I5ZjlmZTFiOWJhZmU3Njc5ZGM5NDk0OWIyZTE3Zg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDAxZmU0NjY0Y2I5ZjlmZTFiOWJhZmU3Njc5ZGM5NDk0OWIyZTE3Zg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NDAxZmU0NjY0Y2I5ZjlmZTFiOWJhZmU3Njc5ZGM5NDk0OWIyZTE3Zg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
550b0c1400f70e56269f7c1848fb3166
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
ecm3
s.amazon-adsystem.com/ Frame 7CD0
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=F6AFIdfDQgaFKhtvWFwtBA&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F6AFIdfDQgaFKhtvWFwtBA
0
0
tap.php
pixel.rubiconproject.com/ Frame 7CD0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/SjqSmj6CDN6KdnN7caYXNMn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8679439431539563615
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8679439431539563615
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=8679439431539563615
content-length
0
setuid
px.ads.linkedin.com/ Frame 7CD0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90RXXGX-15-7FLE
0
143 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90RXXGX-15-7FLE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Server
13.107.42.14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 3F25D70839BB48E483C4046599738F6C Ref B: SYD03EDGE1606 Ref C: 2022-10-09T03:17:05Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXqkXo/erQL8arlcdLQNA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L90RXXGX-15-7FLE
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
548ddf114c6f6bfbb66a4cdeb6a219f4
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 7CD0
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&gdpr=0&gdpr_consent=&expires=30
42 B
677 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
dedf7fc216a5bbc739a54325e875a79f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&gdpr=0&gdpr_consent=&expires=30
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
289
pixel
cm.g.doubleclick.net/ Frame 7CD0
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDkwUlhYR1gtMTUtN0ZMRQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
generate_204
tpc.googlesyndication.com/ Frame 04EC 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?zdrgGQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:04 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 4D5F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100301&jk=2771569315945354&bg=!uLulu__NAAYQgTJdMIE7ACkAdvg8WjIGE6mwm8pKQ2oihIo6hcmMsO8SiVcxRYF6jLTMgQKuMGc2MQIAAADeUgAAAAFoAQcKAHM3zoLfWmLy5Q-9Jp1uccOkzGVHyf4JoN_YcG-74j-ZS89SNOpWOhEZMqmnTV3t6OTCr5qhoKCRNErRQOm9X1FhhSVjitUzyjO6REjMDPEedJl02q7bIsVHrhekgbQlc_EvVRjZ5Gh8jafUdsAwQ_1cHkQQmQKrPfG7nd37y5FUuccLipCxjTFmNDeUAgz4JE4L_9EZUEhd98va4ZYcmvhiJZCDUW_TeFPOjPW6TVz3MZWcFRULqPH5F2SLtteUEk9rmutXOUFm9B04IzBVYU3nEC1Y18MSuw6HwRsTyOpPTLeAqq84kkQC4vjoed6VTvpo_jgmL61316YCSqlsKa4qUb7zhiGqPCWGcdDNg2aaaAimmpDupCfTJGkVTTaiuuI_XRNLO8gz3eNBCdY0PWSyS66Iv3KqXXiB-9snhXGTk82kKymRC6Cbk4ph65An-kRK2VjcZfI8MScFaDvBZluPQMSTw6CIRy0SExFuiKk68iqqPgUrH7juolG9mX3_i3o0Qg1xVtKN4gqhFSe0q_FYOWp9sbFrsvLK1Qa3ZgJ9gGH6Xm3lNXlvKzwHYVQcLr2mzrFT2gavOOe8uFL-9rLLv-XYC7TWsuXfUQjdQCd4xpPwwNf0QQAxnEogR3mblGGesSWp_4TsK-bPBaGv7771jJO2fYo5M7eQ3OR_95yo0dWt2tE3wpMv2r-m7m7SBjJ5M6Pt2-11LQtFT_X-tTktyQ-Zxcq-qFs2LJBPfTaSz1xNVBeQzkkreJMgzSwDZhWEFZam5VeyTWLo2lgLS_4c0_4B3W5-P79NAJUO2BZ0B6Jtlkpo1sef3kioae8T256zg2u6Uoz8djkAWGzyukNLz_nYA4onNsbvCVcAHDrFaapgxgixD2hQS4tko4kQbefgjSwpMLfoMA5qWW3GSFWNXFpFV32yDnWhGRGIA7sOoZcU-ATrJK-7RwhVMANWVsu14sOZ2dh_hE5t4G3CpN1TnHO9Y8mAvDktb6W50qAATevB-50dmdqfVu9vtmiP5lRRWsRYTE-TAxfhrRXZ23y0gihsoiuwGgvGCu8e_IbOKwI
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 28F1 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:05 GMT
AN-X-Request-Uuid
21b87281-91a8-4d6d-a9a6-a83044d8a772
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3883 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022100501&jk=2266630913647439&bg=!_P-l_7vNAAYQgTJdMIE7ACkAdvg8WhsfzxYUq42Jf4Hq-Yt6bw8yRA0cP2ef_k79Im7AKD319LMZmwIAAADWUgAAAAFoAQcKAKZsPhfUHt-9OW1rCmQj-PlyulH3CQvwVjWv-btiSHzZPxGOP2SxNvVKc8tz0LHtuXZhf8xx4nC8LtvxWf6ZOLCQazEVczednpt0l9U5zXTtUpK7qy11cNWnzZ4wX1fzhj00clhEDz7sbT1UequIz8iayGivTZyhXmSz7aQsUUXjELYQ_ufhJ6jgK5n60NPj17Yevq64Sy35BuXpoTVwBdvxCGoas5GnmQKmwCcO-rlA-9thK1cfZSYoxbrxajtN5oYVmIt4ZbO6wMQQTepQXbdhOPpl5xpjrpbFrr7zSF38UoFCx2i52LNgnUjzaqafdfYt-810eK1ck6NV9vTtabHuh00Q3565owtXf-9nXGWJ5-BYRSPo-mu7YDG5ABfYhtvSdTt7VfPTydZj86OJ4WP4yVLfepThS_xQeUOwfxdCCncuYGojCtgzyOePZFBWA-unh6eIFPLym3zehx6QTxbrVf2lLl3VW5THR4py9gxxDpTDvkUnHyPs0wHS40vee-P2QrlrKv_KNHTaTtDUZk_MSU8xh8LXmktkBneo9KMgdpmsEMg5w4hPO0uoe0MKrFBOkPkWF_YOeH8lNgy7A4Y8rtlc5XKt0SJnDUGJlmRDSoYmweSqKn8DWlLClQkaB_9xFR7K4pAQilyr9_naY1dPxudpqlo8_hlgGt1eVyvymwGq9H-BLMEegL_yDpCW3fEiPtDAojoLiXAi4CF46Fn0Y8GqiaIIMdqRHmQ1OLJDbiDADM7_2vCrMRP6q5NgNiC4EM_yLcLbLRwcU9xA9umpRlhlMjKGxZNwmx3W00UPOCLLfNUJjWb2d6voMmbFGWDnkSUsEJqkAl6uX81mkdxqgbTPpiJRs_eaQlXM2VSMRKRvVfSnJmmKHJRL4V4t73D1nv5_IhSAx--qXutBPfKNxEQv1VvOQSzb0NcP2nTrRz4ojDR852vzfy6qBbw3_zzGhLsZe1zLgluzguNESCskAZvQDqjhA46qEVzpQeRqpglSKO2idgWbx6WyqFVEAFaKB6helYHf2dJDZe9GK49u-4aLa-YNP1Pq7sXsf4_TpF3jaD7BfVNkOpeobIhx6N1wzbYRNUvF1uRkirt15NLIWu10JrWgxphXXFnQTc14
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
PugMaster
image6.pubmatic.com/AdServer/ Frame 2FB9 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=90241271&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
08999226b216ff184deda0fbf11921c27a51631ae818f177b16ac1b32dc33caf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:16:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
usermatch
ssum-sec.casalemedia.com/ Frame A345 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
3ae4db85b83b6d319ae385091a8f0de8c984137fcb879bf5d7a85c9482cd0108

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
7573f612afe2a86b-SYD
content-encoding
br
content-type
text/html
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OVOyWN0AOvkHTm8LvXsArWXePu2igbNMh%2FsgwJn6rd2fxDUzC6UtQVq7eMSNZMOMXV1PCWUzI3EaAVkVmY%2BbyKdYmreusU5%2FNweN83TD%2Fdt23gnIW%2FzZfqOariOaPPHtqt9uDW2X4uKEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pixel
cm.g.doubleclick.net/ Frame DF46
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEAlOEyfXJ7ssI-6vbsS465M&google_cver=1&google_push=AZmPxg_LJqooyW16Bo-m-NjpafAGpUz669OaJ3U8pYrdq8J3wBphckoX3lpIznXoDTB2VFav4hHPbHGVth4UDH2N...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=fyJjQj0wQwCDsa6NwkXXTg&google_push=AZmPxg_LJqooyW16Bo-m-NjpafAGpUz669OaJ3U8pYrdq8J3wBphckoX3lpIznXoDTB2VFav4hHPbHGVth4UDH2Nks45HLX3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=fyJjQj0wQwCDsa6NwkXXTg&google_push=AZmPxg_LJqooyW16Bo-m-NjpafAGpUz669OaJ3U8pYrdq8J3wBphckoX3lpIznXoDTB2VFav4hHPbHGVth4UDH2Nks45HLX390i8EM2vU3UvzAfYfODBO_q5zTl9uWTB_nNJnQLXIMVmB1E
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x6 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=fyJjQj0wQwCDsa6NwkXXTg&google_push=AZmPxg_LJqooyW16Bo-m-NjpafAGpUz669OaJ3U8pYrdq8J3wBphckoX3lpIznXoDTB2VFav4hHPbHGVth4UDH2Nks45HLX390i8EM2vU3UvzAfYfODBO_q5zTl9uWTB_nNJnQLXIMVmB1E
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Oct 2022 03:17:04 GMT
pixel
cm.g.doubleclick.net/ Frame DF46
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESELyAPsqERrarD5AwXNLbFTI&google_cver=1&google_push=AZmPxg_YeHnlLSWMVpMX8qyN9ocqCgnoJBuUohnrhMDyAEFNBuDZ5Y9ePDcyoQ74dvm6uQh5x4u3fD1WYdzec6TxHa1x-Bcqrd28F0...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DB63FA15CC1C46B99544A21AB07F82FA&google_push=AZmPxg_YeHnlLSWMVpMX8qyN9ocqCgnoJBuUohnrhMDyAEFNBuDZ5Y9ePDcyoQ74dvm6uQh5x4u3fD1WYdzec6T...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DB63FA15CC1C46B99544A21AB07F82FA&google_push=AZmPxg_YeHnlLSWMVpMX8qyN9ocqCgnoJBuUohnrhMDyAEFNBuDZ5Y9ePDcyoQ74dvm6uQh5x4u3fD1WYdzec6TxHa1x-Bcqrd28F0EHzZ2XUhswwveXJyYVBNQNLT1fJbFenT_3BWJ7SrE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=DB63FA15CC1C46B99544A21AB07F82FA&google_push=AZmPxg_YeHnlLSWMVpMX8qyN9ocqCgnoJBuUohnrhMDyAEFNBuDZ5Y9ePDcyoQ74dvm6uQh5x4u3fD1WYdzec6TxHa1x-Bcqrd28F0EHzZ2XUhswwveXJyYVBNQNLT1fJbFenT_3BWJ7SrE
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Sat, 08 Oct 2022 03:17:05 GMT
pixel
cm.g.doubleclick.net/ Frame DF46
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEJzIlTsNE5IFF3olver57GY&google_cver=1&google_push=AZmPxg8p6hT2j2FEbFK9osPm1lLtAj8dcsdmg1h1ZQ4P1p5qJFrq6Rl1xBluGT3bj916iEat1Bi4mIL...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8p6hT2j2FEbFK9osPm1lLtAj8dcsdmg1h1ZQ4P1p5qJFrq6Rl1xBluGT3bj916iEat1Bi4mILHGeUkHGijac9H4WUMo56T2ngok28MtX2tPdcBIAP3C32HlnMJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8p6hT2j2FEbFK9osPm1lLtAj8dcsdmg1h1ZQ4P1p5qJFrq6Rl1xBluGT3bj916iEat1Bi4mILHGeUkHGijac9H4WUMo56T2ngok28MtX2tPdcBIAP3C32HlnMJscCgDbC8mF4XoQ&google_hm=ftHVuwtHRZCgXK1053tXN6U
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:04 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AZmPxg8p6hT2j2FEbFK9osPm1lLtAj8dcsdmg1h1ZQ4P1p5qJFrq6Rl1xBluGT3bj916iEat1Bi4mILHGeUkHGijac9H4WUMo56T2ngok28MtX2tPdcBIAP3C32HlnMJscCgDbC8mF4XoQ&google_hm=ftHVuwtHRZCgXK1053tXN6U
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DF46
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEPZGW-0fdy-QAW4Gp5F7t5Y&google_cver=1&google_push=AZmPxg9i-rpy0_Zf1Lh-lkpRBoPmPgjCdpB_zd7P7L3VK-evzlBQO0n2RB502t9jksbV1MCiYN5jLgTZ6ONETFDPV83GrBA...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9i-rpy0_Zf1Lh-lkpRBoPmPgjCdpB_zd7P7L3VK-evzlBQO0n2RB502t9jksbV1MCiYN5jLgTZ6ONETFDPV83GrBAx9HP_7b8zvnUfaXGpOcDE4-k7iYkVDMzSnA-sJ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9i-rpy0_Zf1Lh-lkpRBoPmPgjCdpB_zd7P7L3VK-evzlBQO0n2RB502t9jksbV1MCiYN5jLgTZ6ONETFDPV83GrBAx9HP_7b8zvnUfaXGpOcDE4-k7iYkVDMzSnA-sJJKwPmQ7rH8&google_hm=ODY3OTQzOTQzMTUzOTU2MzYxNQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg9i-rpy0_Zf1Lh-lkpRBoPmPgjCdpB_zd7P7L3VK-evzlBQO0n2RB502t9jksbV1MCiYN5jLgTZ6ONETFDPV83GrBAx9HP_7b8zvnUfaXGpOcDE4-k7iYkVDMzSnA-sJJKwPmQ7rH8&google_hm=ODY3OTQzOTQzMTUzOTU2MzYxNQ%3D%3D
content-length
0
pixel
cm.g.doubleclick.net/ Frame DF46
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEK_kMVlLgeGzzBM52aaBDD8&google_cver=1&google_push=AZmPxg89ji12wdEVSttdnZfqXJeJDPA_OcEfUoSdabHMEgAP_UaYtbSzKLiwu7K2-bV29L4Mvw6C63jZGMCVGnl...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GJW5RGn0QKhqpnUXGxXuIq310aU&google_push=AZmPxg89ji12wdEVSttdnZfqXJeJDPA_OcEfUoSdabHMEgAP_UaYtbSzKLiwu7K2-bV29L4Mvw6C63jZGMCVGn...
0
0
pixel
cm.g.doubleclick.net/ Frame DF46
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEIxgb-G3SGE-QMg2bpbWeD0&google_cver=1&google_push=AZmPxg_Mb_QeTjPagFSS-pZtfcIn2h_Avh91arS6WJTmonYdsFRrXC_vioZXakgicjGwCQ-vNlDnshr6Exi-iE87kFxobZuZK...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&mn_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_Mb_QeTjPagFSS-pZtfcIn2h_...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&mn_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_Mb_QeTjPagFSS-pZtfcIn2h_Avh91arS6WJTmonYdsFRrXC_vioZXakgicjGwCQ-vNlDnshr6Exi-iE87kFxobZuZK5Z-bTgaErDkw-L3Par5rdejaVMir3wbQ44exz5WyIC-XFc&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&mn_hm=MzA4Mjg3MDIzNjgzNTc4NjAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_Mb_QeTjPagFSS-pZtfcIn2h_Avh91arS6WJTmonYdsFRrXC_vioZXakgicjGwCQ-vNlDnshr6Exi-iE87kFxobZuZK5Z-bTgaErDkw-L3Par5rdejaVMir3wbQ44exz5WyIC-XFc&gdpr=&gdpr_consent=
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:05 GMT
/
onetag-sys.com/match/ Frame DF46
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEBfbmd9qdsGRspa1qU4XIb4&google_cver=1&google_push=AZmPxg_cbO7ws1kdQKSiTjAVv_2FaP-IUcwWEdD8eOmW5WWD0XoAYZKtI2O-IztrLZzMZA8vdAAmo9EKJS5...
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AZmPxg_cbO7ws1kdQKSiTjAVv_2FaP-IUcwWEdD8eOmW5WWD0XoAYZKtI2O-IztrLZzMZA8vdAAmo9EKJS5RaDAE3ddEqv7CB99ijdnKrPwB917GKBFCVmgf...
  • https://onetag-sys.com/match/?int_id=19&google_error=5
0
200 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=19&google_error=5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Server
51.79.234.101 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip101.ip-51-79-234.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
attr
cm.g.doubleclick.net/pixel/ Frame DF46 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K7kdYTktUiRGf3cqxWJMYXpF6JgZODxJZBAsS9WM10pluKzzC8jjHce9nN8mkx1V-V38V4PQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285422752&bpp=12&bdt=328&idt=573&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=1884394490541&frm=8&ife=1&pv=2&ga_vid=1310991129.1665285423&ga_sid=1665285423&ga_hid=587542002&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31070197%2C42531706&oid=2&pvsid=1640343359886400&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.mjulobsj5lis&fsb=1&dtd=589
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
activeview
pagead2.googlesyndication.com/pcs/ Frame 4D67 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuxg4S8EJFcR0SHQC6GQnZMnl_8H_eTR3tpFlcRRSyVD0JZlOV5ljDIgKJnvl23xC0Hz9DWB88X-d5TIZT8Z15du2xu&sig=Cg0ArKJSzIkhWD-6vgokEAE&cid=CAASFeRocbhNzSth9Tc0aimkiDGpmU_r_w&id=lidar2&mcvt=1000&p=60,450,314,750&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20221005&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1665285421144&rpt=3022&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bqi.php
lg3.media.net/ Frame 4D67 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3090&lf=3&&vgd_hb_audit_1=8CUSE6W07&vgd_hb_audit_2=125608466&vgd_l2type=sca&pid=8POW856F7&katbid=-103&katen=1&cme=euXxSCmRR6OUxLqRDoiYrEF2k5sJcOmVNwCR1GnDMaeW4Ib_M-RfsCmXqq1oXjFq8JZRuq02nMQS1sEtnBcVcLOANy5SaEEGbwJJl5KlmP2iZaLG83NoUJDBLzQ7bzL0X7VQ8KkD6mVJBC_8fcrDk0EgopSmkH5EoXrlKVtZXZS_QHbvsx3i1NAISQAHaY1mb5Li0y1rXd6f4r1MxhHDVA==||b-378LlPD7sO1wIjCRRt3aapcm4hamve|zX3XAtm_0cpt-a8SBehOerJxmaaXzHzZkFKPa4qI3rkPPMtiVUQxA5BMX5BetdgN9w608-rjWjXVaR8KF9XHWuKkYDT0Tf46tOhIMWWO3gseX7N4jPiwMLMr9L1pfmv0PeITgI6rbPFOIFSkOCDwzQ==|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|jhItBY7AcFFv6xpbQvQJOUpuOcB2VEipObiKs-jYBAENqK6YNUv3p9w5wrkviCofXtz1KzuDS4_9Gk02Cm1Ln7Keg_di1-Bh40vKWRd3DfhptbOcptpcvMjn0g7osKIe8PvbY-8y1xdzzDLjczwovODn4dIR3j4jgCu9NJr7TMq-l0xdHzTySry4FXdJHn6d63cmJW3z7M_OWzhTpwtsETxEZfpFLOcP8TDv_x1Fylk=|u8A6SM53vAf7J4TF5lmmrAmR3vzliOaq|&gdpr=0&prid=8PRVCXX19&cid=8CU84X179&crid=966716711&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&vi=1665285422776511561&ugd=4&cc=AU&sc=NSW&bdrid=313&subBdr=196&startTime=1665285423137&vgd_l1rakh=1665285422179176503&l1ch=1&sttm=1665285423145&upk=1665285423.15748&hvsid=00001665285423145029185683573635&acid=3c27da02f5d5433fb388e034f6eb794b&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.02~vw_exc%3D0.77~smm_bid%3D0.02~vis_sd%3D214~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022100818~iurl_b%3D8556.52~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.26~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D117%2C117~et%3D29~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022100823~vis_b%3D715.43~url_b%3D0.12~url_tvi%3D0~smm_wr%3D2.6458~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.02~bm%3D1~smm_sd%3D2022100820~sid%3Deec915957ea00e30955522a4e6e0415c~sd%3D1~uid%3DaQw3XjRL9rz9eWeL2~btd%3D248904513883016793927609123321287397898124166738575218076333649218757026050344637239296~d2p_l%3D10~3pcf%3D600.6~uim%3D133~dmm_strg%3Dno_strategy~d2p_b%3D1~ogd2p_b%3D0.97~vurl_b%3D0.15~ss%3DNA~uiw%3D40~ce%3D0~rps_b%3D30.1~vurl_l%3D30~CI%3D2749~nts%3D1~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D6.61~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D1.1~ivurl_l%3D30~supply_tag_id%3D%7Eviewability%3D0.77%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESEFTwTQ4lOiaHlJDqlbFuo7A%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-8933329999391104%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D1420297610%7Esobp%3D%7Ectr%3D7.039775E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dtrue%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D1~tgs%3D300x250~bsb%3D0~bsp%3D0~tmx%3D253&matchstring=hr%3D0%7C&vgd_matchstr=hr%3D0%7C&vgd_sc=NSW&infr=1&twna=1&stime=1665285421659&vgd_ecrid=1700080807683300300025000039600&l1hcsd=l1!Otx5k|6666&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p074189506t202210090317&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 09 Oct 2022 03:17:05 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=47204
content-length
15
match
c1.adform.net/serving/cookie/ Frame 6AB2 		35 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FC31A77B-8598-437B-9EB1-63D38ED935D6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.21 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
ImgSync
image8.pubmatic.com/AdServer/ Frame 94D2
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:7f226342-3d30-4300-83b1-ae8dc245d74e&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame B2E6
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y0I9LgAAAbmjqABe&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 718D
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=xd10e2oo8bl
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame AFDE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=GiSvux9zqeoBIai7TSG2vhVy-LwBIKu_TS7KYriM
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D...
0
0
usersync.aspx
dis.criteo.com/dis/ Frame 86BA 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:04 GMT
expires
Sun, 09 Oct 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
506501
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 164A 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Sun, 09 Oct 2022 03:17:06 GMT
Pragma
no-cache
Server
nginx
expires
-1
SPug
image4.pubmatic.com/AdServer/ Frame 7519
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=46mVHwbHBUebihk3Lj1CYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D...
0
0
pxd
dps.jp.cinarra.com/ Frame 2A2C 		0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 9E06
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=67df00decc374be299b47072c4146d74
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
sync.targeting.unrulymedia.com/csync/ Frame 040F
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004&rndcb=4078131065
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&google_hm=Y2U2YjU4ZGEtNmUxZS00MjJhLWEyZGQtMDEyMmM3ZGJm...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEDcE78KOVNZe3pYEPyJvik8&google_cver=1&ssp=adconductor&bsw_param=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
  • https://sync.1rx.io/usersync/bidswitch/ce6b58da-6e1e-422a-a2dd-0122c7dbf66c?gdpr=&gdpr_consent=
  • https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3D31
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da1accaa-4780-11ed-bb17-3455f57e8f4a
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame C289
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7tHXRMjn1OHmOk5&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 79D2
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=44198010-4fa8-4715-8f36-cd9e916968e9-tucta3bc2b1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
55 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=44198010-4fa8-4715-8f36-cd9e916968e9-tucta3bc2b1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Sun, 09 Oct 2022 03:17:05 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10147-SYD
x-timer
S1665285426.728649,VS0,VE131

Redirect headers

accept-ranges
bytes
content-length
0
date
Sun, 09 Oct 2022 03:17:05 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=44198010-4fa8-4715-8f36-cd9e916968e9-tucta3bc2b1&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10147-SYD
x-timer
S1665285426.521881,VS0,VE94
x-vcl-time-ms
94
/
csync.loopme.me/ Frame 4741 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.172.108 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7573f6158d2da971-SYD
date
Sun, 09 Oct 2022 03:17:05 GMT
server
cloudflare
cookiesync
core.iprom.net/ Frame 6E54 		0
0
i.match
a.tribalfusion.com/ Frame 9BFD 		43 B
665 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.35.11 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7573f614cfdbaac1-SYD
content-length
43
content-type
image/gif; charset=utf-8
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
141
match.deepintent.com/usersync/ Frame 1BF1 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
date
Sun, 09 Oct 2022 03:17:05 GMT
server
a
ImgSync
image8.pubmatic.com/AdServer/ Frame 02E5
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:AB2812A23EC14D1797A418A16CAA296F
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
cksync.php
contextual.media.net/ Frame EBF1 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3082870236835727000V10&type=pba&refUrl=&vid=52854239033082870236835727000V10&ovsid=FC31A77B-8598-437B-9EB1-63D38ED935D6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
Sun, 09 Oct 2022 03:17:05 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 2FB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_DGne4WYQ3uesWPTjtk11g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=76767
accept-ranges
bytes
content-length
5549
expires
Mon, 10 Oct 2022 00:36:32 GMT

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
pippio.com/api/ Frame 2FB9
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=FC31A77B-8598-437B-9EB1-63D38ED935D6
  • https://idsync.rlcdn.com/1000.gif?memo=CIbVGRIwCiwIARCMowEaJEZDMzFBNzdCLTg1OTgtNDM3Qi05RUIxLTYzRDM4RUQ5MzVENhAAGg0IsfqImgYSBQjoBxAAQgBKAA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=2ff4095b857d2a8fc8d45a23bedd65d966ec7de007f84a9283845061ae558492791426b5417dce21&_=2
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7f226342-3d30-4300-83b1-ae8dc245d74e
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESELQVl7crd6IC-e0HpJ2Dx6A&google_cver=1
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D...
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:526FDAAC93984CBC810F5A3DF0091B9A
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.82 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:06 GMT
cache-control
private,max-age=86400
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
FC31A77B-8598-437B-9EB1-63D38ED935D6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 2FB9 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FC31A77B-8598-437B-9EB1-63D38ED935D6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7993443584297490447&gdpr=0&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D...
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=4184029124990060828
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FC31A77B-8598-437B-9EB1-63D38ED935D6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vqPh67dE2uUYq5yPi.7iuTGpXhkIK_U-~A&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7993443584297490447
0
0
v2
odr.mookie1.com/t/ Frame 2FB9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=54617ede-b486-4bb0-9574-013e4d35eaea&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10526108599902079116&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=51fa4190-1b56-4ba9-929c-02e99a0d4b4a&ssp=pubmatic&gdpr_consent=&gdpr=0
0
0
ImgSync
image8.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=8057414613641581855&gdpr=0&gdpr_consent=&us_privacy=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2FB9
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=5ac4dffaca651aff&is_secure=true&networkId=17100&version=1&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJl03o9B6BWwNE8Zr4AAAAAAA&expiration=1665371825&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&...
0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 2FB9 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dpba%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.249.66.168 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
crum
dsum-sec.casalemedia.com/ Frame A345
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0I9MJXdAGVVfXkjAF5y2AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGuwQ-ecac9jpDx8F9AhiLo&google_cver=1
0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame A345
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE8yp419yOPDTb3MLvs_xN4&google_cver=1
43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE8yp419yOPDTb3MLvs_xN4&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aphGmxJJYZYfXi93sqqY%2BW0ctVoovnyyuqcrwgslL3FBheS3DmjSJbtk7HF%2B37U5fI85TwqqWlru78NNxCs2iatXaD5ohgaZwa2ZxkzDpsVeKN4N0lMVLn9ZacxqldgRPCEoTPz0Uldfow%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
7573f61618e5aaf9-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEE8yp419yOPDTb3MLvs_xN4&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A345
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
209.54.182.161 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
2RMF1VRARSH2PMSJT46M
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:05 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
FGKX0V418GMCQTSV1W2E
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame A345
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&expiration=1667877425&gdpr=0&gdpr_consent=
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&expiration=1667877425&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba&expiration=1667877425&gdpr=0&gdpr_consent=
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
323
crum
dsum.casalemedia.com/ Frame A345
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7ff09ced-5ba8-29ab-dcedeeb1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7ff09ced-5ba8-29ab-dcedeeb1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

date
Sun, 09 Oct 2022 03:17:05 GMT
via
1.1 google
server
nginx/1.22.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=7ff09ced-5ba8-29ab-dcedeeb1
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
tp_out
d.adroll.com/cm/index/ Frame A345 		42 B
181 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.141.27.50 -, , ASN (),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
no-transform,public,max-age=300,s-maxage=900
server
nginx/1.20.0
content-length
42
vary
Cookie
content-type
image/gif
crum
dsum-sec.casalemedia.com/ Frame A345
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f226342-3d30-4300-83b1-ae8dc245d74e
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f226342-3d30-4300-83b1-ae8dc245d74e
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Server
MT3 4539 98cc2da master nrt-pixel-x20 config:1.0.0
Content-Type
image/gif
Access-Control-Allow-Origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=7f226342-3d30-4300-83b1-ae8dc245d74e
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
0
Expires
Sun, 09 Oct 2022 03:17:04 GMT
Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame A345
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
htw-pixel.gif
cdn.indexww.com/ht/ Frame A345 		43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?Y0I9MJXdAGVVfXkjAF5y2AAA%265335
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
213
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=7200
accept-ranges
bytes
cf-ray
7573f6158c77a81a-SYD
content-length
43
expires
Sun, 09 Oct 2022 05:17:05 GMT
usync.js
eus.rubiconproject.com/ Frame 3D17 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66486
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
sync
ads.servenobid.com/ Frame 01B5 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2363090164818724230&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
us.php
gu.dyntrk.com/adx/sma/ Frame 01B5
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
0
0
/
rtb-csync.smartadserver.com/redir/ Frame 01B5
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?st=bidswitch&rurl=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D79%26user_id%3D_wfivefivec_%26expires%3D30%26ssp%3Dsmartadserver%26bsw_param%3D54617ede-b486-4bb0-9574-0...
  • https://x.bidswitch.net/sync?dsp_id=79&user_id=7tHXRMjn1OHmOk5&expires=30&ssp=smartadserver&bsw_param=54617ede-b486-4bb0-9574-013e4d35eaea
  • https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&gdpr=&gdpr_consent=
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&gdpr=&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

Location
//rtb-csync.smartadserver.com/redir/?partnerid=31&partneruserid=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c&gdpr=&gdpr_consent=
Date
Sun, 09 Oct 2022 03:17:05 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
rtb-csync.smartadserver.com/redir/ Frame 01B5
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjM2MzA5MDE2NDgxODcyNDIzMA==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPNO1iJCZXdNtA0F8-RZ_00&gdpr=0&gdpr_consent=&google_cver=1
43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPNO1iJCZXdNtA0F8-RZ_00&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEPNO1iJCZXdNtA0F8-RZ_00&gdpr=0&gdpr_consent=&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
rtb-csync.smartadserver.com/redir/ Frame 01B5
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4184029124990060828&gdpr=0&gdpr_consent=
43 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4184029124990060828&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Server
23.106.127.52 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
cache-control
no-cache,no-store
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=4184029124990060828&gdpr=0&gdpr_consent=
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame 7AFD
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7993443584297490447
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7993443584297490447
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:05 GMT
AN-X-Request-Uuid
a57c2acf-8025-43c2-a230-45dc9a2704de
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7993443584297490447
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 908.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7AFD 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
ie
match.prod.bidr.io/cookie-sync/ Frame 7AFD
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
0
0
rum
dsum-sec.casalemedia.com/ Frame 7AFD
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0I9LgAAAbmjqABe
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0I9LgAAAbmjqABe
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

x-served-by
cache-syd10136-SYD
pragma
no-cache
date
Sun, 09 Oct 2022 03:17:05 GMT
via
1.1 varnish
server
Varnish
x-timer
S1665285425.381337,VS0,VE0
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y0I9LgAAAbmjqABe
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
us.php
gu.dyntrk.com/adx/ie/ Frame 7AFD
Redirect Chain
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1
  • https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=05030002_63423d2ed48a1&knw=1
0
0
crum
dsum.casalemedia.com/ Frame 7AFD
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID
  • https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7993443584297490447
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7993443584297490447
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
139.5.84.243 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:06 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Sun, 09 Oct 2022 03:17:05 GMT
AN-X-Request-Uuid
ada20b7b-608a-40f9-900e-1ebe646084fe
Server
nginx/1.21.3
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Location
https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=7993443584297490447
Connection
keep-alive
X-Proxy-Origin
173.245.209.165; 173.245.209.165; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 7AFD
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
54.255.52.29 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
date
Sun, 09 Oct 2022 03:17:05 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 7AFD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y0I9MJXdAGVVfXkjAF5y2AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGuwQ-ecac9jpDx8F9AhiLo&google_cver=1
0
0
sync
ads.servenobid.com/ Frame 7AFD 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=Y0I9MJXdAGVVfXkjAF5y2AAAFNcAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 75D4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221003&jk=2015435252709430&bg=!7O-l76vNAAYQgTJdMIE7ACkAdvg8WohWff5JB-fRRuTBUhOo8Xgxn8hRxw7bfKl8WPLXXwyn5mhgLgIAAABdUgAAAAFoAQcKAH9WJtQ-TRAEtYRar7KXzNP0AS19nvG89HZV1A6ak8n3uCVMrMSyTBrKTBbkSLveCWQX2hqOiSDQFmmL2htm-p7zy68rIMHztcFi7mTqTpCZlF4Cf252Q9tEglMlNbe7aqsnnHbjnSNjgjT0hsWToEeRb3ZaahEOT7uOFGCXlgtamQKkZSvLVljzxWZiDQhQxd4fvN1tyA6M1i728O4nQaZavk67-3cdTXhJFSGz2ge9WJqgOZgikRZx8rBzLNnieiX3NKPytvG0YbS6Zh2k_FkA0ae3l2N_gUPt7nHoVGLJAszx7bQJHccvqaSuQFPXBPQyUTOAyBUkQu68h07-zZ9sUaS3g4vT_9Q62scGI_RNMoSg09swM7iH7hOyJNoaSx5A2IeM0b5sPjAZvEj6mfNAmoYP66Nm2YAgnHQjOa33PlmHs7UiGDttcmyaJBiJLe6YvX6x3InHYwOr1kTyxpy-dSSM41ot7yiyeHXTGggsOXZPnHdQqxOeTtuq_wuIng-XioRLHgEDQMPY17oA0UEDWHWGE62L2CuX4T33hfoHm_4AXmSCboGenyM5TGdhpATFn-2G9hcmFykIeIw_sSztkICoMNrmamk0UEk3OxDdxyhyTnV7Ept55SZDW8oUN38eG8GbZ4n_CUk246DjRbii0oxUalWRMhjJwSCPyMTOFyeQJ7JgKk8DyF0nNA9e2G-nJraWpTauhijflWR7GoFEtZi4fXDVS2lBU8NIkZIehqOfwgmH0wXOpF1R25sMsQTVX0FkZ0ALhRrLCSimAPmhiCO0VAvE7GKi0cnfIR8BuvL9OUYERJ4fhiKKsls3w9plIeq4MJmpwoe4bdCKKmkFP6AD-AsUVGwS8sztYpNbk1hc7J0NQzxaBN_hHbdXz5xxhTXgcoluG-Rtm30202qsV3FbQgMHpND34dJCzvr6i4DF6Q6gsiut3I0OkT3hosO6LPrPWBMxJgmplZ4gwltyhTd33Chmm6v8k-aR7dmmVImArlSnvPiQmcx1ONh5Rtmt4rHjkqhNFBzepaYs0CW0I5JMMj1n9lQkpsMehCBIHtM1pbqGFQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7993443584297490447
0
0
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_5704fddb-2c89-449c-8f5f-65f7dfe97812&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&gdpr=0&user_id=3eCBJti3h3fG5YYmiuWYI9K21iHG5IUiiurW7xhH
  • https://usersync.gumgum.com/usersync?b=bsw&i=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
0
0
redirectObuid
sync.outbrain.com/ Frame E165 		0
0
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=eb5f3087-016f-487b-8c20-8bb8e7f853c5
0
0
sync
sync.srv.stackadapt.com/ Frame E165 		0
0
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-pD7go19E2peaHRfdy0siSNHSWOQF71diphKk~A
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame E165 		0
0
services
sync.technoratimedia.com/ Frame E165 		0
293 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
193.122.128.135 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:06 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
289525160
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
142
match.deepintent.com/usersync/ Frame E165 		0
16 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 -, , ASN (),
Reverse DNS
Software
a /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
content-length
0
server
a
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame E165
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_5704fddb-2c89-449c-8f5f-65f7dfe97812&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=XkKZzIa0kMuXTpwNGtr4&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WDLJNNHUSLBGBVU25KYKRYHOTSHORZDI...
0
0
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=13184d7e-feec-48f7-a412-f3f56ffebc43
0
0
bidswitch
event.clientgear.com/cookie/ Frame E165
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004&rndcb=1759578563
  • https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
0
0
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=9cTuFwx1Mp7m&ev=1&pid=558355
0
0
usersync
usersync.gumgum.com/ Frame E165
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2363090164818724230
0
0
sync
ads.servenobid.com/ Frame E165 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_5704fddb-2c89-449c-8f5f-65f7dfe97812
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.146.220 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-212-146-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 765F
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=7f226342-3d30-4300-83b1-ae8dc245d74e&gdpr=0&gdpr_consent=
0
0
usersync
usersync.gumgum.com/ Frame 19F8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=Y0I9LgAAAbmjqABe&gdpr=0&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/ Frame 0181 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV81NzA0ZmRkYi0yYzg5LTQ0OWMtOGY1Zi02NWY3ZGZlOTc4MTI=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame A9DB 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=76767
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Sun, 09 Oct 2022 03:17:05 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Mon, 10 Oct 2022 00:36:32 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame 6B12
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
0
0
um
cs.emxdgt.com/ Frame 7340 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.33.18 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Sun, 09 Oct 2022 03:17:05 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame 783F
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=Y0I9McCo5soAAIRKW7gAAAAA
0
0
usersync
usersync.gumgum.com/ Frame FAF6
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
0
0
cm-notify
creativecdn.com/ Frame 6E11 		0
0
usync.html
eus.rubiconproject.com/ Frame 020B
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sun, 09 Oct 2022 03:17:05 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Sun, 09 Oct 2022 03:17:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
truncated
/ Frame ACC0 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ACC0 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame ACC0 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame ACC0 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5313&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7Q9Z0BkjV9cEFLIUnCbUFHwb_GByRYMPFd-2F0amAKz5IIEb7nTcrFz3imjWXUiNDYmde5n90LJnPoEf1Z_FCdTKnHSpUk7zl1&cme=TDYKZc58JJ0ZEiVQz4P9XZb7IC593-3nQW5gidrQjDGq5RwXB9jSc8Kiu2xJks4nbx1xT73BxjZgi2K_0nBToj63b03QMU62Ml0F8rji4u5cwwVOs5cI3MACqWSCwjy46ceIMIn6rMSpdk6ozx3-fvLk7Vs5U_neoaZbxGkIhom0wqCw686eYCjL--oKSq8t_s3rsq5qok9Zem5L5_kMeQ%3D%3D%7C%7Ca0AmFUYXmD6ASqXHhJuVwQhdp4_HJdO5PL2fuJszgjo%3D%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CVG9Q1KGSzC0RPB9aR8MPLI1pz35lZz3QI6Cx6Blu7SO2BYH9-NaFDYfotAs27rcVUOiQSdvjUAuEYFi1RwRteEJIknK5dDZn29FOZOgJOuzWTOAu2w0c-Ryug2tGRUZFaucLhx1vEK3cAwyUC6jDqzufN05tafZavhP7Zd0I8btHuwIXc9aqT9nev79MqYZDqTLQ-fGHowfvJc0G8AYBQe-VRckCtQKXOXeddvztQxg%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785105&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=232&vgde_kbbh=ffoyxQJuO&kwd[]=Best+Cryptocurrencies+to+Buy&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=1&kid[]=329544111&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.83%7C60%3D1.68%7C12%3D3.10%7C10%3D5.69%7C63%3D0.28%7C66%3D1.24%7C1%3D1.67%7Cps%3D0.964%7C3%3D0.56%7C4%3D3.50&ktd[]=1126174801920256&ktrkt[]=Best+Cryptocurrencies+to+Buy&kwd[]=Best+High+Return+Investments&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=2&kid[]=326649050&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.83%7C60%3D0.26%7C12%3D0.87%7C10%3D5.69%7C63%3D0.28%7C66%3D1.24%7C1%3D0.26%7Cps%3D0.964%7C3%3D0.56%7C4%3D4.15&ktd[]=1126174801920256&ktrkt[]=Best+High+Return+Investments&kwd[]=Best+Priced+Car+Insurance&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=3&kid[]=48970281&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.44%7C60%3D0.36%7C12%3D0.26%7C10%3D5.69%7C63%3D0.28%7C66%3D1.24%7C1%3D0.28%7Cps%3D0.964%7C3%3D0.31%7C4%3D4.11&ktd[]=1126174801920256&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Vitamins+for+Hair+Loss&kwt[]=232&kbc[]=a8c5cf0754323e1139b173ce42054d81.d2s&kwp[]=4&kid[]=30111142&kbc2[]=0%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.01%7C60%3D0.43%7C12%3D1.56%7C10%3D5.69%7C63%3D0.28%7C66%3D0.81%7C1%3D1.28%7Cps%3D0.964%7C3%3D0.16%7C4%3D4.00&ktd[]=1126174818697472&ktrkt[]=Vitamins+for+Hair+Loss&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=340189069&kbc2[]=5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.30%7C60%3D0.15%7C12%3D0.59%7C10%3D5.69%7C63%3D0.28%7C66%3D1.24%7C1%3D0.17%7Cps%3D0.545%7C3%3D0.61%7C4%3D4.72&ktd[]=1126174801658112&ktrkt[]=Website+Maker+App&cid=8CUABW64L&vi=1665285424614756072&tdAdd[]=ib%3D0&vsid=3082870236835786&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=809&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785105&vgd_nrrv=17795&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1665285424144790561&sttm=1665285424603&upk=1665285425.513&hvsid=00001665285424603029185683575062&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=186&vgd_vsidtv=000V10&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3082870236835786&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~QYYMG8Ov9.9f~e8QMQOvfuf~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ffu99Wf9~8xLjMGvfHXWW.uX~xLjM7UNvu~Q7Ov~j1Q7v~e8QMxLjMGv9.uA~8EvAGB9PB~kGGv9~e8QMxLjMjvH9~L88Ex1vuuh%2Cuuh~J7vi~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ffu99Wff~e8QMGvuuX.iF~xLjMGv9.9H~xLjM7e8vuAF9~QYYMBLvfA.9huF~xLjMjvX9~yN17vou~GGvuWF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ffu99Wf9~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvH~x8Ov1gBAsQtX5jbKVeZjE~G7OvHffhHi9H9XuFuA9iiAuf9HAFh9XHFWXfWWHFAXuhhFWhuHuuHf9iuuXfHihFA9iWXuW9hH9AFHh9FuiHF9H9hfiF~OfEMjvh9~AENkvf.F~x8Yv9~myMYQwv9.9u~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.WA~myOfEMGv9.Fi~exLjMGv9.fH~QQvIK~x8Bvou~NJv9~LEQMGvX9.fF~exLjMjvX9~%3DVvfhHi~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvH.uu~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.Hu~8exLjMjvX9~QxEEj5M71yM8Ov~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4s_B_gHja81qj6r%20jGsxmhK~QOvH~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvAAuHiuFuuX~QmGEv~N7LvA.AfhHW9W4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=328&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001665285424603029185683575062&subBdr=186&bdrid=4&rc=0&rand=1665285425482&acid=461c4f6b8b0144e7a6b22c09ace1dd2f&matm=1665285425483&requrl=https%3A%2F%2Fwww.bg3.co&vgd_ltimesrc=1&vgd_ltime=1488&vgd_rtime=1480&vgd_etm=7&vgd_l1hcsd=Otx5k%7C6666&vgd_l1ch=1&vgd_lhl=2879&vgd_pgid=p02100963619t202210090317&vgd_adprefflag=11&vgd_csip=rtb-common-istio-c5ddbccdc-rnvcx.SG&vgd_sbSup=1&vgd_vsidv=10&vgd_nrrs=17795&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
date
Sun, 09 Oct 2022 03:17:05 GMT
server
Apache
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=43839
content-length
15
sodar
pagead2.googlesyndication.com/getconfig/ Frame BDFB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
ac2db44cadd7ac7a67401eeeeeeed7da178264e45bde743fd26709f1eba7bfb2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11177
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 59BB 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221003&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4eee8123bc84d9ae21bc5cf2aa9cdc75e97176bb66fc4653784696504a9fc55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11328
x-xss-protection
0
usync.js
eus.rubiconproject.com/ Frame 16E7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:05 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66486
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
cksync.php
contextual.media.net/ Frame 3D17
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L90RXXGX-15-7FLE
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90RXXGX-15-7FLE
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90RXXGX-15-7FLE
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
104.83.196.24 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-83-196-24.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Sun, 09 Oct 2022 03:17:05 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
45
x-mnet-hl2
E
expires
Sun, 09 Oct 2022 03:17:05 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L90RXXGX-15-7FLE
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
Expires
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame BDFB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:05 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 59BB 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209290101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 09 Oct 2022 03:17:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sun, 09 Oct 2022 03:17:05 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 16E7 		0
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CD52 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
202009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3BAB 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
GSE /
Resource Hash
d7924f8b45dc8b440673ddf6c5722c5dcebb6c12cf7cb8c576c2a64ff47a9766
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-H0pyj_MKFdNYCEEruV0FiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-H0pyj_MKFdNYCEEruV0FiQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:06 GMT
expires
Sun, 09 Oct 2022 03:17:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F77D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
202009
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 06 Oct 2022 19:10:17 GMT
expires
Fri, 06 Oct 2023 19:10:17 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 6862 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.104 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f104.1e100.net
Software
GSE /
Resource Hash
226216747876c49a15733bf3e28500b15382a1591738c08a5b004ff629138a33
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bj6vQw46QzbNHnDJGP3Yow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Bj6vQw46QzbNHnDJGP3Yow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sun, 09 Oct 2022 03:17:06 GMT
expires
Sun, 09 Oct 2022 03:17:06 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
usync.js
eus.rubiconproject.com/ Frame 020B 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.9.185.218 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-9-185-218.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 09 Oct 2022 03:17:06 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=66485
Connection
keep-alive
Content-Length
9422
Expires
Sun, 09 Oct 2022 21:45:11 GMT
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame CD52 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
sffe /
Resource Hash
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 07 Oct 2022 07:24:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
157978
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16010
x-xss-protection
0
last-modified
Tue, 27 Sep 2022 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 07 Oct 2023 07:24:08 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3BAB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=1640343359886400&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/xin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 6862 		0
0
gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
pagead2.googlesyndication.com/bg/ Frame F77D 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame 020B 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cs.chocolateplatform.com
URL
https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESENPfVdmCdRvyC4SGuoCdlSM&google_cver=1&google_push=AZmPxg95jbJO83OH-d4k8g1kkS9SpfcpOJykRDp27lHXQZNWEaKAHq5S0RbrD0MmL2R-UvDLxE6YgKCYcV7JttsI0Ieho33-7q713_RMBS0P_rx1IWE-WxKuqDL92igG-6J70SA0czzaN6M
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=f995ac6e-82bf-4a00-8c62-3b419a54e52d&ssp=medianet&gdpr_consent=&gdpr=0
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&ovsid=68P6Mwi1bqV1AGd2GGxc&refUrl=&type=zem&vid=52854239033082870236835727000V10&vsid=3082870236835727000V10
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?type=mf&ovsid=585340b5-f2f0-471d-b139-64b85004e900&cs=1
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=40b55cc3-7f86-4f38-a1e5-e00800a17220&ssp=adaptmx&gdpr_consent=&gdpr=0
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Domain
eb2.3lift.com
URL
https://eb2.3lift.com/xuid?dongle=dba8&gdpr=0&mid=2460&xuid=uZHTiT3h8nw_m9D_5h3E
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=324&uid=1974054389975318772
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F2%2F3396%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F4%2F3367%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D%26A%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9zc3AuZGlzcXVzLmNvbS9tYXRjaD9iaWRkZXI9NiZyPUNpZDFZUzFpTnpSbFlXSTFPUzB4TVdRMUxUTmhNVGt0T0dFeE1TMWxORE13TWpJNE5qWXhObUlxVTJoMGRIQnpPaTh2WVdSekxuTmxjblpsYm05aWFXUXVZMjl0TDNONWJtTV9jR2xrUFRNME5pWjFhV1E5ZFdFdFlqYzBaV0ZpTlRrdE1URmtOUzB6WVRFNUxUaGhNVEV0WlRRek1ESXlPRFkyTVRaaU1nRUdPQUU9JmJ1eWVydWlkPQ%253D%253D%26uid%3D%24UID
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=F6AFIdfDQgaFKhtvWFwtBA
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=GJW5RGn0QKhqpnUXGxXuIq310aU&google_push=AZmPxg89ji12wdEVSttdnZfqXJeJDPA_OcEfUoSdabHMEgAP_UaYtbSzKLiwu7K2-bV29L4Mvw6C63jZGMCVGnl4QiHDIs0s_Sr5AgYzgaad42vK1GkpjXe0ftyxMaQyASRuqBYn9GQ_FXY
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FC31A77B-8598-437B-9EB1-63D38ED935D6
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
sync.targeting.unrulymedia.com
URL
https://sync.targeting.unrulymedia.com/csync/RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3DRX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=da1accaa-4780-11ed-bb17-3455f57e8f4a
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
pippio.com
URL
https://pippio.com/api/sync?pid=5324&it=1&iv=2ff4095b857d2a8fc8d45a23bedd65d966ec7de007f84a9283845061ae558492791426b5417dce21&_=2
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=7f226342-3d30-4300-83b1-ae8dc245d74e
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?p=158355&pmc=1&pr=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D52402137-d824-4ab7-903c-7b4e839cf088%26bidder%3Dpubmatic%26uid%3DFC31A77B-8598-437B-9EB1-63D38ED935D6
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-vqPh67dE2uUYq5yPi.7iuTGpXhkIK_U-~A&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7993443584297490447
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=51fa4190-1b56-4ba9-929c-02e99a0d4b4a&ssp=pubmatic&gdpr_consent=&gdpr=0
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAJl03o9B6BWwNE8Zr4AAAAAAA&expiration=1665371825&nuid=FC31A77B-8598-437B-9EB1-63D38ED935D6&is_secure=true&gdpr_consent=&gdpr=0
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGuwQ-ecac9jpDx8F9AhiLo&google_cver=1
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=05030002_63423d2ed48a1&knw=1
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/ie/us.php?dynk=1nd3xx6ch1&prevuid=05030002_63423d2ed48a1&knw=1
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEGuwQ-ecac9jpDx8F9AhiLo&google_cver=1
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=7993443584297490447
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=bsw&i=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=eb5f3087-016f-487b-8c20-8bb8e7f853c5
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-pD7go19E2peaHRfdy0siSNHSWOQF71diphKk~A
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2WDLJNNHUSLBGBVU25KYKRYHOTSHORZDIJTVONPXA4TJOZQWG6J5GEWS2LI
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=idi&i=13184d7e-feec-48f7-a412-f3f56ffebc43
Domain
event.clientgear.com
URL
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=adconductor&bsw_custom_parameter=ce6b58da-6e1e-422a-a2dd-0122c7dbf66c
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=pln&i=9cTuFwx1Mp7m&ev=1&pid=558355
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sad&i=2363090164818724230
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=7f226342-3d30-4300-83b1-ae8dc245d74e&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=atm&i=Y0I9LgAAAbmjqABe&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=Y0I9McCo5soAAIRKW7gAAAAA
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=Y0I9MJXdAGVVfXkjAF5y2AAA%265335
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L90RXXGX-15-7FLE
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221003&jk=860470873132966&rc=
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/bg/gnLtmcL-mn53pq-EJRMXOCFACjpZd0iqiIv80oTeKas.js
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L90RXXGX-15-7FLE

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| ucf object| request string| paramsString function| setImmediate function| clearImmediate object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS number| ampAdSlotIdCounter undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN object| adRecover undefined| jqAlias number| ampAdGoogleIfiCounter object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| _qevents object| ggeac object| google_tag_data object| google_js_reporting_queue object| listeningFors number| 3pla object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing boolean| noPreviewPage object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

60 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQ7If81bswCgoIgQIQ7If81bswCgoI4gEQ7If81bswCgoI5gEQ7If81bswCgoIhwIQ7If81bswCgkICRDsh_zVuzAKCQg6EOyH_NW7MAoJCAsQ7If81bswCgoIjAIQ7If81bswCgkIXxDsh_zVuzA=
.aralego.com/ Name: sspid
Value: 6804c3bd-4245-33c2-b503-9ba2a85305e3
www.bg3.co/ Name: __AP_SESSION__
Value: 2da4dad8-d70f-40d3-8c27-cdfaa13a1d55
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: d598a491-4780-11ed-8a13-000d3ac6bc0e
.adpushup.com/ Name: ap_usid
Value: d598a492-4780-11ed-8a13-000d3ac6bc0e
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: cfceabae-80fd-4fda-b18d-53bd4b8f617e
.openx.net/ Name: i
Value: cfceabae-80fd-4fda-b18d-53bd4b8f617e|1665285419
.doubleclick.net/ Name: IDE
Value: AHWqTUkagd7CyFaEo0_6GDKKAweUANerARuZc6qBTboAp7s5cQftNXm4ZuAP0C7FyYc
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEwq_qImgY4AUABSAEQq_qImgYYAA..
.adnxs.com/ Name: uuid2
Value: 7993443584297490447
.omnitagjs.com/ Name: ayl_visitor
Value: 6e5495df4bd23ce2391666488ce21ad0
.rubiconproject.com/ Name: khaos
Value: L90RXXGX-15-7FLE
.prebid.a-mo.net/ Name: __amc
Value: 1_1665285419_1665285419
.a-mo.net/ Name: amuid2
Value: 52402137-d824-4ab7-903c-7b4e839cf088
.prebid.a-mo.net/ Name: sd_amuid2
Value: 52402137-d824-4ab7-903c-7b4e839cf088
www.bg3.co/ Name: qcSxc
Value: 1665285420307
.teads.tv/ Name: tt_viewer
Value: 25e7e365-2ce5-45c8-89bc-88b2e030d770
.quantserve.com/ Name: mc
Value: 63423d2c-632a6-79ec5-706a9
.bg3.co/ Name: __qca
Value: P0-502107777-1665285420303
.bg3.co/ Name: __gads
Value: ID=a011706835e5d257-2207c357e2d6001d:T=1665285421:RT=1665285421:S=ALNI_MZlnexxZyDz2jyKeF8ZP7zytfuhFQ
.bg3.co/ Name: __gpi
Value: UID=00000a2458c5ea2d:T=1665285421:RT=1665285421:S=ALNI_MYbn48T4LVmFQRxt65myhByKq27zQ
.adsrvr.org/ Name: TDID
Value: e1bb0f61-3c9a-4f95-a068-e89de9aa94ba
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~Y0I9LgAAAbmjqABe
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.yieldmo.com/ Name: yieldmo_id
Value: g31861abc65c8def451f%7C1665285422418%7C0%7C
.sharethrough.com/ Name: stx_user_id
Value: ec912f25-00cb-45c2-a952-d21b67dfefcc
.c.appier.net/ Name: _auid
Value: 46mVHwbHBUebihk3Lj1CYw
.c.appier.net/ Name: _gu
Value: CAESEEN9IcOrYihGfrv4moET0oU
.bg3.co/ Name: _ga
Value: GA1.1.266397392.1665285420
.adingo.jp/ Name: ID
Value: ec9c82ba11a9ed9b1776e5d0a20b77cd
.tribalfusion.com/ Name: ANON_ID
Value: a4nseFSZdIiiSTnMSYlNcP7aQF9X70QFDTNRSnvqt0uRgJK5WJuFEG8SEqaIrBPZdfVtuVyZcRefQ4wMns2NbKb
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FC31A77B-8598-437B-9EB1-63D38ED935D6
.dotomi.com/ Name: DotomiTest
Value: 53c25f9e73d11aff
.dyntrk.com/ Name: dyn_u
Value: 05030002_63423d2ed48a1
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%22e1bb0f61-3c9a-4f95-a068-e89de9aa94ba%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-09-09T03%3A17%3A03%22%7D
.openx.net/ Name: pd
Value: v2|1665285423|jElYiuvOiahI
.quantserve.com/ Name: d
Value: EBoBCQGlJ4EA
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1665285422.1.0.1665285423.0.0.0
.media.net/ Name: visitor-id
Value: 3082870236835786000V10
.media.net/ Name: data-ttd
Value: e1bb0f61-3c9a-4f95-a068-e89de9aa94ba~~1
.openx.net/ Name: univ_id
Value: 537072971|e1bb0f61-3c9a-4f95-a068-e89de9aa94ba|1665285423907719
.3lift.com/ Name: tluid
Value: 713944172416277395767
.mathtag.com/ Name: mt_mop
Value: 4:1665285423
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIrMW4yNjrlDsQBRIWCgdzdng5dDUwEgsI9L2929jrlDsQBRgBIAEoAjILCPS1wIjv65Q7EAU4AVoHc3Z4OXQ1MGAC
.mathtag.com/ Name: uuid
Value: 7f226342-3d30-4300-83b1-ae8dc245d74e
.ladsp.com/ Name: cr
Value: 1
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLXYitqZOhqQLUyebV3a1stZSIoJiPS4OPX6OD+AMqmFCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
fksnk.com/ Name: AWSALBCORS
Value: yyLY40dP4ukWQwH0Vx1juO1HYKeflsn0kJXp2Q9N3RpqktUldjViNIRHyaEASergCDELVgsug7pjb4O5jmwMu4TC0DGaoW2h0TDfpBdm6izhebrY0qCW3/vs88C/
.fksnk.com/ Name: f_001
Value: 9BBAED02DE33BE1D
.fksnk.com/ Name: g_001
Value: 1
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjY1Mjg1NDI0fQ
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjUyNDAyMTM3LWQ4MjQtNGFiNy05MDNjLTdiNGU4MzljZjA4OCIsImV4cGlyZXMiOiIyMDIyLTEwLTIzVDAzOjE3OjA0LjM1NDQxMzU2MVoifSwicnViaWNvbiI6eyJ1aWQiOiJMOTBSWFhHWC0xNS03RkxFIiwiZXhwaXJlcyI6IjIwMjItMTAtMjNUMDM6MTc6MDQuMzUxOTU0NzI4WiJ9fSwiYmRheSI6IjIwMjItMTAtMDlUMDM6MTc6MDQuMzUxOTUzNDc0WiJ9
.media.net/ Name: data-g
Value: CAESEIxgb-G3SGE-QMg2bpbWeD0~~8
.bg3.co/ Name: cto_bundle
Value: o2XlmF9NcE1jckFOaEp3U3NlRnpMdlNWNHVMMVZSMTNGZGFyN0diZU5qcEQ4OHBLRk1JNU9IOVRUT3k3Y08wTkNkVUh2bzhnMSUyRmtON1JOcXIxOUZ5U0dJeHBMUG9mMGpUeUJVTVo5QXVEZ0VXd0kwJTNE
.bg3.co/ Name: cto_bidid
Value: -o-A-19HT0NVbDNTSDlrRDE5c3FPbGMycyUyRkZmdnpLZ2o2NHN6aXNLZGd1b3g4U1B0VTEzNEl1Mmd0bXVHV1NpYzVvVEFqUG5QaEVNMEJaNjZpbU1Vdm9BeW5BJTNEJTNE
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-10451893-74d9-4ab9-bfd7-bdfaa4ae8c9e-004%22%2C%22zdxidn%22%3A%222057.4%22%2C%22nxtrdr%22%3A%22https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3082870236835727000V10%26type%3Dr1%26refUrl%3D%26vid%3D52854239033082870236835727000V10%26ovsid%3D%5BRX_UUID%5D%22%7D
.a-mx.com/ Name: amuid2
Value: 52402137-d824-4ab7-903c-7b4e839cf088

3 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1665285421&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fxin-bei-2nu-1nan-wu-nei-ku-du-ta-shui-xing-liang-hu-meng-dao-bei-yi-qun-gui-zhua-nan-tong-xue-miao-xia-dao.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1665285418174&bpp=12&bdt=1561&idt=2927&shv=r20221003&mjsv=m202209290101&ptt=5&saldr=sa&correlator=8318708543230&frm=23&ife=1&pv=2&ga_vid=61565126.1665285421&ga_sid=1665285421&ga_hid=1705324850&ga_fc=0&ga_cid=amp-D2Y5Pvi9zsbce5jX27maXg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1670863117&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531705&oid=2&pvsid=2015435252709430&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1u6smi5h6h6g&fsb=1&dtd=2944
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
other warning URL: https://cdn.ampproject.org/rtv/012209142312000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESENPfVdmCdRvyC4SGuoCdlSM&google_cver=1&google_push=AZmPxg95jbJO83OH-d4k8g1kkS9SpfcpOJykRDp27lHXQZNWEaKAHq5S0RbrD0MmL2R-UvDLxE6YgKCYcV7JttsI0Ieho33-7q713_RMBS0P_rx1IWE-WxKuqDL92igG-6J70SA0czzaN6M
Message:
Failed to load resource: net::ERR_CONNECTION_RESET

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

59a7492d70e4b02ca135e636e584d6f3.safeframe.googlesyndication.com
949f98d8ba08ad06b227eb9d1987f6f2.safeframe.googlesyndication.com
9e2be24c5a623f012c6059f4f6c9058d.safeframe.googlesyndication.com
a.c.appier.net
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.pubmatic.com
ads.servenobid.com
ads.yieldmo.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
assets.a-mo.net
b1sync.zemanta.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
cat.sg1.as.criteo.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
contextual.media.net
core.iprom.net
cr-p3.ladsp.com
creativecdn.com
cs.chocolateplatform.com
cs.emxdgt.com
cs.media.net
csm.as.criteo.net
csync.loopme.me
d-2104935580351686742.ampproject.net
d.adroll.com
dclk-match.dotomi.com
delivery.adrecover.com
dis.criteo.com
dmp.brand-display.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
event.clientgear.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
googleads.g.doubleclick.net
grid.bidswitch.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
match.taboola.com
odr.mookie1.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbs.nextmillmedia.com
pippio.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
aax-eu.amazon-adsystem.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
cm.g.doubleclick.net
contextual.media.net
core.iprom.net
creativecdn.com
cs.chocolateplatform.com
dps.jp.cinarra.com
dsum-sec.casalemedia.com
eb2.3lift.com
event.clientgear.com
gu.dyntrk.com
image4.pubmatic.com
image8.pubmatic.com
match.prod.bidr.io
odr.mookie1.com
pagead2.googlesyndication.com
pippio.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
s.amazon-adsystem.com
simage2.pubmatic.com
sync.go.sonobi.com
sync.ipredictive.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
usersync.gumgum.com
103.229.10.247
103.229.205.242
103.231.98.203
104.16.85.20
104.18.12.76
104.18.18.126
104.18.19.126
104.18.35.11
104.18.98.194
104.19.158.19
104.19.172.108
104.211.156.162
104.254.151.120
104.254.151.68
104.26.5.103
104.65.229.2
104.83.196.24
104.83.197.63
13.107.21.200
13.107.42.14
13.228.151.119
13.229.33.3
13.32.99.85
13.33.33.118
13.33.33.38
13.33.33.58
13.76.45.37
135.125.160.160
139.5.84.243
142.251.10.156
142.251.12.154
145.40.88.5
151.101.1.44
151.101.129.108
151.101.130.49
169.197.150.8
172.104.45.159
172.217.194.138
172.217.194.155
172.217.194.94
172.217.194.95
172.253.118.132
172.67.154.71
172.67.72.16
18.141.27.50
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.87.193.156
185.84.60.21
193.122.128.135
198.8.71.131
202.131.200.84
202.241.208.56
209.191.163.208
209.191.163.210
209.54.182.161
209.58.171.197
209.58.188.181
23.106.127.164
23.106.127.52
23.211.140.152
23.36.252.26
23.36.48.24
23.72.44.196
23.9.185.218
3.228.33.18
3.232.113.231
3.33.220.150
3.92.9.222
34.107.148.139
34.111.151.213
34.98.64.218
35.186.193.173
35.213.117.18
35.213.12.39
35.227.252.103
35.230.38.116
37.157.6.241
50.116.239.135
50.31.142.191
51.79.234.101
52.194.46.160
52.202.9.144
52.212.146.220
52.223.2.229
52.4.99.227
52.74.162.2
52.76.113.116
52.77.85.240
54.150.80.212
54.192.150.126
54.203.144.13
54.249.66.168
54.255.52.29
54.64.4.232
67.199.150.81
67.199.150.82
67.199.150.86
69.16.175.10
69.173.158.64
69.173.158.65
72.247.81.178
74.118.186.44
74.125.130.155
74.125.200.149
74.125.200.94
74.125.24.104
74.125.24.132
74.125.24.97
84.17.37.44
89.207.22.108
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
01a989def5188d77aee84e4ce053666e0c5d2207bb7570c9d4991632afac09c9
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
06a55574709ebf1fbbb4e954c8e470d019f7e0609e8b8bd18dafedc3fe580c72
08999226b216ff184deda0fbf11921c27a51631ae818f177b16ac1b32dc33caf
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a2369a751f3053ccb3ded318d323026bdff42c1e269153dc54a585ddd8d7c36
0aba74a89b95fb34186f6daed031c199222ff2abf4ae9a69a71a07abf44abf16
0af6ddd6674b610ba75a30d85fa0379cafa752e720bbb37e50b9ad6ecec6d54f
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
12d64f39e11247479711a190b417b5e37f3c4cb5b28322de69d35df29fcf23b7
12ff814911d5d3474cc49f10417f5f5074f8ed1e56857143aa4e2e99d3bba355
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1888933cf1a7c6753cbe0dc4098845dc626a2491529c74959a7d7851fa7763de
1904751ccfd62fb4368f0c10c93aa705878d726a2ecfe982877e838437735b0e
1b3705befda2cd9e9710de22d22a1155236210cc1992f5d1520be6b10bb54e72
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1c56374b3c8665e3aa15997aeb02054c74797a314baaa21a89df192944922ff7
1dc97d97c7a243affdada069a72ee9faf9b26f6ebd538dd13c2238dbefcdfcc3
1dd6a373aa68269ffb8531776e255d13c56b07ad6669bf1d70622b50914ef512
1ece948d98c5e739c54ec068ea618b60e9649127a30091b85ad155b63ce934e8
1ed09b9b62065fa41718a7fa635f283a5e1228b455d21e5d25c100520c8d2517
1f6d593c37064c79ef8fc96e5c1375bb6a084700442ab1e23238141cbb16cf30
2141416af3ce8aaba13baae795b83a89ebdc5d534d2bb863f55427193e3e9916
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
226216747876c49a15733bf3e28500b15382a1591738c08a5b004ff629138a33
25ae07afb30f4156fa035a5ffc7f14945c8863ef79772f062d3d04fd97c25391
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
26cffa9fa65dbc189eab4ebb9173aeba290c636dd3cca1a5cb934bf42ed48d4e
276c5e6a9b3e12d3c926e0d728cfb84481142fc44e1b1d3376365fbf33bd876c
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
293fc15c33edf25fff2ef66e3b4d300e21de6a3ed7e6ed2441827fb34a3cf4d4
2a42afe3f95e065e32f837ef95125257c1e16f6464cb981b1b5e6faae2a5fae5
2a4914190edb349d258281eb2e73d7db14284118ff88314ca135ba9f27de755f
2ad2431dab8c22b1aa6f8d64ebf409dbcdd1654f03805cca27edcafffc72cb1a
2ba9dac5c0b1d258e3fc8a71c09701e5a52d6a98896e24b72387100285ba6afd
2e8a854dbb9d8baf325f950347fa3b876ed124fd58546abdd1ce0c9e69b63d46
320b20ff2b90461d5add97a59372c168016ba232fde4133f8c1f8f96689f9c8b
321e38abc6ea18ec95f34c5421e8ee87ee85f03085a8fcb27ff1fa6d0100f53e
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3341101ed9a50b4ffdd45bc99453157c9b1183731def531802b0668c8389fbf5
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
342d9207010dbb5769fc2988004bf46d4f579e8284fa3931374049e0dd55075f
3583f44aa72c5db69054afbfb7a97a360b0ef1ce9a0bb76b55a7dfc00f7e2ac3
35c643365bd4d0e7f39532ac9bf6b606173f4d1a7cb68ae635713c6e172542f8
360af8367592521fcd7ec8624cdef05e84e34d1c542c4a374828dfbe450da284
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3aacafb7e90e1a18b26f4d9047e8b6af4e9cab7039ab928edc2786c6b011c63a
3ae4db85b83b6d319ae385091a8f0de8c984137fcb879bf5d7a85c9482cd0108
3b1ece590e29aa49b81cbba9149bdbba883b73ab61a0a282e0507cd92270bbeb
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3ce18986d97fa7ec40028723de7a1a27c5341c7ab4f37cfd15592a70dabcce74
3d39786142fb88b24afdd3ffda992c119717687309e7144b96a56ef039c59dbf
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e32821d9fb7d097ae2947687180f9d72e8d6587ca146961aff1e5c91cfe7957
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
43f6ac3b71a1f97823f7de6f557a8d5f2ec1f90f7159467d9bc47facc52a6eb1
442461baac0ca36ad7f1217e8bf06131280b2463cab2bf57614c1edcd1747600
44a384915d8b1a0235b3c15b0743125d2735fc3f2ead1d9cec383ec2ec615c7b
4889ba3d0312a3032a91057d196f9568a44305daf677d52cab4d518f0dd0ff6c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ac1a8d538b97f4ff94f27c20647bd5b52af10dbda66108504c59c00ebbcddaa
4b065a0bc366edebff6fcfc99ec260517bf15322c3dc5dcf066e04cf5e628c75
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f12ef207ad84aa680fa6e5cdbaec557dcf6e99b875c40cf845ae048e92f8d14
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
5056cf2d1e7fb55d3d2f7cafbdb9f72483fcab3ccd435ae680c9bcd44b5ac719
52338b59a98b541b934f627b3c1113d2389f60a246f2917289650fe60d912d97
524958e8da57d853aaa8c32c25ee43c663b39fe156b1dba41de7d6d18610c4c6
5377c2105c7ec9ea7c60ecab0f97e0b0beddc219f554f21661a390135cf25dc1
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55313bc8662242f54a18176109122338d4af14e256a4300feccc43ad4fbb4a48
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56e5447052b8b0b4d07a88d32abd669fb7aac3704c91f886da382ad8aca89f8f
59a82c2b3592566809f7e44c8cda8afdbd3c81b33a3ed04d96b876472bb5c4c8
5b0974d218ed5dc2a7bba6d9dc467cdfd5a33657ccfb63d2e9cd0fddb181a9aa
5b2439c9cec97f49132286628130061a92d155ff098166f15ce59f69bd2eb8e1
5b43780c96623b3a913b0cbfe1284b1c393563fca74ce8676a412b77906d2d2b
5b50faad5a36611054360f4d7cfcb8dfb0c5900b7fc6d3d1f1da819be3dc106b
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63670807627285c1fce0dbd36e010eae2cd10accc7eeecf613ffe2a604b0c88f
64be99cbc239387b3a425f0204d401134bf82c23057da176759f8e3cc790d70f
65bdccd7c53f1852009096a1e4e043c025030e4ba539d26f11e635fb4b037b20
65f4e452b96ef3e5e3a4631d99c63dd7239dcbcb88de679ac74ac30d3d4988cd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672f7646526d14fa32ba60e2a0ff41a10a593e667d2c0a9f629f3c7b1de7e89e
689d691bc0a94e08a5731d2e34dd06ea9b907d40c1ccca65e8f9a4feb4fa9742
68f051bb130bde98729274a4825c1b3235e1f849e7a81c65e9ebd303f1d8755f
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c43c80ebfa5a5a3eeeb8e7194348bd4de1e02657bd23465e8f7bf71a925841a
6e64a4894f14fab865296b82dd97d4d3ea3bcec78b5378d9b9ef57f5515948d8
6fb299c8b5e3e459a8ee282199f99a15c3aa8811d0e0d898f5c1176182f72159
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72f44628f64789293516dbf6e742c887dd8cb14b8b9ba8f7b1c9f8a62cdc3f2d
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7395c7dee2903d771c03b0f6314437d598be6f0b47cdff942408405a380b1fbc
76e1b353ad8b888eb77cf1b62b4fb4ee02ff5126f7ffc39c8c01582f93dc6e57
7923a3da2630ae9e964c387bb82a9fb9f0d64aad95dbd62a6ef71ccbad7572a5
795b0ca490fa1c8aee1cf2a877c9d9a69b65ccd99c737692fd54961a8ec9bdbf
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a7fec778190c25ad960d64b179677b5ad389e4c6cfe2c4d71a4d24b94b100f7
7ea0f869760c8358a338fd293cbdbe2ea91a1590151e6a44925a839ca666435f
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f0d0bceea71a5f83c45cf3c926b7e9e5b51f9a8c3ac83b3d158c33eaf3a9a51
8272ed99c2fe9a7e77a6af842513173821400a3a597748aa888bfcd284de29ab
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
85cce7c9935819acc47cbf137bfe189bd70cd36c45c88439c7e127c9f51f8369
871237103117473310dbf2fc5ea68d6fe614558834387b031d2c3947184b90da
8767d7729f9a11e14d0c687ee2c05b6e884850a72e7d911f866f5c0166e7c272
87c45fbd9445b4c8eb070c1fda1f5507515857c593fe5fb5041438b063171231
891727451899af0ae2d33e9b9b2237964460587a8775e293fb31fff0bb482d38
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b281caef0d2a95f8abd283c8f98f17e8fb9c2f176592948a3d86f8550bca3d8
8ccca58c9fa219fa65853a7398d935b56ce1fcdaab4787294b3f444ddf7d1036
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9041489036856c196c3738d770b8e6153ebe43cdb4bb55045dd3a118687f93e5
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
91e1430e0ff9fc6a4c15b37683c31c18a412e2cfa45529fe5b554544f5dd0fc1
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
976da37d3d92656542a86468219c6150ba42361e4f0c8d88f47e9e5056fad654
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
99a897b1b6bf0d20afe286cd5e66a7281c3c8eeb69c9aa0dfd42175fc8290aee
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9decfd58809c447abece287c428ca034e8447841ff18fb9b7d169e24c3bfab93
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3c8041261c1f2ea5e4e164a80d38ad3fee6291ec414401d9b7329cb4efd6b67
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4eee8123bc84d9ae21bc5cf2aa9cdc75e97176bb66fc4653784696504a9fc55
a55dade3f2494991935329aee7e596fbff17f8cf191aeee5d7e1802c7778c3de
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a956a6fe1ee57805393bf1781b32486b4ed9ca402a04320280e59a18bc348a87
a96ad4768f32ec875b5e6d4ff9e5107eb19401974d337d1ff79e8da9f435f446
a9e2698251b755771c65da49af80f25f6b19b252d8f5a3f040844aa020c0bfe3
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
aab26feebff5cdaf1d0a5979b3b780eae728f820e3b9b6a2c17589d0b7cc0361
ac2db44cadd7ac7a67401eeeeeeed7da178264e45bde743fd26709f1eba7bfb2
adc95bbf12184c1a406a301d34ffb8a8fbfa10ab0639ce675eb2476a317e7c37
ade2d7c4ceabcaa54f749ed4fda8aeddad57937631cd9ff40f385442f712d4ab
af0e2b11115d7e046116496a52897b899e8af4b8c1bc735862c922d340a1be18
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b11210a864bc50c101c023a4aec046b4c96ff6a0ca9a7bcf9f35939a1596165e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2846f489aec534c06de31b1be7cc5f7f9b231cc6b468859383229bf0b41cb28
b39c934479cfe0991a6eea4f9a0597eebea9da311d8ca1aebffd48fef946b5b7
b719a446401c59e2784e7979101371a8a12f04139b37c8632682ea60a5720b21
b7f8a33337b7fce3e7b3dd76d839d1e9bf3b83dc7c5c6fabdc44e2795459c2e0
b966aa36c9e5220a83cc8c3021eed093449d6bb531c03df512fbf8adc78cfa68
ba29faf5efe544ed157bbf56aafd0555a22103b36514708d7fcd196fc361c2f5
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe5da9edb91899fbf48ef777315d6530bd32c3c94bb2f5913ac8d46d9f4e611
c0216a4ae9eb4d295edfee2917969c200cefbb28bedbbf8ead8f4a4609b82403
c15770ea5fda104eed49d9d2d687795993b6e281e5832989195254563e98e4b9
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c3b992337e07d6ab5d946facf20cb799b6226a3d4564234e6a8f0ac91f9ad3c5
c42169de77426726816a7ccd38d4c30573c9ebb0156d2cbe2626d312299e9d08
c4b064035d7575f4bec0fd5729fa76ed3aa06324415dffb767812d0b815e0b34
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cd0e59b47a7d39641f7853b5ee1120fa1706def86951dc91043cc515b0bdddad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d022a5f41aa8ebd280e804630a05b33618f383d644d30595e998d5c7589ec7cf
d3964ce5a919cc67612c065e9159b6f8a22a5baf32c86b9ba0d7e04022e83dfd
d422bebc37bee6e1624526ce4eedd48e2f2ad9ce5c2461fa0fa077763f8ce309
d582338a3f0f86297d8546be5c0e9096ac4375ce2e29899e45d1294ee72ce41d
d5e6919b2460cd051d50b47942408d3b3dbf0470fdaec473a7ca6b928d7ae4e3
d7924f8b45dc8b440673ddf6c5722c5dcebb6c12cf7cb8c576c2a64ff47a9766
d9366751ced845c6d1c245ef69594aeb3eefb211dfe2dbfd534e9b30177f2b45
dd3eca41f0ce6cfbabf8b4af1bc722ec221854d7be0f21a7bd5171801219d518
ddcba88db922f967fd78e15a055bfeb5088c7c58500ca2b7f08b74eb3736189b
ddef8e65ab98b54067ef11cde27612a524d5cc5d4fabe8f00f41e0bddba1a21a
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0237d72692e1e22f6c0781fbcd43b5f1855890b2c93b65bbce1ad93ed3f60e7
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e39b9ec811737676bbd154a520e929dacd2b5c3f8641ab4b5cb6791138a49f4b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e45926cd4427970d0ecdcd27d2f4343e89f584a1c02fe00eb5107135ad9b77a9
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ed1b0051c068474feec1c23d2e7e48f4686a08f5bacbd8990f5cb28dff3999ac
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efe3832af98158f566c886440d83ae75a09d76104eaa94df1e96b748a3939896
f02c5cafa2b3ba7c9bee0a4c7b13af8176a268d5ef6b40fa8a880a29b2b8025f
f36f771a4abc46436e7eab89fcc42bb7b1c7df9588e63ca9ed7ce6be92e4bd6c
f3839041050316885af9517d3d3e96f4084fdcc7c02d3ca0b865dc693d1d0fce
f57be13e990c872ffb2d0b1c074b5c126d99eab1bd589291428f163b5e501c09
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
fa08ef5186083fbed4b42b58c11d63aa72d3ca6b48a59470f9642fb48e0b2eb7
fa30e534317e39613f28eb9bff30042cd3ac6dd36ebba7802c4f9efad4a959c8
fa9f530501d9cad5886eb72309362fef8c0622a421c3b029a34ce715a1671577
fd811bea0deea20810d220f94dcb21e9403ea6f7661ebc753ca290bcd48f9490
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff325c328985ef8a083bc155e6fa6b5cf2182d7d3174d43c9e8e077f4a1576b9