urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Submission: On September 27 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 86 IPs in 9 countries across 110 domains to perform 501 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 583884.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 142.251.12.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.4.103 13335 (CLOUDFLAR...)
2 42.99.140.216 4637 (ASN-TELST...)
5 42.99.140.200 4637 (ASN-TELST...)
12 172.67.72.16 13335 (CLOUDFLAR...)
59 74.125.130.157 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
3 209.58.188.181 133752 (LEASEWEB-...)
11 142.251.10.156 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
2 74.125.24.97 15169 (GOOGLE)
11 142.251.12.155 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
2 142.251.12.138 15169 (GOOGLE)
1 11 142.251.12.154 15169 (GOOGLE)
1 3 103.229.10.171 16509 (AMAZON-02)
1 104.16.85.20 13335 (CLOUDFLAR...)
1 52.77.174.116 16509 (AMAZON-02)
4 52.210.128.24 16509 (AMAZON-02)
1 6 145.40.89.200 54825 (PACKET)
3 8 104.254.148.252 29990 (ASN-APPNEX)
1 8 35.244.159.8 15169 (GOOGLE)
1 104.71.49.155 16625 (AKAMAI-AS)
4 52.192.218.173 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
1 3 104.18.19.126 13335 (CLOUDFLAR...)
1 35.213.117.18 15169 (GOOGLE)
1 182.161.73.145 55569 (CRITEO-AS...)
3 51.79.234.100 16276 (OVH)
1 52.35.127.185 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
2 74.125.24.155 15169 (GOOGLE)
2 172.217.194.156 15169 (GOOGLE)
1 13.227.254.67 16509 (AMAZON-02)
1 13.227.254.36 16509 (AMAZON-02)
1 8 184.51.240.25 16625 (AKAMAI-AS)
1 42.99.128.160 4637 (ASN-TELST...)
8 104.71.48.26 16625 (AKAMAI-AS)
32 142.251.10.132 15169 (GOOGLE)
2 74.125.130.156 15169 (GOOGLE)
2 104.211.156.162 8075 (MICROSOFT...)
1 13.227.254.119 16509 (AMAZON-02)
14 48 74.125.24.157 15169 (GOOGLE)
6 7 3.33.220.150 16509 (AMAZON-02)
9 142.250.4.106 15169 (GOOGLE)
4 13 104.18.18.126 13335 (CLOUDFLAR...)
26 142.251.12.149 15169 (GOOGLE)
11 182.161.73.129 55569 (CRITEO-AS...)
4 4 13.213.209.254 16509 (AMAZON-02)
1 1 38.67.14.224 174 (COGENT-174)
1 1 52.203.140.205 14618 (AMAZON-AES)
2 2 104.45.178.220 8075 (MICROSOFT...)
1 2 44.205.31.153 14618 (AMAZON-AES)
1 182.161.74.19 55569 (CRITEO-AS...)
1 182.161.73.148 55569 (CRITEO-AS...)
1 5 34.98.64.218 15169 (GOOGLE)
1 2 23.74.242.157 16625 (AKAMAI-AS)
3 4 103.71.26.126 132134 (SPOTX-AS-...)
1 1 35.230.38.116 396982 (GOOGLE-CL...)
1 1 13.115.72.183 16509 (AMAZON-02)
3 3 13.227.254.100 16509 (AMAZON-02)
1 1 31.220.27.134 39572 (ADVANCEDH...)
2 3 103.231.98.196 62713 (AS-PUBMATIC)
1 1 34.193.201.64 14618 (AMAZON-AES)
2 2 20.127.253.7 8075 (MICROSOFT...)
2 2 162.19.138.83 16276 (OVH)
1 182.161.73.132 55569 (CRITEO-AS...)
3 4 50.116.239.135 6336 (TURN-US-ASN)
2 2 124.146.215.44 2514 (INFOSPHER...)
1 202.241.208.4 4694 (IDCF IDC ...)
4 4 174.137.133.49 27257 (WEBAIR-IN...)
1 1 13.227.254.99 16509 (AMAZON-02)
1 1 52.45.175.185 14618 (AMAZON-AES)
2 2 35.213.12.39 15169 (GOOGLE)
1 1 18.177.11.95 16509 (AMAZON-02)
6 6 74.118.186.44 26120 (RHYTHMONE)
1 35.213.109.249 15169 (GOOGLE)
1 1 52.221.119.8 16509 (AMAZON-02)
2 2 202.131.200.84 17941 (BIT-ISLE ...)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 103.229.206.241 30419 (MEDIAMATH...)
1 182.161.73.135 55569 (CRITEO-AS...)
2 182.161.73.142 55569 (CRITEO-AS...)
3 182.161.73.136 55569 (CRITEO-AS...)
1 23.78.217.74 16625 (AKAMAI-AS)
1 52.84.45.81 16509 (AMAZON-02)
1 151.101.65.108 54113 (FASTLY)
3 8 35.71.178.8 16509 (AMAZON-02)
6 23.75.85.227 16625 (AKAMAI-AS)
1 104.19.159.19 13335 (CLOUDFLAR...)
2 2 23.41.65.80 ()
2 23.78.217.19 ()
2 182.161.73.146 55569 (CRITEO-AS...)
1 54.156.87.203 ()
1 172.67.154.71 13335 (CLOUDFLAR...)
7 7 52.74.162.2 ()
2 37.157.6.247 ()
1 54.147.206.141 ()
2 2 13.107.42.14 8068 (MICROSOFT...)
1 2 104.18.101.194 ()
1 5 13.229.2.67 ()
1 204.79.197.200 8068 (MICROSOFT...)
1 52.193.233.134 ()
1 23.106.127.53 ()
3 151.101.2.49 ()
1 104.18.12.76 ()
501 86
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    142.251.12.132 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f132.1e100.net
cdn.ampproject.org
e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com
dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.4.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    42.99.140.216 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-216.pacnet.net
delivery.adrecover.com
5    42.99.140.200 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-140-200.pacnet.net
cdn.adpushup.com
12    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
59    74.125.130.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f157.1e100.net
pagead2.googlesyndication.com
www.googletagservices.com
googleads4.g.doubleclick.net
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
11    142.251.10.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f156.1e100.net
securepubads.g.doubleclick.net
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    74.125.24.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f97.1e100.net
www.googletagmanager.com
11    142.251.12.155 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f155.1e100.net
adservice.google.com
adservice.google.com.au
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
d-3871203774624694055.ampproject.net
2    142.251.12.138 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f138.1e100.net
www.google-analytics.com
11    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
googleads.g.doubleclick.net
3    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    104.16.85.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    52.77.174.116 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-174-116.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
4    52.210.128.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
ads.servenobid.com
6    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
8    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
8    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
1    104.71.49.155 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-49-155.deploy.static.akamaitechnologies.com
a.teads.tv
4    52.192.218.173 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
ssum.casalemedia.com
1    35.213.117.18 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 18.117.213.35.bc.googleusercontent.com
grid.bidswitch.net
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
3    51.79.234.100 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip100.ip-51-79-234.net
onetag-sys.com
1    52.35.127.185 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-35-127-185.us-west-2.compute.amazonaws.com
hb-api.omnitagjs.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
2    74.125.24.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f155.1e100.net
partner.googleadservices.com
2    172.217.194.156 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f156.1e100.net
adservice.google.com.au
1    13.227.254.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-67.sin52.r.cloudfront.net
adx.holmesmind.com
1    13.227.254.36 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-36.sin52.r.cloudfront.net
rules.quantcount.com
8    184.51.240.25 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-240-25.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    42.99.128.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-160.pacnet.net
qsearch-a.akamaihd.net
8    104.71.48.26 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-71-48-26.deploy.static.akamaitechnologies.com
contextual.media.net
32    142.251.10.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f132.1e100.net
tpc.googlesyndication.com
2    74.125.130.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
www.googletagservices.com
googleads4.g.doubleclick.net
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
1    13.227.254.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-119.sin52.r.cloudfront.net
pxl.qccerttest.com
48    74.125.24.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f157.1e100.net
cm.g.doubleclick.net
7    3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    142.250.4.106 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f106.1e100.net
www.google.com
13    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
26    142.251.12.149 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f149.1e100.net
s0.2mdn.net
11    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
4    13.213.209.254 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-213-209-254.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
1    38.67.14.224 (Fernandina Beach, United States)

ASN174 (COGENT-174, US)
aep.mxptint.net
1    52.203.140.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-140-205.compute-1.amazonaws.com
fksnk.com
2    104.45.178.220 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
mweb.ck.inmobi.com
2    44.205.31.153 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-31-153.compute-1.amazonaws.com
google.partners.tremorhub.com
partners.tremorhub.com
1    182.161.74.19 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
rtb.jp2.as.criteo.com
1    182.161.73.148 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
ads.as.criteo.com
5    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    23.74.242.157 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-74-242-157.deploy.static.akamaitechnologies.com
sync.teads.tv
4    103.71.26.126 (Singapore, Singapore)

ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US)
sync.search.spotxchange.com
1    35.230.38.116 (The Dalles, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 116.38.230.35.bc.googleusercontent.com
um.simpli.fi
1    13.115.72.183 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-115-72-183.ap-northeast-1.compute.amazonaws.com
v9999.adv.admeme.net
3    13.227.254.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-100.sin52.r.cloudfront.net
cr-p1.ladsp.com
cr-p3.ladsp.com
1    31.220.27.134 (Amsterdam, Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
s.uuidksinc.net
3    103.231.98.196 (Japan)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    34.193.201.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-201-64.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    20.127.253.7 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
sync.inmobi.com
2    162.19.138.83 (France)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
id5-sync.com
1    182.161.73.132 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
cat.sg1.as.criteo.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
2    124.146.215.44 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    202.241.208.4 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
gdn.socdm.com
4    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
rtb2-useast.e-volution.ai
1    13.227.254.99 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-99.sin52.r.cloudfront.net
s.ad.smaato.net
1    52.45.175.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-175-185.compute-1.amazonaws.com
im.bluevoox.com
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    18.177.11.95 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-177-11-95.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
6    74.118.186.44 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    35.213.109.249 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 249.109.213.35.bc.googleusercontent.com
y.one.impact-ad.jp
1    52.221.119.8 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-119-8.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
2    202.131.200.84 (Japan)

ASN17941 (BIT-ISLE Equinix Japan Enterprise K.K., JP)
sync-dsp.ad-m.asia
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    103.229.206.241 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    182.161.73.135 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
pix.as.criteo.net
2    182.161.73.142 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
csm.as.criteo.net
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    23.78.217.74 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-78-217-74.deploy.static.akamaitechnologies.com
js-sec.indexww.com
1    52.84.45.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-81.mrs52.r.cloudfront.net
public.servenobid.com
1    151.101.65.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
8    35.71.178.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
6    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    104.19.159.19 (None, )

ASN13335 (CLOUDFLARENET, US)
assets.a-mo.net
2    23.41.65.80 (None, )

ASN- ()
secure-assets.rubiconproject.com
2    23.78.217.19 (None, )

ASN- ()
ads.pubmatic.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
1    54.156.87.203 (None, )

ASN- ()
cs.emxdgt.com
1    172.67.154.71 (United States)

ASN13335 (CLOUDFLARENET, US)
id.a-mx.com
7    52.74.162.2 (None, )

ASN- ()
ups.analytics.yahoo.com
2    37.157.6.247 (None, )

ASN- ()
cm.adform.net
1    54.147.206.141 (None, )

ASN- ()
ssp.disqus.com
2    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
2    104.18.101.194 (None, )

ASN- ()
p.adsymptotic.com
5    13.229.2.67 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    52.193.233.134 (None, )

ASN- ()
g2.gumgum.com
1    23.106.127.53 (None, )

ASN- ()
ssbsync.smartadserver.com
3    151.101.2.49 (None, )

ASN- ()
sync-tm.everesttech.net
1    104.18.12.76 (None, )

ASN- ()
cdn.indexww.com
Apex Domain
Subdomains		 Transfer
88 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 105
e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com
dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 142
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
927 KB
76 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 210
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307
625 KB
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 271
390 KB
17 media.net
prebid.media.net — Cisco Umbrella Rank: 1065
hblg.media.net — Cisco Umbrella Rank: 1563
contextual.media.net — Cisco Umbrella Rank: 559
warp.media.net — Cisco Umbrella Rank: 2230
lg3.media.net — Cisco Umbrella Rank: 3643
cs.media.net — Cisco Umbrella Rank: 1318
176 KB
16 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 479
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438
ssum.casalemedia.com — Cisco Umbrella Rank: 1370
dsum.casalemedia.com Failed
14 KB
16 google.com
adservice.google.com — Cisco Umbrella Rank: 75
www.google.com — Cisco Umbrella Rank: 2
5 KB
14 criteo.net
static.criteo.net — Cisco Umbrella Rank: 673
pix.as.criteo.net — Cisco Umbrella Rank: 17010
csm.as.criteo.net — Cisco Umbrella Rank: 17365
231 KB
13 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 936
fastlane.rubiconproject.com — Cisco Umbrella Rank: 466
eus.rubiconproject.com — Cisco Umbrella Rank: 564
secure-assets.rubiconproject.com
pixel.rubiconproject.com Failed
pixel-us-east.rubiconproject.com Failed
35 KB
13 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13567
us-u.openx.net — Cisco Umbrella Rank: 396
u.openx.net — Cisco Umbrella Rank: 650
jp-u.openx.net — Cisco Umbrella Rank: 10797
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 15327
e3.adpushup.com — Cisco Umbrella Rank: 16605
aplogger.adpushup.com — Cisco Umbrella Rank: 16434
217 KB
13 bg3.co
www.bg3.co — Cisco Umbrella Rank: 583884
static.bg3.co
94 KB
12 yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 359
218 KB
9 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 761
rtb.jp2.as.criteo.com — Cisco Umbrella Rank: 22529
ads.as.criteo.com — Cisco Umbrella Rank: 17083
cat.sg1.as.criteo.com — Cisco Umbrella Rank: 17485
gum.criteo.com — Cisco Umbrella Rank: 406
dis.criteo.com — Cisco Umbrella Rank: 688
55 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 228
acdn.adnxs.com — Cisco Umbrella Rank: 611
secure.adnxs.com Failed
37 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 543
eb2.3lift.com — Cisco Umbrella Rank: 407
4 KB
7 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 342
4 KB
7 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1006
assets.a-mo.net — Cisco Umbrella Rank: 3135
6 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 97372
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 30433
sync.aralego.com — Cisco Umbrella Rank: 3193
4 KB
5 pubmatic.com
image6.pubmatic.com — Cisco Umbrella Rank: 648
ads.pubmatic.com
image2.pubmatic.com Failed
ow.pubmatic.com Failed
simage2.pubmatic.com Failed
image4.pubmatic.com Failed
19 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 190
218 KB
5 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1646
public.servenobid.com — Cisco Umbrella Rank: 3425
6 KB
4 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 547
3 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 742
r.turn.com — Cisco Umbrella Rank: 3229
2 KB
4 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 563
2 KB
4 inmobi.com
mweb.ck.inmobi.com — Cisco Umbrella Rank: 3386
sync.inmobi.com — Cisco Umbrella Rank: 2025
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 739
3 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 9047
45 KB
3 everesttech.net
sync-tm.everesttech.net
296 B
3 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1085
gdn.socdm.com — Cisco Umbrella Rank: 135849
3 KB
3 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 15661
cr-p3.ladsp.com
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 754
2 KB
3 bidswitch.net
grid.bidswitch.net — Cisco Umbrella Rank: 934
x.bidswitch.net — Cisco Umbrella Rank: 301
2 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1270
sync.teads.tv — Cisco Umbrella Rank: 1077
767 B
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 905
pixel.quantserve.com — Cisco Umbrella Rank: 423
11 KB
2 adsymptotic.com
p.adsymptotic.com
477 B
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 394
1 KB
2 adform.net
cm.adform.net
c1.adform.net Failed
211 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 615
cdn.indexww.com
2 KB
2 mathtag.com
tags.mathtag.com — Cisco Umbrella Rank: 3434
sync.mathtag.com Failed
659 B
2 ad-m.asia
sync-dsp.ad-m.asia — Cisco Umbrella Rank: 3148
1 KB
2 e-volution.ai
rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 5392
1 KB
2 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1048
1 KB
2 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 6824
1 KB
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 463
3 KB
2 tremorhub.com
google.partners.tremorhub.com — Cisco Umbrella Rank: 9488
partners.tremorhub.com — Cisco Umbrella Rank: 1070
827 B
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 857
1008 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
502 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
74 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 654
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 14734
11 KB
1 smartadserver.com
ssbsync.smartadserver.com
rtb-csync.smartadserver.com Failed
1 KB
1 gumgum.com
g2.gumgum.com
rtb.gumgum.com Failed
usersync.gumgum.com Failed
2 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 220
667 B
1 disqus.com
ssp.disqus.com
37 B
1 a-mx.com
id.a-mx.com — Cisco Umbrella Rank: 3273
504 B
1 emxdgt.com
cs.emxdgt.com
67 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
5 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 549
397 B
1 impact-ad.jp
y.one.impact-ad.jp — Cisco Umbrella Rank: 2843
218 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 123710
736 B
1 bluevoox.com
im.bluevoox.com — Cisco Umbrella Rank: 13173
519 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 696
676 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 694
751 B
1 uuidksinc.net
s.uuidksinc.net — Cisco Umbrella Rank: 4096
335 B
1 admeme.net
v9999.adv.admeme.net — Cisco Umbrella Rank: 157666
358 B
1 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 833
757 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4584
614 B
1 mxptint.net
aep.mxptint.net — Cisco Umbrella Rank: 5847
723 B
1 qccerttest.com
pxl.qccerttest.com — Cisco Umbrella Rank: 983
550 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1527
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 846
682 B
1 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 364903
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4209
516 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 392
2 KB
1 ampproject.net
d-3871203774624694055.ampproject.net
0 mediarithmics.com Failed
cookie-matching.mediarithmics.com Failed
0 adotmob.com Failed
sync.adotmob.com Failed
0 creativecdn.com Failed
creativecdn.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 zemanta.com Failed
b1sync.zemanta.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 dotomi.com Failed
pubmatic-match.dotomi.com Failed
0 playground.xyz Failed
ads.playground.xyz Failed
0 rlcdn.com Failed
idsync.rlcdn.com Failed
id.rlcdn.com Failed
0 tribalfusion.com Failed
a.tribalfusion.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 loopme.me Failed
csync.loopme.me Failed
0 iprom.net Failed
core.iprom.net Failed
0 taboola.com Failed
trc.taboola.com Failed
0 adgrx.com Failed
cm.adgrx.com Failed
0 cinarra.com Failed
dps.jp.cinarra.com Failed
0 ctnsnet.com Failed
ipac.ctnsnet.com Failed
0 ambientdsp.com Failed
cm.ambientdsp.com Failed
0 appier.net Failed
gocm.c.appier.net Failed
0 bidr.io Failed
match.prod.bidr.io Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 lijit.com Failed
ce.lijit.com Failed
ap.lijit.com Failed
0 amazon-adsystem.com Failed
s.amazon-adsystem.com Failed
aax-eu.amazon-adsystem.com Failed
0 aniview.com Failed
pbs.aniview.com Failed
0 deployads.com Failed
c.deployads.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 mfadsrvr.com Failed
rtb.mfadsrvr.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 rfihub.com Failed
p.rfihub.com Failed
0 sonobi.com Failed
sync.go.sonobi.com Failed
501 110
Domain Requested by
50 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
adx.holmesmind.com
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
www.googletagservices.com
48 cm.g.doubleclick.net 14 redirects googleads.g.doubleclick.net
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
www.bg3.co
u.openx.net
eb2.3lift.com
g2.gumgum.com
32 tpc.googlesyndication.com googleads.g.doubleclick.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
www.bg3.co
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
pagead2.googlesyndication.com
26 s0.2mdn.net www.bg3.co
s0.2mdn.net
googleads.g.doubleclick.net
12 static.bg3.co www.bg3.co
11 static.criteo.net cdn.adpushup.com
static.criteo.net
ads.as.criteo.com
11 googleads.g.doubleclick.net 1 redirects cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
googleads.g.doubleclick.net
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
11 securepubads.g.doubleclick.net cdn.adpushup.com
cdn.aralego.net
securepubads.g.doubleclick.net
www.bg3.co
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
9 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
8 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
8 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
ads.pubmatic.com
8 ib.adnxs.com 3 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
prebid.a-mo.net
ads.pubmatic.com
7 ups.analytics.yahoo.com 7 redirects
7 match.adsrvr.org 6 redirects cdn.adpushup.com
7 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
6 googleads4.g.doubleclick.net www.bg3.co
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
g2.gumgum.com
6 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 prebid.a-mo.net 1 redirects cdn.adpushup.com
prebid.a-mo.net
6 e3.adpushup.com www.bg3.co
5 pr-bh.ybp.yahoo.com 1 redirects www.bg3.co
ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
5 www.googletagservices.com googleads.g.doubleclick.net
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 sync.1rx.io 4 redirects g2.gumgum.com
4 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
4 sync.search.spotxchange.com 3 redirects googleads.g.doubleclick.net
4 pm.w55c.net 4 redirects
4 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 prebid-server.rubiconproject.com cdn.adpushup.com
prebid.a-mo.net
4 adpushup-d.openx.net cdn.adpushup.com
4 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 sync-tm.everesttech.net ssum-sec.casalemedia.com
ads.pubmatic.com
g2.gumgum.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 ad.turn.com 3 redirects ads.pubmatic.com
3 image6.pubmatic.com 2 redirects ads.pubmatic.com
3 cs.media.net 1 redirects contextual.media.net
3 onetag-sys.com cdn.adpushup.com
public.servenobid.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 px.ads.linkedin.com 2 redirects www.bg3.co
2 cm.adform.net prebid.a-mo.net
public.servenobid.com
2 dis.criteo.com contextual.media.net
ads.pubmatic.com
2 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
2 secure-assets.rubiconproject.com 2 redirects g2.gumgum.com
2 jp-u.openx.net u.openx.net
2 csm.as.criteo.net ads.as.criteo.com
2 tags.mathtag.com 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
www.bg3.co
2 sync-dsp.ad-m.asia 2 redirects ads.pubmatic.com
2 rtb2-useast.e-volution.ai 2 redirects
2 sync.targeting.unrulymedia.com 2 redirects
2 x.bidswitch.net 2 redirects public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
2 dsp.adkernel.com 2 redirects
2 tg.socdm.com 2 redirects g2.gumgum.com
2 id5-sync.com 2 redirects
2 sync.inmobi.com 2 redirects
2 cr-p1.ladsp.com 2 redirects
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 mweb.ck.inmobi.com 2 redirects
2 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
2 partner.googleadservices.com pagead2.googlesyndication.com
2 htlb.casalemedia.com cdn.adpushup.com
2 www.google-analytics.com www.bg3.co
www.googletagmanager.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com cdn.adpushup.com
delivery.adrecover.com
2 delivery.adrecover.com www.bg3.co
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 c.bing.com eb2.3lift.com
1 ssum.casalemedia.com 1 redirects
1 ssp.disqus.com prebid.a-mo.net
1 id.a-mx.com prebid.a-mo.net
1 cs.emxdgt.com contextual.media.net
g2.gumgum.com
1 assets.a-mo.net prebid.a-mo.net
1 cr-p3.ladsp.com 1 redirects
1 u.openx.net cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 js-sec.indexww.com cdn.adpushup.com
1 pix.as.criteo.net ads.as.criteo.com
1 cdnjs.cloudflare.com ads.as.criteo.com
1 match.sharethrough.com 1 redirects
1 y.one.impact-ad.jp 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
1 cs.r-ad.ne.jp 1 redirects
1 im.bluevoox.com 1 redirects
1 s.ad.smaato.net 1 redirects
1 gdn.socdm.com 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
1 r.turn.com 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
1 cat.sg1.as.criteo.com ads.as.criteo.com
1 sync.srv.stackadapt.com 1 redirects g2.gumgum.com
1 s.uuidksinc.net 1 redirects
1 v9999.adv.admeme.net 1 redirects
1 um.simpli.fi 1 redirects ads.pubmatic.com
1 partners.tremorhub.com googleads.g.doubleclick.net
1 ads.as.criteo.com 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
1 rtb.jp2.as.criteo.com www.bg3.co
1 google.partners.tremorhub.com 1 redirects
1 fksnk.com 1 redirects
1 aep.mxptint.net 1 redirects
1 pxl.qccerttest.com www.bg3.co
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 rules.quantcount.com secure.quantserve.com
1 adx.holmesmind.com pagead2.googlesyndication.com
1 prebid.media.net cdn.adpushup.com
1 hb-api.omnitagjs.com cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 grid.bidswitch.net cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 secure.quantserve.com cdn.adpushup.com
1 d-3871203774624694055.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 id.rlcdn.com Failed ssbsync.smartadserver.com
0 cookie-matching.mediarithmics.com Failed ssbsync.smartadserver.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 sync.adotmob.com Failed ssbsync.smartadserver.com
0 creativecdn.com Failed g2.gumgum.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 bh.contextweb.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 b1sync.zemanta.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 rtb.gumgum.com Failed ads.pubmatic.com
0 pubmatic-match.dotomi.com Failed ads.pubmatic.com
0 ads.playground.xyz Failed ads.pubmatic.com
0 image4.pubmatic.com Failed ads.pubmatic.com
0 sync.mathtag.com Failed ads.pubmatic.com
g2.gumgum.com
0 idsync.rlcdn.com Failed ads.pubmatic.com
0 a.tribalfusion.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
g2.gumgum.com
0 csync.loopme.me Failed ads.pubmatic.com
0 core.iprom.net Failed ads.pubmatic.com
0 trc.taboola.com Failed ads.pubmatic.com
0 cm.adgrx.com Failed ads.pubmatic.com
0 dps.jp.cinarra.com Failed ads.pubmatic.com
0 ipac.ctnsnet.com Failed ads.pubmatic.com
0 cm.ambientdsp.com Failed ads.pubmatic.com
0 gocm.c.appier.net Failed ads.pubmatic.com
0 simage2.pubmatic.com Failed ads.pubmatic.com
0 match.prod.bidr.io Failed ssum-sec.casalemedia.com
0 dsum.casalemedia.com Failed ssum-sec.casalemedia.com
0 secure.adnxs.com Failed ssum-sec.casalemedia.com
g2.gumgum.com
0 x.yieldlift.com Failed public.servenobid.com
0 ap.lijit.com Failed public.servenobid.com
0 ce.lijit.com Failed public.servenobid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 s.amazon-adsystem.com Failed eb2.3lift.com
www.bg3.co
ssum-sec.casalemedia.com
0 c1.adform.net Failed eb2.3lift.com
ads.pubmatic.com
0 pbs.aniview.com Failed prebid.a-mo.net
0 ow.pubmatic.com Failed prebid.a-mo.net
0 c.deployads.com Failed prebid.a-mo.net
0 image2.pubmatic.com Failed prebid.a-mo.net
ads.pubmatic.com
0 pixel.rubiconproject.com Failed prebid.a-mo.net
www.bg3.co
public.servenobid.com
eus.rubiconproject.com
0 pixel.tapad.com Failed prebid.a-mo.net
0 rtb.mfadsrvr.com Failed contextual.media.net
0 stags.bluekai.com Failed contextual.media.net
eb2.3lift.com
0 p.rfihub.com Failed contextual.media.net
public.servenobid.com
0 sync.go.sonobi.com Failed googleads.g.doubleclick.net
public.servenobid.com
501 174

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
cdn.adpushup.com
R3		 2022-09-07 -
2022-12-06		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.a-mo.net
R3		 2022-09-05 -
2022-12-04		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-27 -
2022-11-22		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.omnitagjs.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.google.com.au
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
qccerttest.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-09-05 -
2022-11-28		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-09-01 -
2022-11-30		 3 months crt.sh
*.jp2.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-07 -
2022-11-09		 3 months crt.sh
*.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-06 -
2022-10-31		 3 months crt.sh
*.sg1.as.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-02 -
2022-11-01		 3 months crt.sh
y.one.impact-ad.jp
Sectigo RSA Domain Validation Secure Server CA		 2022-03-04 -
2023-03-25		 a year crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.as.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-08-31 -
2022-12-04		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-05-18 -
2023-06-16		 a year crt.sh
ssp.disqus.com
Amazon		 2021-12-20 -
2023-01-18		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2022-09-03 -
2023-03-03		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh

This page contains 90 frames:

Primary Page: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Frame ID: 5F3B50F0A5C0E90328C8944533C611F8
Requests: 90 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 03CC11607AFE8D45A5153740E464E65F
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: C5163C6FA92D125F21C0D4C6D0EA745A
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 49F51C84463F3D46539DF9B44BEF190F
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 047D60355253F62EF3842AF4F3E150DD
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16181573952226916189&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2790&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=3005360&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&ga_hid=5360&dt=1664283218400&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&bdt=2480&dtd=453&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: F9DE1D1E59E8F6333975BA8DDC2B3B13
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 524B317802B46275A84FB90BA39CBB6C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Frame ID: BB9C3A064BCE8EA2617E5D0676A6D24C
Requests: 1 HTTP requests in this frame

Frame: https://e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F2058895094834A52B9D92D186A4A87E
Requests: 1 HTTP requests in this frame

Frame: https://dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: EFC2C37A8704001EA165D300D210BE07
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=CNqbnU_IyY_OiKbaS29gPpKuPgAqs1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEqAJP0DKfL6tjoA2YyXddjL2Vx5X2pLdt92yi2Y6NYTiTSeD0ZTn-DCoPp2nsYJQWZbDmijJpa8Iom-nQepGAvEzqpqUUY-iNDue_4jLwE-yNhuh5CevXNkGcF0WfVeynZF855Dt5fFwDgSJXHGhMdXt5Bj7PbOFk80cTq4WD-xS8mYW0WeD0ELkG3dRSpnzn_fO0gB44Jvl-AOqa8YkIyLiroSc0QL86ePBH2B68G42NEA0WppBFWDsPGOWziX5X5W3gkySY7ZsEvbglGHLCf-3y7C0XzemTMZ9lLF8xaSrzigMIt5AM77K3RXL4BQtxTDjt1xnSMIoNJxS6OQKrRNl6u4NMt3330p_DwbszxfWjq04sbqupjCi6k4tuNAQ3dufHGYsXyNBQ-oAGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=FuSMANA5eGY&uach_m=[UACH]&cid=CAQSGwCsnQUxbl_oim7nlpK_H35nPVgyN0Zu99bHABgB
Frame ID: B1C66D7EA168642E44EE3FF1C391B7DB
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Frame ID: 13C6FA683DA07355D99FBDB68D2D2CC7
Requests: 15 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 0688CE37CC5E778796A64335DFA6E66D
Requests: 3 HTTP requests in this frame

Frame: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C2A2B8C068C285C07E4C59FDB571BEE8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN_sjwEQqLvoAhis-MTSATAB&v=APEucNVYxGG9DQIz4vAX5bJpfH27dNADTPwjdp34HXIHTthyt_25G1Rhf2VabqPeBf6AhGdKSzIiSjmZvrfQJkIGPncuVhW-XA
Frame ID: FE9DA70F8E20DFEB844D74E08198B0CA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 085CB02C5CF660A70590C3C4223343FA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3A01511E713EC536A8B0A6840E2E3C50
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: E974FB0DEBB4FB3982B4B6753AA289CC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 15BFBF19B1FCF476B3DC6164F61BBEE0
Requests: 2 HTTP requests in this frame

Frame: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F0467F7F7F557340A6DFFD1BF6F00129
Requests: 16 HTTP requests in this frame

Frame: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EB1F3BAEB250CC65DCAFD498D93272E4
Requests: 16 HTTP requests in this frame

Frame: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 03381C37BDB0C318820DF1CF63023111
Requests: 10 HTTP requests in this frame

Frame: data://truncated
Frame ID: 05598DAD0BB0B95C15359AE056E0C6EB
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: C6D8D8232A946E2057EE574B1340095C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 146C2C31AAF68B48DD4B9B5BF50FC5B2
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXhlYFBtDLk2ucGTbWwhovPJkP2byKRJ6Bvb9Y8dUEUuyOsMigHmEbNioxGN_T4MSc9CaV6E4K5SLLeY9lN1s06WRX77A
Frame ID: 8CC2EADF4F710495D8D49E1BD694F8B2
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW1iU5ag5J_bN2lSyEZ--iSFVbiyuZ2RUV7rUOSs1suLh4NqLoarIG5D6y7t7WiCAFeIGxr7LsfFpfw_N78n9kROW6twg
Frame ID: 80E5AB128E726BC728B44492043214B8
Requests: 4 HTTP requests in this frame

Frame: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Frame ID: D91F04BA514D645160AA4A91FE748D37
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1BF2D1A73F5916802C252B24CF4A00CC
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
Frame ID: 5D4C5B5F4530E7E38D1C71F2D6427A54
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 998D35FBE98E637DC8E7695FC8B66DF3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6EFBD296485C2BD9DC4B1842D9D3C113
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 517708EC9981A8CC1E1E9119896D238F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2AB97158062EBCC341C05BE5979A75F0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A4D5023894CFD9701A1FC6AA6891ABD1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5CDE8936A2BF6E932A0A262135C3A7FC
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Frame ID: 4F1D249295F0B5424B6BB1222B5F4D06
Requests: 10 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8748151230531897985/index.html
Frame ID: E3C1B86C1715A2999FE70A6409F21995
Requests: 4 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 623B55C0503BB9CC5F883D4B401B7C62
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1664283219781
Frame ID: F25EE98FDD082661848A8F94ABD3B4F2
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8294EA225919FBFE74C52EC09C153E3B
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: E7D7BDAEA6D30A05A1ED819ACAC510B5
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: 84A46707D8C2B9B7595722AD7ECBDE14
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 64C4E65BCF8FAEA2D71724C1EBF3CED4
Requests: 10 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3A33A2971A95EDDADC10CC524F7FB8B6
Requests: 11 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Frame ID: B76BEF2047ACE40AF92DB4FEBBFB6DB8
Requests: 18 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 6C93C348F80A8D51F8C22CF2B7A1592E
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5C3F111943EC2983ECDC2E9DA9560A95
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 12B0A368B57B1FDD27E76F72C62CCC58
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 63C9DE2E4A403500901341EDF56A132F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9452BE3B6755FB233FC4F8B1F5C01EA4
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: BFEDE7FC27B310D58D482470E3B01CCF
Requests: 3 HTTP requests in this frame

Frame: https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Drkt%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D%7Buserid%7D
Frame ID: D363C8FCD09515542CAF1E2CBAA9FA25
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dpba%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DPM_UID
Frame ID: FB71FBB9832275A4C39258471735F647
Requests: 18 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 0BEFBCA94C0024D34DBFBB37AA964879
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 975C1FA5DAFF134E0F86E37D9B822EF0
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 346FB5C2ABBEE1800A35E46F8F5750E8
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: EF7D3C4AC8B116512FFB64996458E57F
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 305E68D33502EA7F4133FE9D9C8DD989
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: 12EC6F9B87154DA285420705B8AC6284
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 0E13F3CBDCBC214CA1EA33EA07D4CFD7
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Frame ID: 19961F9A27A655B60372DB3F39FEAC0D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2ba6332-f259-4c00-a2ab-7d6feae29c6e&gdpr=0&gdpr_consent=
Frame ID: 1F8AA6CD6B245EAF8B882F447B9B88D8
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Frame ID: A967D9C82C0E0FFCE86D6315E39A3554
Requests: 1 HTTP requests in this frame

Frame: https://gocm.c.appier.net/pubmatic
Frame ID: 50B0A64698406F8B3B993134A28BECCC
Requests: 1 HTTP requests in this frame

Frame: https://cm.ambientdsp.com/cm/send?vc=pmj
Frame ID: 7A9F563A8D4A5EA273ECC2067062C62E
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: A1BA891DAB44BE9668BA00C617C47BA1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 0AAA1F6C200E4333959D3CD2A7F0DD51
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
Frame ID: 3315549EE6C1D72DD39D7743990F5BD9
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Frame ID: 727E4BE5086766C6176EB561F30E80A6
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004&rndcb=3976548942
Frame ID: 649B6B75E5074210969760E6C0B76996
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OD3PA5z41ODa5N5&gdpr=0&gdpr_consent=
Frame ID: 9B25F480835D7063416FC3AE4C99372E
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: CC3C2445577EBC49B27611133EDE1668
Requests: 1 HTTP requests in this frame

Frame: https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Frame ID: FD5147D382DD4EE30C28F274C962BBA6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: A8974B1B7C9B686EDFCAE3926B3163FF
Requests: 1 HTTP requests in this frame

Frame: https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Frame ID: E987A5DD5ABEEEAB28E11D0E1C250BB6
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 322A0C3335357F8BC600E9FBD976B460
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9CD9D5E126244C9884D0E9EF5D0D91F0
Frame ID: A8ED721D56631396F49D1162858F4361
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 6F22BE22371449E55AC92DF218568287
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=pba&refUrl=&vid=42832249943072848216820024000V10&ovsid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Frame ID: F5004A2180A7FD47485ADB10495BE6F9
Requests: 1 HTTP requests in this frame

Frame: https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Frame ID: 19D17A272F695F5F3C7989C8D57C4AC4
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: BF7811BA67858DA3D15F40F8F212DEF4
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hYzZlNjc0Mi1kOTI1LTQzNTMtYjUwYS02NjczNWJlN2I5N2Q=&gdpr=0&gdpr_consent=
Frame ID: 9251A7229880A30154913E3A5E6EEDAA
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 3331713882503BC59ECBF4C9974C2F45
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=1e7b7f15-67bd-407f-a491-9253efff8d18
Frame ID: 7835A93E3C004B38E50FBA7B53E66624
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 2CA58D3DE87C1C8B6DB51D110280D558
Requests: 1 HTTP requests in this frame

Frame: https://tg.socdm.com/aux/idsync?proto=gumgum
Frame ID: 5D02EFEAACD166C2D76B54C18EA3B4DF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: E0A6ABD5F25DD30CBF2B94598CD82111
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: 0CA026DA61996951C502B8D0AF462ADD
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Frame ID: EF53DB24A439D8D160DF9DBA91597D49
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

七彩雲南走進孟加拉國專場活動在孟舉行 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

501
Requests

66 %
HTTPS

0 %
IPv6

110
Domains

174
Subdomains

86
IPs

9
Countries

3498 kB
Transfer

9609 kB
Size

106
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 87
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218876&bpp=13&bdt=1703&idt=522&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=2&ga_vid=1646053002.1664283219&ga_sid=1664283219&ga_hid=354336274&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=3645915721&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44761792%2C31069633%2C31069178%2C44772915&oid=2&pvsid=1890999272127215&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.1l0ixmuctpby&fsb=1&dtd=560 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 134
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3Mjg0ODIxNjgyMDA3NDAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDjuQbZ4_rO1CLywAatpjbs&google_cver=1
Request Chain 135
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1e7b7f15-67bd-407f-a491-9253efff8d18
Request Chain 147
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1&C=1
Request Chain 148
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzLyVvECjwNmHupSHkQcYAAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1
Request Chain 149
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFSNqoBNnTcLbabYVWj9XG4&google_cver=1
Request Chain 150
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4ODkzNTg2ODY5NjI2NjE3OQ%3D%3D
Request Chain 171
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cver=1&google_push=AZmPxg_e8xmU7T3uwGgFE3fPJuAi4vtMAMRFNVilABMdkgEgYB4fCIgKLF_yrfOOVgUO5RrEbUwkOIBDZpTOX1umLP50mdnj-lmdmg HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cver=1&google_push=AZmPxg_e8xmU7T3uwGgFE3fPJuAi4vtMAMRFNVilABMdkgEgYB4fCIgKLF_yrfOOVgUO5RrEbUwkOIBDZpTOX1umLP50mdnj-lmdmg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0QzUEE1ejQxT0RhNU41&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cver=1&google_push=AZmPxg_e8xmU7T3uwGgFE3fPJuAi4vtMAMRFNVilABMdkgEgYB4fCIgKLF_yrfOOVgUO5RrEbUwkOIBDZpTOX1umLP50mdnj-lmdmg
Request Chain 172
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEMSbDq_oct2sRjhjXTsJzNc&google_cver=1&google_push=AZmPxg-5UEccxiGYU3CJTEiEr6O1I8O7ycTk0t0P5r09vWHju8yWjCQMSYMXW_q1qCMADUgGxf02D3T-cBLnuS6s5jMXVw-lrk2dBA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-5UEccxiGYU3CJTEiEr6O1I8O7ycTk0t0P5r09vWHju8yWjCQMSYMXW_q1qCMADUgGxf02D3T-cBLnuS6s5jMXVw-lrk2dBA&google_hm=UjFENTMxX0Y2RERCQ0MyX0U2MEVEMjg%3D
Request Chain 173
  • https://fksnk.com/cs/google?google_gid=CAESEM_izrsf38FhOoCwg1ilw4g&google_cver=1&google_push=AZmPxg81en_gisgUDzy1cq4IuT_fHwkCpXSQllXXbYu3MumYzjYKZqKU-zyivNtKJy3oc-5oOB435T3WUXsXUILvVteSuR6a11bgPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEY3NjA0NzkxNjdCMEM4OQ==
Request Chain 174
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9D9qoDSvDGbOm1I6WUWlT-BnLlkidtU7C73jazc85wRVcGO0BKsd5p_DWzO9r2neQA49uWRI1UAkvXJALgDV0US7lABdbV_A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjIwOWIzOWUtNDgwOC00ZWRiLWJlZDEtYmNlNGI5MzkyNmJk&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9D9qoDSvDGbOm1I6WUWlT-BnLlkidtU7C73jazc85wRVcGO0BKsd5p_DWzO9r2neQA49uWRI1UAkvXJALgDV0US7lABdbV_A
Request Chain 176
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEImYzZB5AEWHjSjQfLyX7-Y&google_cver=1&google_push=AZmPxg-SjO7rso9mfMT8QjvQFCgUaRYEEyIcaM_cbmr8rF5QFZ-wpwADvmaaM92T7YoBchsAmdjkLPN0MYtFR6yVbnxIAqu45byRtA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OWIzZTQ2YTAxOTUxNDM4NGEzZmU2ZTZmZDk1Y2Q0Mzg%3D&UIDF=CAESEImYzZB5AEWHjSjQfLyX7-Y&google_cver=1&google_push=AZmPxg-SjO7rso9mfMT8QjvQFCgUaRYEEyIcaM_cbmr8rF5QFZ-wpwADvmaaM92T7YoBchsAmdjkLPN0MYtFR6yVbnxIAqu45byRtA
Request Chain 177
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDjuQbZ4_rO1CLywAatpjbs&google_cver=1&google_push=AZmPxg_HerzaiH_4ziIT2Lkr0nYUmy3vNWBDA1dtATY22qKP-BYFVFIpG9IEoGPoGke8YyNS6Xd5FrgfHOg5RD-7U6y2sSpGmB-JYA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&mn_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_HerzaiH_4ziIT2Lkr0nYUmy3vNWBDA1dtATY22qKP-BYFVFIpG9IEoGPoGke8YyNS6Xd5FrgfHOg5RD-7U6y2sSpGmB-JYA&gdpr=&gdpr_consent=
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
Request Chain 206
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzY4ZDU4ZmItYTVkNy0yZjUxLWZjNzMtYzg5OGYxNGRhYzcx
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEHricMQj7FllCAIDuYVGrFo&google_cver=1
Request Chain 208
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Njg5YzdkODctNmZhOS00OTI1LWE1ZWQtZDY3NjViMmEwNzJk
Request Chain 209
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm HTTP 302
  • https://partners.tremorhub.com/sync?UIGL=CAESEK1L_jtrPMwoS_vcWuhDbJo&google_cver=1
Request Chain 210
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHGW8y3JwMmTyi7_qJphEYQ&google_cver=1 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHGW8y3JwMmTyi7_qJphEYQ&google_cver=1&__user_check__=1&sync_id=6b1bb4f8-3e63-11ed-8742-1547970c0407
Request Chain 211
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=6b0ca616-3e63-11ed-b1d0-15309e7d0507 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmIwY2E1MzEtM2U2My0xMWVkLWIxZDAtMTUzMDllN2QwNTA3
Request Chain 212
  • https://um.simpli.fi/gp_match?google_gid=CAESEIVBQs5orF_22ltGkA7nNH0&google_cver=1&google_push=AZmPxg94PUZ0L5rpW16_We6FEYFKE55Pdlj1de892x7YgNBCZMz1UrnR1EaNpYVd_qLIwqKVPG9uUeimwN0675xPMl29tCKEcKGggtm-TGIz5oa-JCekCD3A5gHSA7WoLHyrvb18DKcGXQqNerqq8E9ssA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9CD9D5E126244C9884D0E9EF5D0D91F0&google_push=AZmPxg94PUZ0L5rpW16_We6FEYFKE55Pdlj1de892x7YgNBCZMz1UrnR1EaNpYVd_qLIwqKVPG9uUeimwN0675xPMl29tCKEcKGggtm-TGIz5oa-JCekCD3A5gHSA7WoLHyrvb18DKcGXQqNerqq8E9ssA
Request Chain 213
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENJreJgLDsRUk2hrIciM1kI&google_cver=1&google_push=AZmPxg8woMKay0YzA4MDZeQ3LoxWj0LDGgiQYcutIJE5NGotKLFKWehN17UW3tDboo8lAtOwuMpNv3gaqy21EMzeGYMS_EcDRcnLH_ebL62r4L_5I0COVGWCIEdpCbJSEd2jLAYwgemyY7DndG7GcXqHNxo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8woMKay0YzA4MDZeQ3LoxWj0LDGgiQYcutIJE5NGotKLFKWehN17UW3tDboo8lAtOwuMpNv3gaqy21EMzeGYMS_EcDRcnLH_ebL62r4L_5I0COVGWCIEdpCbJSEd2jLAYwgemyY7DndG7GcXqHNxo
Request Chain 214
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3unJglSp9JF3BjQMYeA&google_gid=CAESECYPC0KvL_fNOympLHrkSy8&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3unJglSp9JF3BjQMYeA&google_gid=CAESECYPC0KvL_fNOympLHrkSy8&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3unJglSp9JF3BjQMYeA&google_hm=AWNWp0OSnu_Fks8ADsWuI7HhIcA
Request Chain 215
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEA0koD_R9vPprhGvjOmTJX8&c_param1=AZmPxg-hhpZopZZ3G7UzqxVVZFevzl2LUU_IeVT-isIwHZQImUTKNpaBssXYXffPdRSVN862NFKyo4naKInKOOaOUCD-JqpCABMpi53BRFuZ9XEXe_sf7iAozkRKGsi0FyESrV9SC-eCzxSf0UWj-s3unw&gdpr=%%GDPR%%&addtl_consent=%%ADDTL_CONSENT%%&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-hhpZopZZ3G7UzqxVVZFevzl2LUU_IeVT-isIwHZQImUTKNpaBssXYXffPdRSVN862NFKyo4naKInKOOaOUCD-JqpCABMpi53BRFuZ9XEXe_sf7iAozkRKGsi0FyESrV9SC-eCzxSf0UWj-s3unw
Request Chain 216
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI7LyKFT9xWayOoOzGfJLKw&google_cver=1&google_push=AZmPxg_wKFMdukKFZ5d6BhcdOIhLtwRv1TuG6OsE7amvamfcviC9vOWqZ_dYjVKFIsi9yqKXqMFBudPoRQuL_aSOeKXwkzwvBx5ggCWZLypJhkIQLzfCTsbbjbBTBGrkT1dbwy8sHPBx42G-1qD_T-dNfg HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEI7LyKFT9xWayOoOzGfJLKw&google_cver=1&google_push=AZmPxg_wKFMdukKFZ5d6BhcdOIhLtwRv1TuG6OsE7amvamfcviC9vOWqZ_dYjVKFIsi9yqKXqMFBudPoRQuL_aSOeKXwkzwvBx5ggCWZLypJhkIQLzfCTsbbjbBTBGrkT1dbwy8sHPBx42G-1qD_T-dNfg&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pO9ZAW3Srib4OwK5d-65w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_wKFMdukKFZ5d6BhcdOIhLtwRv1TuG6OsE7amvamfcviC9vOWqZ_dYjVKFIsi9yqKXqMFBudPoRQuL_aSOeKXwkzwvBx5ggCWZLypJhkIQLzfCTsbbjbBTBGrkT1dbwy8sHPBx42G-1qD_T-dNfg
Request Chain 217
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHHC2FDpXdnNoFyQT3sXOfk&google_cver=1&google_push=AZmPxg9m1M5tsrWd7Hsx_FJuzNTil7SZNGfJ4BAw1DUyceIbP7o2e_QjvQXL9Urz77CjZX2eCZ0ESTqTN3oNSL_F3UeU6PkWY5tE9z-nQLCQEUA4TmjZ6EoLIEP9WqyPbt53lwVfrqC4j0tIPVgqFOT-XrM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=RDiN7Of6RbRfDq0r9bEL8a310Qg&google_push=AZmPxg9m1M5tsrWd7Hsx_FJuzNTil7SZNGfJ4BAw1DUyceIbP7o2e_QjvQXL9Urz77CjZX2eCZ0ESTqTN3oNSL_F3UeU6PkWY5tE9z-nQLCQEUA4TmjZ6EoLIEP9WqyPbt53lwVfrqC4j0tIPVgqFOT-XrM
Request Chain 218
  • https://sync.inmobi.com/gob?google_gid=CAESEIEdoY5EFi6jEaAYHjytOS0&google_cver=1&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96Qk97MAhgtTuUa30WHnv8xjAQhsdDE-DRzHj8a HTTP 302
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96Qk97MAhgtTuUa30WHnv8xjAQhsdDE-DRzHj8a HTTP 302
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOMU0fISZOjSBOpWbtHyLrfvQGxixY-grNULWe_w&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96Qk97MAhgtTuUa30WHnv8xjAQhsdDE-DRzHj8a HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_hm=L5Pjq7lnNJi0L8DgqG61&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96Qk97MAhgtTuUa30WHnv8xjAQhsdDE-DRzHj8a&google_nid=inmobi_new_eb
Request Chain 247
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN4bxEFnFwqTM4W0fG3irYk&google_cver=1&google_push=AZmPxg8iSxXCWUjk--6C_LXnO5JeJ7YG6ekep_jR3eTHIB0_DA0WrivNu3r3NCtx-qJwqYW4nBnTxyrT54BycbXLy7aqEJE92C_JtQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDEwNzMxMDU3NTkxNzcyOTg1Nw==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN4bxEFnFwqTM4W0fG3irYk&google_cver=1
Request Chain 248
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1&google_push=AZmPxg9_qumHxHYEw6zLRuRPi3rrAUrHewrWY9jgc4DMg3hnzGrIa-LXEYsXbDCU3bnbZTqZ_yQl6AUNtrAqGPdeTfliCKqf9Zkmow HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXpMeVdNQ284WUFBQUk5bmQzQUFBQUFB HTTP 302
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1
Request Chain 249
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9Cu2FugNYjeufurS2JdjMsEyqqIVaW2qfvN8dECM7M6jgEjo594mYf8hhEAjnNBvrUgFAsvlxNB1_E-98ZXPkv0OrUAk6DoQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmQxNGFlNTUtNDYzMy00M2JiLTkyMjktODQ4ZTBhZDk3NzU1&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9Cu2FugNYjeufurS2JdjMsEyqqIVaW2qfvN8dECM7M6jgEjo594mYf8hhEAjnNBvrUgFAsvlxNB1_E-98ZXPkv0OrUAk6DoQ
Request Chain 250
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESELAHCvMBpe62n8TY0JP_x2E&google_cver=1&google_push=AZmPxg94PxTu6tL0Sbnt5agE33YBIe5ct548a2to_DRdMctV-tfeyPYKaWvaZmonoLoBqAdaGYSZUCKhR9K6cMXZ-u8Kz22lZ0Fh HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg94PxTu6tL0Sbnt5agE33YBIe5ct548a2to_DRdMctV-tfeyPYKaWvaZmonoLoBqAdaGYSZUCKhR9K6cMXZ-u8Kz22lZ0Fh
Request Chain 251
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_cver=1&google_push=AZmPxg_T5m_RGgvWfpJFvg1Sw2geW7dOqC3eCig3xSTNHqxcxpZhU1L4PFdBfmGEZyRylXb4ONxbSRtrcmbNilTX8PEKKwltCr-25Q HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_hm=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&google_nid=index&google_push=AZmPxg_T5m_RGgvWfpJFvg1Sw2geW7dOqC3eCig3xSTNHqxcxpZhU1L4PFdBfmGEZyRylXb4ONxbSRtrcmbNilTX8PEKKwltCr-25Q
Request Chain 252
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENkUUQ3xgjKGkMXdDVGP3pg&google_cver=1&google_push=AZmPxg85DLUq3TWn_C9A5aGwJQvRIQTVA7k6wAWt8JiRSfkN-f5dw61EW7DvvNQ-f2G_0wSdd5mQXpKYKu_aE-o3F39mtICqKRewsg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=279a924&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg85DLUq3TWn_C9A5aGwJQvRIQTVA7k6wAWt8JiRSfkN-f5dw61EW7DvvNQ-f2G_0wSdd5mQXpKYKu_aE-o3F39mtICqKRewsg
Request Chain 253
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEN9QTmYbLP1OH0er6l9Y0bs&google_cver=1&google_push=AZmPxg_5dAsFgAcUCO87Jo7X441bY0Bbg5eaM3X-3vSmgBNVG12Z1TziT_AZk3aOnuY5ZiWulSksSA3xr3CU6ASom4Wuj6nBSef8aA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg_5dAsFgAcUCO87Jo7X441bY0Bbg5eaM3X-3vSmgBNVG12Z1TziT_AZk3aOnuY5ZiWulSksSA3xr3CU6ASom4Wuj6nBSef8aA&google_hm=QlMuZDkxMy0wYTM0LTRmZjUtYTIzNQ==
Request Chain 258
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMltLhg_kTYYLHLW_p34Pyk&google_cver=1&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrls_7-8cokjsNOzfPuffCgM HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMltLhg_kTYYLHLW_p34Pyk&google_cver=1&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrls_7-8cokjsNOzfPuffCgM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrls_7-8cokjsNOzfPuffCgM&google_hm=BxeXFssITSqHZSPBkGG2Kg==
Request Chain 259
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEHnHpm4ktp7ByxAVTef0KPo&google_cver=1&google_push=AZmPxg_z34TjRDq7lF4XbgzApmZwOADSOgXlFc48Ot2Bx2HBJiZKnUANH8ZzqUMvv1Kkln5wT2gIRqghogxMcMwKm2r2j09uNINAtnKxJj3lNHRasqRM-EexMsHEjpK3JHESxuLfQAITrHpLmre4DQzrnbI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg_z34TjRDq7lF4XbgzApmZwOADSOgXlFc48Ot2Bx2HBJiZKnUANH8ZzqUMvv1Kkln5wT2gIRqghogxMcMwKm2r2j09uNINAtnKxJj3lNHRasqRM-EexMsHEjpK3JHESxuLfQAITrHpLmre4DQzrnbI&google_hm=NTBnQ3JpMDBqQkRHYTAwN1l2UE8
Request Chain 260
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKdvy2TF0JmyCOAnt0ARQRw&google_cver=1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp1xJiG0lnBoWEDouEFVc HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp1xJiG0lnBoWEDouEFVc&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1664283224040 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp1xJiG0lnBoWEDouEFVc%26google_hm%3DBHYta6Ttlk6diwb_g6TMM9w HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp1xJiG0lnBoWEDouEFVc&google_hm=BHYta6Ttlk6diwb_g6TMM9w
Request Chain 262
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEKuGF59TvU6MDoT4LklPTKc&google_cver=1&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOErN4lQ7lADSD8gqeNzC7U6-6jyFYXx-ujUWczv2fy4PctC8uqsA-3DNlUKLAZVd_UbA0hEkvRsjo3 HTTP 302
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEKuGF59TvU6MDoT4LklPTKc%26google_cver%3D1%26google_push%3DAZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOErN4lQ7lADSD8gqeNzC7U6-6jyFYXx-ujUWczv2fy4PctC8uqsA-3DNlUKLAZVd_UbA0hEkvRsjo3 HTTP 302
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A5993991167863545809&exchange=193&google_gid=CAESEKuGF59TvU6MDoT4LklPTKc&google_cver=1&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOErN4lQ7lADSD8gqeNzC7U6-6jyFYXx-ujUWczv2fy4PctC8uqsA-3DNlUKLAZVd_UbA0hEkvRsjo3 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOErN4lQ7lADSD8gqeNzC7U6-6jyFYXx-ujUWczv2fy4PctC8uqsA-3DNlUKLAZVd_UbA0hEkvRsjo3
Request Chain 263
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDBL9E0g1wZ7WKT1_EkGx48&google_cver=1&google_push=AZmPxg_sm2OgaCZTAlyDXb-KINHV4giIzOfTnDTd4V8Octs1KlbKOKZzqIei5SsKJ_CnAclkehFzVWc_S3KLVlzqN5Zo1KhMf18q1Hfg1TgMjTuGAD9QdM2D1DVIaYlv_R3RJoQcySV6MMF2FM240o8kBRh6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjE2N2Y5YTItY2M5Zi00NWNhLThjMDQtNDJhZWJiMjAzYTM2&google_push=AZmPxg_sm2OgaCZTAlyDXb-KINHV4giIzOfTnDTd4V8Octs1KlbKOKZzqIei5SsKJ_CnAclkehFzVWc_S3KLVlzqN5Zo1KhMf18q1Hfg1TgMjTuGAD9QdM2D1DVIaYlv_R3RJoQcySV6MMF2FM240o8kBRh6
Request Chain 264
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEEKIWcPU1zdhAEdYuDpUxD8&google_cver=1&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQzhpfAMg9Rwt0ZLLXgj1lOhQ-XMg_X8uC7EWgwaXNbENATkdVG9WZovnDt4SF-6lzfhjhrCucLOzkq4bkpSpNSzpG4ZA3I HTTP 302
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEEKIWcPU1zdhAEdYuDpUxD8&google_cver=1&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQzhpfAMg9Rwt0ZLLXgj1lOhQ-XMg_X8uC7EWgwaXNbENATkdVG9WZovnDt4SF-6lzfhjhrCucLOzkq4bkpSpNSzpG4ZA3I&uid-set=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQzhpfAMg9Rwt0ZLLXgj1lOhQ-XMg_X8uC7EWgwaXNbENATkdVG9WZovnDt4SF-6lzfhjhrCucLOzkq4bkpSpNSzpG4ZA3I&google_hm=Mklnd2lIWUdMVDY=&suid-set=1
Request Chain 318
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 329
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4107310575917729857&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 330
  • https://match.adsrvr.org/track/cmf/openx?oxid=eae28b31-6ca0-71f5-e993-92213baf6211&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e7b7f15-67bd-407f-a491-9253efff8d18&ttd_puid=eae28b31-6ca0-71f5-e993-92213baf6211&gdpr=0&gdpr_consent=
Request Chain 331
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzLyWMCo8YAAAI9nd3AAAAAA
Request Chain 332
  • https://cr-p3.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCkCf5LqEZjks8ADsWuI7HhIc8AAAGDfwKrTA
Request Chain 334
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
Request Chain 344
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 347
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dapx%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=apx&refUrl=&vid=42832249943072848216820024000V10&ovsid=3288935868696266179
Request Chain 348
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dopx%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3072848216820024000V10&type=opx&refUrl=&vid=42832249943072848216820024000V10&ovsid=22cee2ae-c7a0-4b15-8adc-ec4f8940f0cd
Request Chain 349
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dr1%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6041044554 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/1e7b7f15-67bd-407f-a491-9253efff8d18 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dr1%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DRX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=r1&refUrl=&vid=42832249943072848216820024000V10&ovsid=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004
Request Chain 350
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=dxu&refUrl=&vid=42832249943072848216820024000V10&ovsid=OD3PA5z41ODa5N5
Request Chain 352
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D07179716-cb08-4d2a-8765-23c19061b62a&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=c2ba6332-f259-4c00-a2ab-7d6feae29c6e&expires=30&ssp=medianet&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a&gdpr=0&gdpr_consent= HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=07179716-cb08-4d2a-8765-23c19061b62a&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 353
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dzem%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=DLedyQr_5WhQjAZx4geI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKEJRSWI6KROJPTKV3IKFVECWTYGRTWKSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DEOBTGIZDIOJZGQZTANZSHA2DQMRRGY4DEMBQGI2DAMBQKYYTAJTWONUWIPJTGA3TEOBUHAZDCNRYGIYDAMRUGAYDAVRRGA
Request Chain 354
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3072848216820024000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3072848216820024000V10
Request Chain 358
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=907bed1b-a7d2-4b75-b159-8288ea3f9b92&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=07179716-cb08-4d2a-8765-23c19061b62a&ssp=adaptmx&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522801271404239827&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801271404239827&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Request Chain 359
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-9UdJFC1E2uGLFq2eZ2A4OdYHWbLFbZYsPJrR9qc-~A&gdpr=0&gdpr_consent=
Request Chain 363
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dsmartadserver%26uid%3D%5Bssb_sync_pid%5D HTTP 302
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=smartadserver&uid=7950373988733814251
Request Chain 364
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D907bed1b-a7d2-4b75-b159-8288ea3f9b92%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkU5M0JENjQtMDVCNy00QUI4LTlCRTAtRUMwQUU1REZCQUU3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 365
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=index_rtb&uid=YzLyVvF-2FR72Eq3gQssUgAA%264766
Request Chain 366
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=sovrn&uid=FYuFELZHu62G6_KdRGGNUIko
Request Chain 367
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dappnexus%26uid%3D%24UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=appnexus&uid=3288935868696266179
Request Chain 373
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1e7b7f15-67bd-407f-a491-9253efff8d18&dongle=0cfd
Request Chain 374
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjQwMTMyMDgzNjIxODg4MTM0MA%3D%3D HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 375
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDo0r6S7CBzvssEVokYos9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 376
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjQwMTMyMDgzNjIxODg4MTM0MA%3D%3D
Request Chain 377
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3642401320836218881340&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3642401320836218881340&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec&_noobservation=1&_expected_cookie=dc870435099feb30ed1f973d1ee4399c
Request Chain 378
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3642401320836218881340&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
Request Chain 379
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3642401320836218881340?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-f2u7pPxE2oS1YjXj7GZTDcpSnj_v545NsnwdDYbEXg--~A&dongle=0883
Request Chain 380
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3642401320836218881340 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3642401320836218881340&dcc=t
Request Chain 382
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=DKfJcvSiuFZ24wkyTxdf&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IRFWMSTDOZJWS5KGLIZDI53LPFKHQZDG&gdpr=0
Request Chain 392
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_i4cd9RtzPuVDDbmyg-EmMn5EUdSAgOZEtemQ7w0kco?csrc=
Request Chain 393
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLNzlCODAtMTktRDFYSg==
Request Chain 394
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e7b7f15-67bd-407f-a491-9253efff8d18&gdpr=0&gdpr_consent=&expires=30
Request Chain 395
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K79B80-19-D1XJ
Request Chain 397
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQkUKBz246bbfha-vuknZ4&google_cver=1
Request Chain 398
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTUyNjU3NTU3YTIxOGM4YzkzZmEzNTBjZTc2NGY1ZmUxNDhkYzFmOA
Request Chain 405
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 407
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=3288935868696266179
Request Chain 408
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Request Chain 409
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Request Chain 411
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004&rndcb=4583656758 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a&google_hm=MDcxNzk3MTYtY2IwOC00ZDJhLTg3NjUtMjNjMTkwNjFiNjJh HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBEYLjx4Buek3-1TrgHazyY&google_cver=1&ssp=adconductor&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a
Request Chain 414
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4796%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 415
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-84BgJn1E2uGDe79FTGa0anZWBak8mw8JXkMhuYA-~A
Request Chain 416
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-341c5082-1018-3d18-ac64-c1b2cd9121bd&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zNDFjNTA4Mi0xMDE4LTNkMTgtYWM2NC1jMWIyY2Q5MTIxYmQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMzQxYzUwODItMTAxOC0zZDE4LWFjNjQtYzFiMmNkOTEyMWJkMgIMBjgB
Request Chain 417
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-t9fhH4tE2uF4wUcoraq9lCFNS7Ei7vP2xc7U6mY-~A
Request Chain 423
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_cver=1
Request Chain 424
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e7b7f15-67bd-407f-a491-9253efff8d18&expiration=1666875226&gdpr=0&gdpr_consent=
Request Chain 427
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=724ad25c-b77c-bc1a-f8b9f5f4
Request Chain 428
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4107310575917729857
Request Chain 431
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
Request Chain 433
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2ba6332-f259-4c00-a2ab-7d6feae29c6e
Request Chain 434
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lJEws8SQNrWPmzOzxJYuuZTDMbePlGewkZLj86xw
Request Chain 437
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OD3PA5z41ODa5N5
Request Chain 438
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9CD9D5E126244C9884D0E9EF5D0D91F0
Request Chain 443
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2ba6332-f259-4c00-a2ab-7d6feae29c6e&gdpr=0&gdpr_consent=
Request Chain 451
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004&rndcb=3976548942
Request Chain 452
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OD3PA5z41ODa5N5&gdpr=0&gdpr_consent=
Request Chain 458
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9CD9D5E126244C9884D0E9EF5D0D91F0
Request Chain 461
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pO9ZAW3Srib4OwK5d-65w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 464
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTyKGm7_dO01divDNWSkCk&google_cver=1
Request Chain 467
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7b7f15-67bd-407f-a491-9253efff8d18
Request Chain 469
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LfzP8H39yfY29szwffvR-i2uzvQ2-ZjzKP-YSmLs
Request Chain 470
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4DTRXOdE2uUfgrj7SYnGZ7rRPr4qjhQ-~A&gdpr=0&gdpr_consent=
Request Chain 497
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=1e7b7f15-67bd-407f-a491-9253efff8d18

501 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
www.bg3.co/a/ 		49 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8e25dde8106762351943bd5779a5ead144989cd5f59851a79b3b2dc19b73fafc

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 27 Sep 2022 12:53:35 GMT
ETag
"c24a-GAH8tMaMsErN0icY3Cwx5khRLbI"
Expires
Tue, 27 Sep 2022 13:53:35 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72580
x-xss-protection
0
server
sffe
date
Tue, 27 Sep 2022 12:53:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"262efd4b6b76c562"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Sep 2022 12:53:36 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9655
x-xss-protection
0
server
sffe
date
Tue, 27 Sep 2022 12:53:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"8ff35979583bd4ad"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Sep 2022 12:53:36 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7581
x-xss-protection
0
server
sffe
date
Tue, 27 Sep 2022 12:53:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d4da8c7cd0fe74c1"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Sep 2022 12:53:36 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31959
x-xss-protection
0
server
sffe
date
Tue, 27 Sep 2022 12:53:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"ca421db8126f307e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 27 Sep 2022 12:53:36 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
43 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
HIT
last-modified
Thu, 22 Sep 2022 10:10:22 GMT
server
cloudflare
etag
"632c348e-aab9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KMpK3ceG9sY2oAcIDS98sLqlyLqc4Qg%2B8NduREwXxy2KnGF5JfqbAo%2BvaV%2BaYVxgJ7OTjSsy39QEfJ9NN6ifr8fefjPSKTlmvSM%2F6N5NR2mzFEodNAec3g9cTpkR9cjYvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
7514621a3a13a93b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43705
accept-ranges
bytes

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:37 GMT
content-encoding
br
last-modified
Tue, 27 Sep 2022 06:00:23 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=866
x-cf-geodata
AU
content-type
application/javascript
content-length
9571
expires
Tue, 27 Sep 2022 13:53:37 GMT
adpushup.js
cdn.adpushup.com/42753/ 		479 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:36 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:51 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=8
x-cf-geodata
AU
content-type
application/javascript
content-length
105414
expires
Tue, 27 Sep 2022 13:53:36 GMT
3f8b890a7933387ba44cbe26dc631d84.jpg
static.bg3.co/imgs/202104/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202104/3f8b890a7933387ba44cbe26dc631d84.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5620eb9ec18a2f7a0d61a1cf930dfe9619d3b62f72b1abd4b9fe543f6405601b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Thu, 15 Apr 2021 07:31:10 GMT
server
cloudflare
etag
"3F8B890A7933387BA44CBE26DC631D84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eu0GDocYyycidaYXfM%2BRmtXQVfh6bWQzaDGGzd%2FeF3FeGtxGlsi%2FazTVnIb54OV2gPd1aMKAuKTp6KgtzA1PxfiChgbafl87zDk8QdtCg3frfFSP07sjLSmjtCCEXrU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c081ea88c-SYD
content-length
4954
expires
Tue, 04 Oct 2022 12:53:37 GMT
e021c54ae2c270d8e1712017105f19ad.jpg
static.bg3.co/imgs/202105/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/e021c54ae2c270d8e1712017105f19ad.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad3b6044c44297d3a854168c0e1b239b8f33a8378aa7a6b587bca24570507b94

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 04:48:40 GMT
server
cloudflare
etag
"E021C54AE2C270D8E1712017105F19AD"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kl1ibpRcSSQNgybtvl066qqxKBSKol1Ek016CaX16ie0bZ8kroL1pP6FfkAQv5wJj%2FjiT%2ByfZGrvgdVs9W%2BL1ZwMs0PNBIo%2F%2B41LL1XeJmrZ17229u%2BG%2Fdf5UEl1Vm4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c0820a88c-SYD
content-length
5287
expires
Tue, 04 Oct 2022 12:53:37 GMT
7775b80ce1af501ab707c3f1a77a837d.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/7775b80ce1af501ab707c3f1a77a837d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e4ea762031bf16e0a19c6c0d2f9e8661f6c9178d2fae3551a71bb8158243c30d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Fri, 04 Jun 2021 10:31:14 GMT
server
cloudflare
etag
"7775B80CE1AF501AB707C3F1A77A837D"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V5K1wKJV9RV3t6nexzxDQylxCJ90yvpwvmQJI6iXIuDGIiqhVok2QMcv9LxlA6hqcMUySHGk2mFvfF%2B0WSy5NdZrEq6AOD9jJp91y0FP1XSLjDqYXdq18WDFPqb2SNY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c0821a88c-SYD
content-length
9241
expires
Tue, 04 Oct 2022 12:53:37 GMT
e7f4dd14d079f1b46e0f6b7323b6e7d1.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/e7f4dd14d079f1b46e0f6b7323b6e7d1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8da26c4e6b3457b3d4e61aaefd5ac48ea9924591e26f0987173689fb129715c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Fri, 18 Jun 2021 00:25:55 GMT
server
cloudflare
etag
"E7F4DD14D079F1B46E0F6B7323B6E7D1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B40hp2aMRwA8SlKeoDyD7NKt3nUoKTbFbkf0FnTBrOWkR4P0QUbZ9Y0xp7wcCF0cDOQx4aK9mvGbpwwwZ0m1DBRp1FwBfv6u5mxW49wAOIco8HA9KfEwsr2%2FiJKsKjQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c0822a88c-SYD
content-length
5645
expires
Tue, 04 Oct 2022 12:53:37 GMT
6904bbfb73f9cca0d65c2b14d438b0ee.jpg
static.bg3.co/imgs/202105/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/6904bbfb73f9cca0d65c2b14d438b0ee.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d09e39a96c3c742b5f7f2f54e40699adf108069ad58b436d07865ee0bcd741d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 04:06:16 GMT
server
cloudflare
etag
"6904BBFB73F9CCA0D65C2B14D438B0EE"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rOKX%2BgIFFahDA%2BcSuM%2Bm7BaFIAlB9ZIzOTs3XPNcol4M4VuT00M%2BYAWoi%2FFtiUwY2zMDkmxdzu7R7wLiKJX6Wb6%2FCt46kZdax3ATnEarlELmBu3vLaSzvc%2FCOusrO%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c0823a88c-SYD
content-length
4058
expires
Tue, 04 Oct 2022 12:53:37 GMT
b76be3bfdc187eaa66210797dd9a3e65.jpg
static.bg3.co/imgs/202012/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202012/b76be3bfdc187eaa66210797dd9a3e65.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c755724be5055fb0472428b4fed64b3fdfe05d8af86bc81f5dcfaa5c378df5d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Tue, 22 Dec 2020 05:13:13 GMT
server
cloudflare
etag
"B76BE3BFDC187EAA66210797DD9A3E65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LxXoX0CSX527AcZA4QyivrNqW9Sdn6jxv%2FC1qNoWlKLs%2F2c%2FeyqbmfOtbvuzN%2FQVCfh2HNlthRjzHLY5droMXyznIKd157TabS1lw8JxZRTm87Dis14VomP3Euk3lyk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c0824a88c-SYD
content-length
4457
expires
Tue, 04 Oct 2022 12:53:37 GMT
8deb92fd69efe31e24562efdd248d640.jpg
static.bg3.co/imgs/202105/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8deb92fd69efe31e24562efdd248d640.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77fb302b27dd77f8dea2f6bcd221c0fb7689a5e8bc138f03c2ecbd01d9f79b9a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 16:30:26 GMT
server
cloudflare
etag
"8DEB92FD69EFE31E24562EFDD248D640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pFfi9aBj7xqiRiwzv6xVPyFvVBIDtuSeQqssvtfkONNqgTDNSR%2BWjxujvpwy%2Fy0A%2FfJ%2BYQkR2%2BlVA1psM%2FVPt54Jpto87n9yXJpy9%2BUl%2Bmq%2B5IS%2BRXStmip8TbFsRqM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c4873a88c-SYD
content-length
5373
expires
Tue, 04 Oct 2022 12:53:37 GMT
03977bccd57186dd5b7f0bd552623d97.jpg
static.bg3.co/imgs/202105/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/03977bccd57186dd5b7f0bd552623d97.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88b9dba27157f5c56ac539bad88dac0b11f98bcff4e40bc0c6b24dc5a59ade35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Mon, 31 May 2021 03:41:16 GMT
server
cloudflare
etag
"03977BCCD57186DD5B7F0BD552623D97"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0bA9daR2oHYWsttQSjgQ7TFVya7LcjXE6wPtsbJSw76MVySLOMqaXFhfuPhmwVRMplqReKeXJW%2Fw4pLIFnQERoEgTArjmftgjRaggdxSUW4PKYv0j%2Bl6ble7hSfkC0U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621c4876a88c-SYD
content-length
8705
expires
Tue, 04 Oct 2022 12:53:37 GMT
8c4d947651555baf76c96107e02a6e03.jpg
static.bg3.co/imgs/202009/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202009/8c4d947651555baf76c96107e02a6e03.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cbd23ecf8a019a238192118da2cd5ae43d9aa1de9e1d84e3b719eda793ddbf5a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Sep 2020 18:44:17 GMT
server
cloudflare
etag
"8C4D947651555BAF76C96107E02A6E03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C90hW1h45PTI9qkPXtBVF5gMCFXAOCLfPqdzztrWPZAXt1%2B20W%2FuEolaoAOcMn9PJL96yHGrO%2FlU1imBZtN0mUnwIslTN57Uui0k9xsdV8HDNxIpPLnfgSHar16ePKk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621ca8dda88c-SYD
content-length
4706
expires
Tue, 04 Oct 2022 12:53:37 GMT
66d4a3748e5d611fcc7b3d8bcac89927.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/66d4a3748e5d611fcc7b3d8bcac89927.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fe91c9a5c9470d7a0d19416fbf8356eaaaebc1ad8872fc7a7cd257123a94cb6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 13:34:11 GMT
server
cloudflare
etag
"66D4A3748E5D611FCC7B3D8BCAC89927"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BYufyL8O%2BlqtiY2gCDCw2fzOaoMHn6w%2FqLHNM4kIqJhX11XUgUKrpI6UsIlopQomtz4pjXmtolNZDfLmXskHcJzNT1Qyo1UjO7otCdXTD8w0U9dy99xnuuwbeuFjRWo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621ca8dea88c-SYD
content-length
7401
expires
Tue, 04 Oct 2022 12:53:37 GMT
1ae6c67a3324e09dbb98873297597e65.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/1ae6c67a3324e09dbb98873297597e65.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1527e4267cd4018efd146f434a583c801fa948d20b34f729f6da42f7ef10e2c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Sun, 13 Jun 2021 15:31:57 GMT
server
cloudflare
etag
"1AE6C67A3324E09DBB98873297597E65"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQ20kFEHcUsewcDIfPd8LboRGNsPvt%2FjaVVi8ZfF1WbBF326KHOuKdw4p9QwMqzeTMShaDqRJIOYWWGLNiUQAf0OZi5tEZqPSAguONQJQB6IyBQzDJamp86ZFSlvsKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621ca8e1a88c-SYD
content-length
7695
expires
Tue, 04 Oct 2022 12:53:37 GMT
9ac8785c2c63d2dd94ff593b09625618.jpg
static.bg3.co/imgs/202105/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9ac8785c2c63d2dd94ff593b09625618.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b052a4648ee4c67a6905f834f6eacdc59eaefff57eb066f4f1c1e82e79a6bdcb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
cf-cache-status
MISS
last-modified
Sat, 29 May 2021 09:47:06 GMT
server
cloudflare
etag
"9AC8785C2C63D2DD94FF593B09625618"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTk3LoyZTP3maUOeXUVR7d%2FPB3Ej0CxgSFOH%2BfvPs%2B%2B2MCZEgqiTKvUN9JzKAoXV05ZIlD88lzi9liJyfRbhrmHlt471KJwTZVz1gVhALMTiwQVWcrvsH%2FOf6l0WUL0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
7514621ca8e2a88c-SYD
content-length
10710
expires
Tue, 04 Oct 2022 12:53:37 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2994
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ef33de73eae082fa"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:03 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
46524
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23079
x-xss-protection
0
server
sffe
date
Mon, 26 Sep 2022 23:58:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"a56a470e0e255659"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 26 Sep 2023 23:58:13 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		3 KB
998 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
a45df1dbc260a7778756594a4367e4bbfa8bac5112dfe42ab559cf98ed6d5846
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
549
x-xss-protection
0
amp-loader-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588099
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3841
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:31:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"b1ec7df2eb3636e4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:31:58 GMT
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1664283217.dop221.la3.t,1664283217.cds261.la3.hn,1664283217.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
620 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
5223
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6KGF3nISJmL6kl3KKbqzTFYr%2B1iLT2UVn3sKghG6pL6xKw39fKSka0TmrCRyhiiP9RCoQ%2FPjZOYgcWTkEEaYIfFcx%2FWvDG6tcR29ULABrtLmxRSXI3iRtHmZpDIu%2F%2BUFoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
7514621b9b6ba93b-SYD
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
b4b5656844966a3122372317ccccd0c50d77e02788029de460b25458d0067d4f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
b4b5656844966a3122372317ccccd0c50d77e02788029de460b25458d0067d4f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:38 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.905511843524675&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:37 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.7158698117794875&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:37 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:37 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1664283217.dop221.la3.t,1664283217.cds261.la3.hn,1664283217.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
35094
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10238
x-xss-protection
0
server
sffe
date
Tue, 27 Sep 2022 03:08:43 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d9aacf1c86bf072e"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 27 Sep 2023 03:08:43 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012209072154000/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
587801
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57918
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:36:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7c6c55ae06162656"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:36:56 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 03CC 		165 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
5bb82450e26c429df757bb93fc52581c6ae4a98b381fa364d150946289ac2218
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56636
x-xss-protection
0
server
cafe
etag
17192020856593533732
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 12:53:38 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame C516 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
7eaeb13dff9b342957d9fce0f6724ee30cc2b41b7fb1469f5ec51b8fb1f9ebb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40363
x-xss-protection
0
server
cafe
etag
16468152399533273584
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 12:53:38 GMT
gtag.json
cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012209072154000/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
588074
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 20 Sep 2022 17:32:24 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"cc10be84565b445b"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 20 Sep 2023 17:32:24 GMT
pb.42753.1663912421366.js
cdn.adpushup.com/prebid/ 		342 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
br
last-modified
Fri, 23 Sep 2022 05:54:31 GMT
server
nginx/1.18.0
etag
W/"632d4a17-5578b"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
content-type
application/javascript
content-length
94168
expires
Wed, 27 Sep 2023 12:53:38 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
618 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=4
accept-ranges
bytes
content-type
application/javascript
content-length
317
expires
Wed, 27 Sep 2023 12:53:38 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=2
content-type
application/javascript
content-length
17440
expires
Tue, 27 Sep 2022 13:53:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
31d439d16ef01195f644f8022157d60b7744af92a784fc3f40cada6759c994ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27787
x-xss-protection
0
server
sffe
etag
"1346 / 81 of 1000 / last-modified: 1664277095"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Sep 2022 12:53:38 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
538 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:38 GMT
server
nginx/1.10.3 (Ubuntu)
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQyODMyMTgxOTYsInBhY2tldElkIjoiMDAwMEE3MDEtODI0MGJlNmQtNWEzMS00YWMzLWJkM2YtMGQ1OThiNGIxYzAxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLWNhaS15dW4tbmFuLXpvdS1qaW4tbWVuZy1qaWEtbGEtZ3VvLXpodWFuLWNoYW5nLWh1by1kb25nLXphaS1tZW5nLWp1LXhpbmcuaHRtbCIsIm1vZGUiOjQsImVycm9yQ29kZSI6MCwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjQyODMyMTgxOTYsInBhY2tldElkIjoiMDAwMEE3MDEtODI0MGJlNmQtNWEzMS00YWMzLWJkM2YtMGQ1OThiNGIxYzAxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLWNhaS15dW4tbmFuLXpvdS1qaW4tbWVuZy1qaWEtbGEtZ3VvLXpodWFuLWNoYW5nLWh1by1kb25nLXphaS1tZW5nLWp1LXhpbmcuaHRtbCIsIm1vZGUiOjUsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpudWxsfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQyODMyMTgxOTYsInBhY2tldElkIjoiMDAwMEE3MDEtODI0MGJlNmQtNWEzMS00YWMzLWJkM2YtMGQ1OThiNGIxYzAxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLWNhaS15dW4tbmFuLXpvdS1qaW4tbWVuZy1qaWEtbGEtZ3VvLXpodWFuLWNoYW5nLWh1by1kb25nLXphaS1tZW5nLWp1LXhpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiI3N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZWN0aW9uTmFtZSI6IkFQX0xfRF9BUlRJQ0xFXzcyOFgyNTBfNzdhOWMiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiQURQXzQyNzUzXzcyOFgyNTBfNzdhOWMyMmYtYWMwMi00NWRkLTk2YmMtYjA4OTZhOGE3ZDVhIiwic2VydmljZXMiOlsxLDNdLCJhZFVuaXRUeXBlIjoxfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQyODMyMTgyMDEsInBhY2tldElkIjoiMDAwMEE3MDEtODI0MGJlNmQtNWEzMS00YWMzLWJkM2YtMGQ1OThiNGIxYzAxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLWNhaS15dW4tbmFuLXpvdS1qaW4tbWVuZy1qaWEtbGEtZ3VvLXpodWFuLWNoYW5nLWh1by1kb25nLXphaS1tZW5nLWp1LXhpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiJkMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzcyOFg5MF9kMWMxMCIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzcyOFg5MF9kMWMxMGE3Mi0yN2I0LTQ5MzEtOGNlNy05OWExOGViYmRiYWUiLCJzZXJ2aWNlcyI6WzUsM10sImFkVW5pdFR5cGUiOjN9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
317 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjQyODMyMTgyMDMsInBhY2tldElkIjoiMDAwMEE3MDEtODI0MGJlNmQtNWEzMS00YWMzLWJkM2YtMGQ1OThiNGIxYzAxIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL3FpLWNhaS15dW4tbmFuLXpvdS1qaW4tbWVuZy1qaWEtbGEtZ3VvLXpodWFuLWNoYW5nLWh1by1kb25nLXphaS1tZW5nLWp1LXhpbmcuaHRtbCIsIm1vZGUiOjEsImVycm9yQ29kZSI6MSwicmVmZXJyZXIiOiIiLCJwYWdlR3JvdXAiOiJBUlRJQ0xFIiwicGFnZVZhcmlhdGlvbklkIjoiOTY3NTAxMjUtYjkwYy00OTdhLTg2OTktNzMxNzFmN2I0OTM1IiwicGFnZVZhcmlhdGlvbk5hbWUiOiJBZFB1c2h1cCIsInBhZ2VWYXJpYXRpb25UeXBlIjoxLCJwbGF0Zm9ybSI6IkRFU0tUT1AiLCJpc0dlbmllZSI6ZmFsc2UsInNlY3Rpb25zIjpbeyJzZWN0aW9uSWQiOiIxMDRiMjgyYS1iZDExLTRkOGQtYWQ2NC0wNDkyMDYzYjZjYmEiLCJzZWN0aW9uTmFtZSI6IkFQX0lfRF9BUlRJQ0xFXzEyMFg2MDBfMTA0YjIiLCJzdGF0dXMiOjEsIm5ldHdvcmsiOiJhZHBUYWdzIiwibmV0d29ya0FkVW5pdElkIjoiU1RJQ0tZX0FEUF80Mjc1M18xMjBYNjAwXzEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:38 GMT
server
nginx/1.10.3 (Ubuntu)
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
block.jpg
delivery.adrecover.com/ 		631 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1664283218214
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.216 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-216.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:38 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=3
accept-ranges
bytes
content-type
image/jpeg
content-length
631
expires
Tue, 27 Sep 2022 13:53:38 GMT
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 49F5 		714 B
801 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4917
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
751462224f3aa83e-SYD
content-encoding
br
content-type
text/html
date
Tue, 27 Sep 2022 12:53:38 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JYu%2FuZ%2FPzJnTZ1U0kuSZc3Ji41raDQA7FWYvmm%2BI1B3Ors1iQ2Zf7HIjbfsYpK7jLj%2Biu%2BpyGABPBmrVIL5ERNZr2BPjhGwbov6%2F200zelIPuiBccZjDhc896v3R0d0%2Fcw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:38 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-3871203774624694055.ampproject.net/2209072154000/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-3871203774624694055.ampproject.net/2209072154000/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 047D 		714 B
758 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.4.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
4917
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
75146222cfdba83e-SYD
content-encoding
br
content-type
text/html
date
Tue, 27 Sep 2022 12:53:38 GMT
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VSlC7SsM4Sd403%2BVMGbQRIOgIQoaGDxFYAMWJ66ViLNpAIK7dOsratTaGgboKDkG0ZgP1mZHcT%2BiKnz1hgvLtbvvdBqDR0XfAb8KchkALbEyFbiawqVwS0ru6vq2LjUuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 49F5 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
50f7a56a78e29dc94dfdd9287c30c9bc5a3db5cb51d7639293972c2c930da5cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27792
x-xss-protection
0
server
sffe
etag
"1346 / 126 of 1000 / last-modified: 1664277239"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Sep 2022 12:53:38 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 047D 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
5f9ee71aeca80f0fe720f7f94fd7aff21a755a01c4f5da9d37c27dfe0a9017d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27788
x-xss-protection
0
server
sffe
etag
"1346 / 848 of 1000 / last-modified: 1664277239"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Sep 2022 12:53:38 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E4%B8%83%E5%BD%A9%E9%9B%B2%E5%8D%97%E8%B5%B0%E9%80%B2%E5%AD%9F%E5%8A%A0%E6%8B%89%E5%9C%8B%E5%B0%88%E5%A0%B4%E6%B4%BB%E5%8B%95%E5%9C%A8%E5%AD%9F%E8%88%89%E8%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-HKVMsDMfrlM3pK_x-aWfIg&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.366892583351655&gjid=0.9025939924533615&_r=1&a=5360&z=0.5145293740872989&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame 03CC 		347 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
bade9bd0d6a612ab26034b5da9aed184a9a7480854d9bd1ea82c482fbbdde48d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125489
x-xss-protection
0
server
cafe
etag
14734962863920805287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 12:53:38 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame C516 		347 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
3f85743f84f614812dd884868d5a18b17f5b25b54abebc33065f4b9834b5a81b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125489
x-xss-protection
0
server
cafe
etag
16244328163520333343
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 12:53:39 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame F9DE 		603 B
627 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-16181573952226916189&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=2790&oid=2&is_amp=5&amp_v=2209072154000&d_imp=1&c=3005360&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&ga_hid=5360&dt=1664283218400&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&bdt=2480&dtd=453&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:39 GMT
expires
Tue, 27 Sep 2022 12:53:39 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022092001.js
securepubads.g.doubleclick.net/gpt/ 		378 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:50:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7413
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131075
x-xss-protection
0
last-modified
Tue, 20 Sep 2022 08:35:08 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Sep 2023 10:50:06 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Tue, 27 Sep 2022 12:53:39 GMT
pubads_impl_2022092101.js
securepubads.g.doubleclick.net/gpt/ Frame 047D 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 10:52:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
439287
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131360
x-xss-protection
0
last-modified
Wed, 21 Sep 2022 08:34:49 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 22 Sep 2023 10:52:12 GMT
pubads_impl_2022092201.js
securepubads.g.doubleclick.net/gpt/ Frame 49F5 		379 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
sffe /
Resource Hash
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 11:20:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
91992
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131358
x-xss-protection
0
last-modified
Thu, 22 Sep 2022 08:36:30 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 26 Sep 2023 11:20:27 GMT
quant.js
secure.quantserve.com/ 		26 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
etag
"eN3sxSgaav0x5wHLxGB1gQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 04 Oct 2022 12:53:39 GMT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220927
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.85.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
35557
x-jsd-version
1.0.1475
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19138-FRA, cache-mia11375-MIA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66c-9lsaB8TCWeAdVdoa0IOXXG7dpP0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27XkTPyPU%2BfB58DF2qyRqnI96syRPrF4drMaMMbMmI%2FAmnxUB8ffKRU8QpXnZIW%2FqMHrb4nQh9qHZCnXZGWnP0JIXHc%2BN0G%2Fqh3J9jlBcmqUZ5DFR6ch%2FlU9yLkOiyQM4RE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
751462296c9cdfa7-SYD
auction
tlx.3lift.com/header/ 		19 B
504 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.19.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.77.174.116 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-174-116.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
accept-ch
sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		704 B
633 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=2409
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
48a7d4e90449311d990c5d7ad6669211dd384f7d1884494702413e07efd494d8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
c
prebid.a-mo.net/a/ 		486 B
821 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
467243afc5f6a7dea7c8de041fa54c14aef5850109905204f851631b247d3aa8

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
252
content-length
260
prebid
ib.adnxs.com/ut/v3/ 		50 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7ab3006709be0699a0f8b25db7eb5b0b48bd6d7b14b80abc67eeb2064bfc6353
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Sep 2022 12:53:39 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
0e98b990-8c01-4ee8-b34e-983f36e6c0b6
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
adpushup-d.openx.net/w/1.0/ 		173 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=c0ded20a-eef6-41ef-94a5-3f0a123235b7%2C7b4997c7-a477-43f3-af2d-6f08c09c1407%2C97d9e0ad-e465-4b0d-8f43-737bfb2ad22d&nocache=1664283219187&pubcid=394eb468-c527-4e02-b345-5ac95f8851ec&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
7655785fb0196f757e239eba870010bfb94ea3733862544d8ade08e5ff14e071

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=4c0ad353-a6f4-4656-8432-9604860423ae&nocache=1664283219188&pubcid=394eb468-c527-4e02-b345-5ac95f8851ec&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=0d49be95-5916-445e-828e-cf1f12a51b7f&nocache=1664283219188&pubcid=394eb468-c527-4e02-b345-5ac95f8851ec&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=bafab451-3ea7-4895-bf21-3a83a7dd0b46&nocache=1664283219188&pubcid=394eb468-c527-4e02-b345-5ac95f8851ec&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.49.155 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-49-155.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 27 Sep 2022 12:53:40 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
408 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
b44f35db0665a120f83b4ecc76a01ce7795eee33599094b61708196892aef4f9

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
175
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
1500be6905b1eefbeed0ccda832b3333e9faa768933fd3ea9fa80cc76eaddc2b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
172
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
4023a78b9351ed5d77b40518ea19b956e22f12456a081a57381e348765697db3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-prebid
pbs-java/1.100.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=394eb468-c527-4e02-b345-5ac95f8851ec%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&tk_flint=pbjs_lite_v6.19.0&x_source.tid=fc7c04ed-488d-43af-bca1-7171bf3fac76%3B339ab3e2-b2c2-40bb-ac13-1ce241c0a913%3B683db969-fbfa-4026-95e5-4b2397be6497&l_pb_bid_id=37e4b0823bbaf2e%3B38cfb82d14980d4%3B394f2666c85db8a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.8664610907035426
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
edce1a300144b585f0f38f8445a774023a91705519e27f0f2bc9a8b9701ef99c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:40 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
cygnus
htlb.casalemedia.com/ 		37 B
563 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%224054237da97aec5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A7%2C%22msi%22%3A7%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%224762a678f3af1b4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A250%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2250a5e2cd23b23d1%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A320%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%7D%2C%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A50%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22513a49bfe5f5283%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A120%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%7D%5D%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22394eb468-c527-4e02-b345-5ac95f8851ec%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ac1637bfdb59b90e677a399bd946dac9c7f83a5bc16a9e69b0bcd17206b3ee

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ht59Q9wVIAooZzBIeqq%2BvOE%2BeCBGbB%2FlVHrid4hYMIfJ%2F0g27Fjs8TaqAsVsl0eNRhfFC0j8bIUqa1%2BoI01%2FJXoFaAw9dhLkicxTE0fDlQotROA2okVol19Yn2XWenMgD08pY4iY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
751462299b18aac3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cygnus
htlb.casalemedia.com/ 		37 B
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%224054237da97aec5%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%226.19.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2250a5e2cd23b23d1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22513a49bfe5f5283%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22user%22%3A%7B%22eids%22%3A%5B%7B%22source%22%3A%22pubcid.org%22%2C%22uids%22%3A%5B%7B%22id%22%3A%22394eb468-c527-4e02-b345-5ac95f8851ec%22%7D%5D%7D%5D%7D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9ac1637bfdb59b90e677a399bd946dac9c7f83a5bc16a9e69b0bcd17206b3ee

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=opBOAxQjt6Fx7egFrHfYT0wDrMXvOKu5X9vNB5fxG%2F6WkUuRo4snMHh%2F0vf1ImYCj9Z79MYvj3ihESSNa1lWnQNBuIGh0yQExKRCY363lrnbjo6wpHHudeMVDxmbsoL7a%2FRrm0yV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
751462299b19aac3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
hbjson
grid.bidswitch.net/ 		24 B
361 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://grid.bidswitch.net/hbjson
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.117.18 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
18.117.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
f6bf149795ded856f14f9f46f675fe247b090f6290938327d46fd565a66b5a63

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 27 Sep 2022 12:53:39 GMT
Content-Encoding
gzip
Server
nginx
Content-Type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
Connection
keep-alive
Content-Length
49
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.19.0&cb=93106973711
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 12:53:38 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
prebid-request
onetag-sys.com/ 		15 B
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		3 B
516 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.35.127.185 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-35-127-185.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
via
kong/2.8.1
x-content-type-options
nosniff
x-kong-proxy-latency
0
p3p
CP="CAO PSA OUR"
x-kong-upstream-latency
6
vary
Accept-Encoding
content-length
3
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Accept-Encoding, Content-Type
expires
0
prebid
prebid.media.net/rtb/ 		1 KB
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
6cfb3e64ce6fd03c4d10ebae71f79da0c2c45fc2105c93ea0d106d91d4b7cc3a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
102
alt-svc
clear
via
1.1 google
cookie.js
partner.googleadservices.com/gampad/ Frame 03CC 		379 B
693 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
286efe3235d951358f9e0c5e6683ca287a374a1842eb6d367cfa56ad0df7280b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 03CC 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 03CC 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 524B
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-67.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1183
content-length
673
content-type
text/html
date
Tue, 27 Sep 2022 12:34:03 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 49b0629f9da8a770925ad02807586202.cloudfront.net (CloudFront)
x-amz-cf-id
Fo55KZwQt_bAs-RVEhuPCB6winByPy49_hu9gaEOcl1zmqicbJKjTg==
x-amz-cf-pop
SIN52-C3
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:39 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame C516 		379 B
315 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f155.1e100.net
Software
cafe /
Resource Hash
2e8c386b84ca9d69e512c2fdf44c6900d6a734d543c28eb6293e9fb250e30275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
246
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame C516 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame C516 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BB9C 		38 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
51d3be39742a8efd4897da5afeaac73ce0be3f4c719b23f8650a9a16915e6226
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
14287
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:40 GMT
expires
Tue, 27 Sep 2022 12:53:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		209 B
682 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.36 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-36.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:59:34 GMT
via
1.1 003b6042285e886f3f4d6afd190f633c.cloudfront.net (CloudFront)
age
3246
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
209
last-modified
Fri, 26 Aug 2022 18:04:08 GMT
server
AmazonS3
etag
"f6459e80de21135a46e02ad9e79f6802"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
QTL9Jezgrmpq7fT-u9NXui0cxiuDXUBPm5lYKrVDeO_KxOMQZ8McOA==
integrator.js
adservice.google.com.au/adsid/ Frame 49F5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 49F5 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 49F5 		492 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2221928534233017&correlator=3097157408378130&eid=31068929%2C31069948%2C31067825%2C31068920&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664283220150&lmt=1644386353&dlt=1664283218354&idt=1773&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=9uwdxebysl60&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=549040648.1664283220&ga_sid=1664283220&ga_hid=903910559&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
3e355ea14962cbde5493194f7eec3576b7bff533f2c66c2e738d600aa1d47b11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F205 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:40 GMT
expires
Wed, 27 Sep 2023 12:53:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 047D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 047D 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 047D 		492 B
267 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1432865179791868&correlator=809285506525130&eid=31068929%2C31069828%2C31069922%2C31068528%2C44769662&output=ldjh&gdfp_req=1&vrg=2022092101&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1664283220192&lmt=1644386353&dlt=1664283218420&idt=1752&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=kk493odwndmu&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1329450806.1664283220&ga_sid=1664283220&ga_hid=1922690555&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
422527cac3a98c4bdc6dbfed84102e0456b62a1a89fb0fdd04c409a4615cae2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
236
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EFC2 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:40 GMT
expires
Wed, 27 Sep 2023 12:53:40 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame B1C6 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CNqbnU_IyY_OiKbaS29gPpKuPgAqs1_3wZLT2qJPiC8CNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi00NDg1MjM5NDI1OTI0Nzg3oAGV9ZvfA8gBCagDAaoEqAJP0DKfL6tjoA2YyXddjL2Vx5X2pLdt92yi2Y6NYTiTSeD0ZTn-DCoPp2nsYJQWZbDmijJpa8Iom-nQepGAvEzqpqUUY-iNDue_4jLwE-yNhuh5CevXNkGcF0WfVeynZF855Dt5fFwDgSJXHGhMdXt5Bj7PbOFk80cTq4WD-xS8mYW0WeD0ELkG3dRSpnzn_fO0gB44Jvl-AOqa8YkIyLiroSc0QL86ePBH2B68G42NEA0WppBFWDsPGOWziX5X5W3gkySY7ZsEvbglGHLCf-3y7C0XzemTMZ9lLF8xaSrzigMIt5AM77K3RXL4BQtxTDjt1xnSMIoNJxS6OQKrRNl6u4NMt3330p_DwbszxfWjq04sbqupjCi6k4tuNAQ3dufHGYsXyNBQ-oAGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=FuSMANA5eGY&uach_m=[UACH]&cid=CAQSGwCsnQUxbl_oim7nlpK_H35nPVgyN0Zu99bHABgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 27 Sep 2022 12:53:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Sep 2022 12:53:40 GMT
log
hblg.media.net/ Frame B1C6 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=8.8083505E-4&viewability=43&device_id=4&cbdp=0.02&slotVisibility=2&dn=bg3.co&acid=113a58fd3824446a9c86d2d6a529c738&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-5db8d86554-pck4d.SG&ogbdp=0.02&prvReqId=50811505806729_1244564296_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&scrid=1700080812610100250025000000500&mang=1&bidrestime=1664283219827&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:40 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 27 Sep 2022 12:53:40 GMT
log
qsearch-a.akamaihd.net/ Frame B1C6 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=2.0&adtyp=0&req_id=YzLyUwAL1NsKltYFzgjp-Q&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=a&f_seg=&url_l2=qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.4300&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-NSW&send_erpm=false&sd=0&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html%2F&bidrestime=1664283219827&cc=AU&strg=no_strategy&ss=&current_hour=12&time_stamp=2022-09-27+12%3A53%3A39&rvshhon=&bdp=0.0200&ct=beaconsfield&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=113a58fd3824446a9c86d2d6a529c738&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.14.1&totalTimeBucket=1&visibility=2&totalTime=1974750&dmm_m1=2022-09-27+12%3A53%3A39.829852378&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-5db8d86554-pck4d.SG&dfp_bucket=0.0&adblk=2365071409&itype=adx&pvid_seat=313_BID_API&cliIP=2918568192&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:40 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 27 Sep 2022 12:53:40 GMT
nmedianet.js
contextual.media.net/ Frame B1C6 		162 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2536acef89667d5c2ac900a0c0e2b0e4e7746075c2dd01ce9656c3f82b8242b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
22-bsmd
content-encoding
gzip
server
Apache
etag
"e913589606adf2678f959cd558147c31"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 27 Sep 2022 12:53:40 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-9
expires
Tue, 27 Sep 2022 12:58:40 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame B1C6 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Tue, 27 Sep 2022 12:53:40 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=25385
access-control-allow-credentials
true
content-length
62892
expires
Tue, 27 Sep 2022 19:56:45 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame B1C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2063
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:19:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame B1C6 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
302
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:48:38 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B1C6 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:40 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI0MTQwNDhfMTY2NDI4MzIyMDIxMyIsInVzZXJJZCI6IjY4NTY5OF8xNjY0MjgzMjIwMjEzIiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiMjMwOTI1XzE2NjQyODMyMjAyMTMiLCJwYWdlUGF0aCI6IiUyRmElMkZxaS1jYWkteXVuLW5hbi16b3UtamluLW1lbmctamlhLWxhLWd1by16aHVhbi1jaGFuZy1odW8tZG9uZy16YWktbWVuZy1qdS14aW5nLmh0bWwiLCJob3N0bmFtZSI6Ind3dy5iZzMuY28iLCJ1cmwiOiJodHRwcyUzQSUyRiUyRnd3dy5iZzMuY28lMkZhJTJGcWktY2FpLXl1bi1uYW4tem91LWppbi1tZW5nLWppYS1sYS1ndW8temh1YW4tY2hhbmctaHVvLWRvbmctemFpLW1lbmctanUteGluZy5odG1sIiwicGhhc2UiOjAsInVzZXJUeXBlIjoiTkVXIiwicHJldmlld1ZhcmlhdGlvbiI6Im5vUHJldmlld1BhZ2UiLCJleHBlcmltZW50UGFnZSI6ZmFsc2UsInRpbWVzdGFtcCI6MTY2NDI4MzIyMDIxNH0=
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvcWktY2FpLXl1bi1uYW4tem91LWppbi1tZW5nLWppYS1sYS1ndW8temh1YW4tY2hhbmctaHVvLWRvbmctemFpLW1lbmctanUteGluZy5odG1s.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvcWktY2FpLXl1bi1uYW4tem91LWppbi1tZW5nLWppYS1sYS1ndW8temh1YW4tY2hhbmctaHVvLWRvbmctemFpLW1lbmctanUteGluZy5odG1s.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
42.99.140.200 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-140-200.pacnet.net
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 27 Sep 2022 12:53:40 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=27, origin; dur=214
content-type
text/html
content-length
555
expires
Tue, 27 Sep 2022 13:53:40 GMT
pixel
pxl.qccerttest.com/ 		35 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pxl.qccerttest.com/pixel?r=1375099669;fpan=1;fpa=P0-2035160769-1664283220485;pbc=394eb468-c527-4e02-b345-5ac95f8851ec;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;ref=;cm=;gdpr=0;d=bg3.co;dst=0;et=1664283220485;tzo=0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-119.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 03:52:34 GMT
via
1.1 265469026e8f406d053e31b75a003ea2.cloudfront.net (CloudFront)
x-content-type-options
nosniff
age
32467
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
strict-transport-security
max-age=31536000
content-length
35
x-xss-protection
1; mode=block
referrer-policy
strict-origin-when-cross-origin
last-modified
Thu, 04 Aug 2022 16:01:04 GMT
server
AmazonS3
x-frame-options
SAMEORIGIN
etag
"55d25e9dc950d5db4d53a3b195c046c6"
vary
Accept-Encoding, Origin
content-type
image/gif
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
1UYmD2-UNX3E0tmU8OJQnV94RWGI_z8ylUwXHmO-u7S4f2jDm9yo8g==
pixel;r=1631449746;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1631449746;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=0;fpa=P0-2035160769-1664283220485;pbc=394eb468-c527-4e02-b345-5ac95f8851ec;ns=0;ce=1;qjs=1;qv=d18171e5-20220913105912;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1664283220487;tzo=0;ogl=;ses=c69cd96d-080f-4f16-ba17-340913667ad5
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:40 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 524B 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
7eaeb13dff9b342957d9fce0f6724ee30cc2b41b7fb1469f5ec51b8fb1f9ebb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40363
x-xss-protection
0
server
cafe
etag
16468152399533273584
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 12:53:40 GMT
js
www.googletagmanager.com/gtag/ 		209 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
68ac1f4395952c35baaffb4d95234b15fb64d6157b61895a2483108ca092bb62
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
74946
x-xss-protection
0
expires
Tue, 27 Sep 2022 12:53:41 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9xaS1jYWkteXVuLW5hbi16b3UtamluLW1lbmctamlhLWxhLWd1by16aHVhbi1jaGFuZy1odW8tZG9uZy16YWktbWVuZy1qdS14aW5nLmh0bWwiLCJ0aW1lIjoxNjY0MjgzMjIwNjU5fQ==
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
server
nginx/1.14.0 (Ubuntu)
sodar
pagead2.googlesyndication.com/getconfig/ Frame 49F5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
399193e51094974aab4f7cecd1e10475551d02d66f052aa203b2d90dbeebd261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11203
x-xss-protection
0
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/ Frame 524B 		347 KB
123 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
d6f7f1af393c534a521f2061445f89219cba91e55120ad9fed345c5cbdfb5eda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
125489
x-xss-protection
0
server
cafe
etag
10887222105629057605
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Sep 2022 12:53:40 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 047D 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092101&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
9a6c995c3f36c0cf7d1fb8c328ad8ba97f12e8fb607f6ba6225cb30d48be5c2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11087
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 524B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 524B 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 13C6 		17 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
668ff9f11fa6f278b264f559017fc21d46165b19098f3e23b48ddc22ae326b1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
9279
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 49F5 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js?cb=31069948
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 047D 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092101.js?cb=31069828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:41 GMT
smtr
contextual.media.net/ Frame B1C6 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&nse=5&vi=1664283220692023791&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44Ngq/qBa&bcpf=B448fOnRrolnfOur8Ngq%2FqBa&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D47%2Cj3%2C150%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2Ccy%2C149%2C4k%2C13a%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p0102089615t202209271253&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=NSW
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fa6a88f263785173fe79401c4a49c6e137916359fa7e3dd8e747ef9a45dff385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Tue, 27 Sep 2022 12:53:41 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
22-p5br
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33557
x-sc-w
22-tx0f
bping.php
lg3.media.net/ Frame B1C6 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=606&&vgd_cdv=803&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1664283220692023791&ugd=4&lf=6&cc=AU&sc=NSW&lper=100&wsip=2886781035&r=1664283221447&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=54203&vgd_rakh=1664283220108955731&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p0102089615t202209271253&vgd_pgids=1&vgd_uspa=0&hvsid=00001664283221444029185682006354&gdpr=0&vgd_l2type=sca&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 27 Sep 2022 12:53:41 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=22309
content-length
15
checksync.php
contextual.media.net/ Frame 0688 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d61a19b40876ff27c3d5af7857b9cf0ff937d0d978512ed80b14bcf32900a014
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 12:53:41 GMT
expires
Thu, 29 Sep 2022 12:53:41 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame B1C6 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4904&lmt_enf=true&req_mtype%3C%3E=0&mx_bsProfileRa=0&mx_nsz=3&spSource=0&ifst=0&vid=YzLyUwAL1NsKltYFzgjp-Q&s_city=taipei&ugd=4&bcat%3C%3E=10368%23%2311009%23%2310437%23%231000004%23%2310508%23%2310445%23%231000031%23%231000030%23%2310130%23%2311669%23%2313525%23%2313589%23%231000024%23%2310648%23%2310080%23%2310086%23%231000037%23%2310539%23%231000036%23%2313612%23%2313740%23%2310031%23%2313423%23%2310544%23%2313425%23%2311321%23%2310106%23%2310366%23%2313566%23%2313439&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=8.8083505E-4&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=83432a40&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=43&renderer=1&be=0&rtime=12.0&adj0=0.0&tmax=300&s_ip=172.217.42.1&adj2=0.0&adj1=0.0&feedback_id=YzLyUwAL1NsKltYFzgjp-Q&adtypes=0&mx_aabpc=0&reqid=YzLyUwAL1NsKltYFzgjp-Q&sc=AU-NSW&mowxReqId=113a58fd3824446a9c86d2d6a529c738_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&bidrestime=1664283219827&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-40-1&coppa_enf=true&bdp=0.020&ct=beaconsfield&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=54203&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=113a58fd3824446a9c86d2d6a529c738&actltime=19&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C48%7C16%7C17%7C18%7C114%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=0&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=3&itype=ADX&mx_g_one_uid_sent=None&spCst=0&mx_sid=8CUABW64L&tgtval=pub-ADX-101418826937&__expireat=1664283820081&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&dummy_vsid=false&cbdp=0.02&pvdTmax=253&ltime=18.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=50811505806729_1244564296_52982010413131&zip=2015&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&mx_bsBucketRa=0&rtttime=25&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-84b677f844-4dvnj&currsrc_date=2022-09-26+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-09-27+12%3A53%3A39&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=2&dbf=1&gdpr=0&gqid=AMVB_Pm00OJtTgXV6f_TS_b3O_sKaMQZtzsCDQKX5Vg3h3-AjuSbbxBkmiz0Nm0huJS8TdKT&dmm_ogerpm=false&csip=rtb-common-istio-5db8d86554-pck4d.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.43~vis_sd%3D656~dc2%3D1~scd%3Dnsw~v_asn%3D54203~vl2r_sd%3D2022092708~iurl_b%3D102564.1~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.23~ip%3D3bw0Uw~fbb%3D0~vis_url_l%3D30~riipua%3D44%2C44~et%3D8~rc%3D3%2C106~rps_sd%3D2022092708~vis_b%3D393.67~url_b%3D0.01~url_tvi%3D0~smm_wr%3D77.4502~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~MFB%3DB~bm%3D1.05~smm_sd%3D2022092704~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D0~uid%3D1HeXvDnxHfoirxdZO9~btd%3D248904513883016793927503823885124847005103449039457561000324097414201799369022072225792~d2p_l%3D60~3pcf%3D1.19~uim%3D14058~dmm_strg%3Dno_strategy~d2p_b%3D0.65~ogd2p_b%3D0.6~vurl_b%3D0.06~ss%3DNA~uiw%3D97~ce%3D0~rps_b%3D20.49~vurl_l%3D50~CI%3D2742~nts%3D3~tb%3D-1~ct%3Dbeaconsfield~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D16.87~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.53~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.43%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3D%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D8.8083505E-4%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D253&utime=1619&sf=0&cpr=0.5149567934207304
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&lmt=1664283219&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283218893&bpp=11&bdt=1704&idt=621&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=7889926481908&frm=23&ife=1&pv=1&ga_vid=1306812529.1664283220&ga_sid=1664283220&ga_hid=1316865226&ga_fc=0&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1258&biw=1600&bih=1200&isw=336&ish=280&ifk=1678949064&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531706%2C31062930&oid=2&pvsid=3553646191836451&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoEbr%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.ko81qr43k9te&btvi=1&fsb=1&dtd=636
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Tue, 27 Sep 2022 12:53:41 GMT
server
Apache
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 27 Sep 2022 18:53:41 GMT
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f155.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
24 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=383667811291507&correlator=3604515324455203&eid=31069923%2C31069927%2C31062931&output=ldjh&gdfp_req=1&vrg=2022092001&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D743af69d78aae0f%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D75d45dff78bc20b%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D76a900528f568fd%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3D9dfa64b2e39a5463-229b20b8bad6005b%3AT%3D1664283219%3ART%3D1664283219%3AS%3DALNI_MbtjZsxf0IhgYvnMMQrOCQjLvWg3g&gpic=UID%3D000009e4cfbfe4a9%3AT%3D1664283219%3ART%3D1664283219%3AS%3DALNI_MYQbgk03bQdiWD_VzdZdymIVAU4tQ&arp=1&abxe=1&dt=1664283221518&lmt=1664283221&dlt=1664283215920&idt=3724&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=37347630.1664283222&ga_sid=1664283222&ga_hid=5360&ga_fc=false&ga_cid=amp-HKVMsDMfrlM3pK_x-aWfIg
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
cafe /
Resource Hash
e3481e3ad9c4d4fe99f4547a9683a78f753d2d4115d1d141fd739fb1b32e8220
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24686
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C2A2 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:41 GMT
expires
Wed, 27 Sep 2023 12:53:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=5360&cid=37347630.1664283222&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664283221&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&dt=%E4%B8%83%E5%BD%A9%E9%9B%B2%E5%8D%97%E8%B5%B0%E9%80%B2%E5%AD%9F%E5%8A%A0%E6%8B%89%E5%9C%8B%E5%B0%88%E5%A0%B4%E6%B4%BB%E5%8B%95%E5%9C%A8%E5%AD%9F%E8%88%89%E8%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B1C6 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80b234fecd8f5fd67db7b9aee504cbee6893d71598a9fc2fb4385f2d3a0c8c54

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
cksync
cs.media.net/ Frame 0688
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA3Mjg0ODIxNjgyMDA3NDAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDjuQbZ4_rO1CLywAatpjbs&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDjuQbZ4_rO1CLywAatpjbs&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEDjuQbZ4_rO1CLywAatpjbs&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 0688
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1e7b7f15-67bd-407f-a491-9253efff8d18
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1e7b7f15-67bd-407f-a491-9253efff8d18
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:42 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=1e7b7f15-67bd-407f-a491-9253efff8d18
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
gen_204
pagead2.googlesyndication.com/pagead/ Frame 13C6 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BpXk70RN23vnN1LKZ1xn8F6bb1fyNSomGY9tbWLKTHuZYoq1dH1AQobPjnkrKDtimGIx1LlIwE0xrjiM5oqhvkQTbzlyeE_SMv2Fnx_bjOtzZKITQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 13C6 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2064
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:19:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 13C6 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:48:38 GMT
l
www.google.com/ads/measurement/ Frame 13C6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT0AiUi3WJtSsS1w4YhE08F8lRHAY8pfWnDAeTkp4D2D3XiAJEWF4ABnXjMT3uSFP38XaSmGr4RxMrnjWEXgNreiwoGEQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 13C6 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:41 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FE9D 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN_sjwEQqLvoAhis-MTSATAB&v=APEucNVYxGG9DQIz4vAX5bJpfH27dNADTPwjdp34HXIHTthyt_25G1Rhf2VabqPeBf6AhGdKSzIiSjmZvrfQJkIGPncuVhW-XA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 13C6 		79 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIG-RyOzwF79n3eroX_PORhQ5RErKT9ZHR9EhHWox19AjR3aeb2NpHjc_CGDMOSZJYViOb0o-v61OqQMcJHIRMR3jN3w&cry=1&dbm_d=AKAmf-B1PIPAJU4vd-ke-Lyhwa34zQoyeVyyM-OgOFu-E1OUDVafF9yf0o8Is1X6jpQm2TAb6qf_OPfxdotDfZ0RqtCgfDiHAVslL6Rzx5Zl6utirt6Rh0_1y1DUrW50UrMW6ooV3O8RVtnebqfqLVXsB_wP1m9LnESswGBhYy6L2B8pOjrirRrzGzqB-IRUGZnT4Q7KPW_sgWKSPxKJis0uNYnqw_GcB0nwsgFexLH3wnFmabKtYUeOG8PJfneVUmdUGi1shYEf37yagINjrJomnxnOg6bs5Pq08v9bmzHHAuVwSrlUFnYKfCTQKZYd0fva7-ie_JKf53_kh0m2jMQwtF1_6o-r9xFmbkmJ2__UcVRJBxG9uOSLSCkTFFeqNkuvMTx2MKy3o1-Noj8AcLudtrzsEfbXIQmRLlAnp8ReVwdwm64P8CjqCQBUl1Kz37eMW375pI4Zqboi7AELUiq8634SiFeVgxn_6QBzRJJaDvNwF4fdMH1h13AWGZ0jE0l70D1xldOFcwkNdsmm4yphhODYtYZ0ekBac3VPeFGT8pFjCSMoqCCxDugKOoS4tbzMckwW0uPl7r44r1QGvGDhBbsxwkmnpjXgYzknXTzvWaQYIoFvDjZMBkeCTbLv47_LCtmPFGAlaSzHUN7w2wDShiNIeII8Hh_pD97cAAowoLEwD6Ck4NwNSa7L6RWManLRxfQwqItazAJO9WpscwJ1zXSZXjtptyZY1YHSMzq1vTrEcDV_amkiKkSGECaMceBj0-T__3bhdTzkWG6vJGDqgwpZKK7mad2G-WYcEGfkVI2IkhSaTm57ndVYJI6pwKP1hp4Vs70_IJGZyT0-IPtfKqNan26AuErKOS18h-N9SSrvN4JYhjHj9TM5frIP76hP-zl8VUzwwrIXfD0rgZKtDWKRmcUj1u04gavsYZaJ-wqt0O_nLVuO8boeu2gUu1Ix-yVFhSc1pU6LhWC93pQ5RWMJ6aIbOQxLr3QBoIEms-FoaXWvrIDpyNjCfC_pP3yVkLbAmkikRgcqfCM4TXKusbVjTDQ7WBdz4HNmQz_3d-bD_jX3ir0iM__XjVOk7cyA5t14rpYBurd51I0nrnVltp3KIjJPJ0IZFIMTYqllKJl48BTbMl_pHbDIpijR__2--X3R7v9NvYftq1BIzAqX_HZItVvwWYh_Kx68M51WlXgFjktTvkuISgnYDytU_chRObKlfAqrUP24ja8BnrhYt5Urz3Y7ORZ0SR_TvSqf3uQhf2F6207kRbLqhg1xQA0Tl1Iap6Fvj1rK7gIRzh_7nO6X-jvPFtKh3j76wXLAoq1G5RUrNlz7WSwrwpPIFMcgSWNS_FsUFUMQPRtrNhZblPf81dP2jG0eZJJtpH-q16xPObhoEL0KiMTa03nTToHjXuAhwIDXTPsBY4uWnlcHqcgswg52scaVcE6_IZWZKaLYe-bQxfTpXJxxsAlakWvmlhlO3BUicaahcViEfTxtMNbauFiTp7bZ2DY-i6StJ5PVc3mskGIm2ekprgExPhnmfWAyejkyWd0b-g0Chq8csONyS4aQOr6nOh73keKsifzARySjryGvEy4drLINoTlOR_lkjRRyhxjFZYEI-byLNQjjsjRJQ24kClvy-kxk2GNupv-kryrgxjUOTcej63yzntHGyOtBK6cFR6gJscn49QJe1e4a0WAMFbcQdJtTZFeWOyI6TogouvC7DKCXDxA16hUj-qQF1a-ECRNo2kF8BUV_1n_46CfB2brNHXhlSz8Qq3GMeeRKo1s5vLCtJ7IwwNaaleCPQnaamIkLmmuzBzldIEOpSfu8-CiLq_0C-QZY-hawltJPHlA4TreYK_F8kXFTknZm1oqZEYvMttV750vCGnPqfVqwg7jQRiXo-6d_aFv2SC8G6YQc2fWbFBuSOzspFRMa-v4k6R5jFDTt_amEDcHUHuU0Fa_YCHmHUaR8sk39iR_V4ldHHwJCsFkBOPA5jHYMxqOVwerMXy1F76xMZqRltg3kjnqjoeq2_MW4DjuCt8yv-J_vkhvQY_klyyEePVQcdeEeUYtp9rJa4Y4nWq0Zl5ClTJ7RtayGEu7dbM0QXiWWiQCINEVPUbSgh0UwzZ8F2Nqp6AUHGJYndvMZivOIm9s1tZMicKaDMzQO_VSpqF30N6tZpbNIafiEJaevtmu4LrRo2c2N_DU0O-IpDQmEqstBRcCQbRxjSnl-jAZotearHmNnvrfyCRt765t6P5kzo1niuLtKya2pZ-hmRbSduvQ7DgONxdsvMtkgpUJXpeUgPTc9WyF8wDQ0gcC_DHGja0lLbV_8be9vYFRM6HgPsVtqygjjBtPZLG7-xInc8sDGibIMUQpvJb6d1geknuPyr87U2CKZNZaNzXCnFnZ6GeRNyNehLN7bVBZf-10RVWoG5iNUBw7iu98pboyv9K7GTatKWBgBWG9Z6NWcEK-lvLZPJSl-t1FYCLNCn8mZO3ZHO-pV2Q1gUccoKltEFpkjLZS7iBoIwuar2v3cHrhxKwygLtKvskRoZ4plfzaUzeFLlXxhjnnWLuj2WW8qHN598ENHaVKzT2tcnlf2MdZEfzFNRyiK7S6w-fnnoynQJAc-yhuDNBt_IDdxa_AFmj4cAGIj_1pHshio0KJOxiopZrUsPMJ7rgH-LhxdBkj6byvzssiGW9THGT-HUPulYrEA-kqYNicgUv1lSyBwswaeOIQ5Sli6o2mP8TNuFi847dCMqpeXDlZeiio_9ebdvQRYgMjry9e5S5dNkpdHj4HyQHtbY8jp2t4fkAwH-A_ZR2hKWJRkqrTTKPs_yn0QL5puIS6jNtH9ScajhigojhFCVMFmYZPr_D_T9EPR-hpmlOkiWTD-bTjgApedGLwSfwRJsLg0bRwsgfQz_92kCXYgvtG3WhFfTiQcwQtaHRRHQyc455iFixq4X1Z2b1-j8CKeIkzJs5YIAfEd_op068MYs2W517u4QfqRtMbUZq4n1m8&cid=CAASEuRocVmtMH0aN9Ou1xUkvOGO8Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
c6865c7c17735f12fd9c9fd7dee44970c1603c4d85ea86102de3414a7126e212
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33818
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 085C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
17341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:04:40 GMT
expires
Wed, 27 Sep 2023 08:04:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 3A01 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
e96ad1f3048de3076f4d19860c329506d3cd75b856ea435b3fd605c84bca18bb
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-bIhy7tXLLoaivzQl6DXXVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-bIhy7tXLLoaivzQl6DXXVg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:42 GMT
expires
Tue, 27 Sep 2022 12:53:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame E974 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
17341
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:04:40 GMT
expires
Wed, 27 Sep 2023 08:04:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 15BF 		783 B
743 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
b824581f5051ea1da1a633474bd121f0fec264f27613ae459d098fda36dbf58f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dy2AZIlOw9FE5VU8laR5Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-dy2AZIlOw9FE5VU8laR5Bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:42 GMT
expires
Tue, 27 Sep 2022 12:53:42 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
rum
dsum-sec.casalemedia.com/ Frame FE9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1&C=1
43 B
842 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN_sjwEQqLvoAhis-MTSATAB&v=APEucNVYxGG9DQIz4vAX5bJpfH27dNADTPwjdp34HXIHTthyt_25G1Rhf2VabqPeBf6AhGdKSzIiSjmZvrfQJkIGPncuVhW-XA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
7514623d9d4daaea-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lSTe7j74X9xuBuBSUdyjmHtwuNAEcpmJwIw%2FI3Tln6SqU6ejiAw8E1Ae9WZ6Yn89nXRVARI6JKPVfUqRQ1KaQ9jWKcfWWbjvGdw0Mn98jQskJrSC%2FR%2BVdcNPfM0160iGFHB22TcVNr5e3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ARIfvOHkMHiLRvhx5K5M8wZL0P4uYP1LZ%2F7%2F5f50GEk8qVe3%2Bf%2FZvq8Z0D4CfzaMpEYXUA7baInBLYA19pWio36i998y4ilKCd4Y1cNxxpN6pyHPc5j%2FGx7CWzDzzwqaCGxH9jmjyKmjiA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1&C=1
cache-control
no-cache
cf-ray
7514623c3b63a95b-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
rum
dsum-sec.casalemedia.com/ Frame FE9D
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzLyVvECjwNmHupSHkQcYAAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1
43 B
847 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN_sjwEQqLvoAhis-MTSATAB&v=APEucNVYxGG9DQIz4vAX5bJpfH27dNADTPwjdp34HXIHTthyt_25G1Rhf2VabqPeBf6AhGdKSzIiSjmZvrfQJkIGPncuVhW-XA
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
75146241286daaea-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aaDNYD6v6keJgfZpRRNK0a3adPIKZpbg26ymDZVEVJUhUWAbNTRqacubXur%2FqGmcih%2Fdz3BNkex7TXcMkI%2B1rkqZolk%2FQXV%2Ftc5hCLlSjC2c06MFyU4tRvq9LQxJlc5%2BSIB6bjMGbKLXXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECwHWBAKQw621N4SVm9Sg2E&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FE9D
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFSNqoBNnTcLbabYVWj9XG4&google_cver=1
43 B
1016 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFSNqoBNnTcLbabYVWj9XG4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN_sjwEQqLvoAhis-MTSATAB&v=APEucNVYxGG9DQIz4vAX5bJpfH27dNADTPwjdp34HXIHTthyt_25G1Rhf2VabqPeBf6AhGdKSzIiSjmZvrfQJkIGPncuVhW-XA
Protocol
HTTP/1.1
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:42 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a22bcb62-271d-4511-b9c2-33502f94f2e8
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFSNqoBNnTcLbabYVWj9XG4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FE9D
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4ODkzNTg2ODY5NjI2NjE3OQ%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4ODkzNTg2ODY5NjI2NjE3OQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN_sjwEQqLvoAhis-MTSATAB&v=APEucNVYxGG9DQIz4vAX5bJpfH27dNADTPwjdp34HXIHTthyt_25G1Rhf2VabqPeBf6AhGdKSzIiSjmZvrfQJkIGPncuVhW-XA
Protocol
H2
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:42 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
505eadae-6cd4-4b15-8e11-b160af40c437
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzI4ODkzNTg2ODY5NjI2NjE3OQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 085C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame E974 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
container.html
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F046 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:41 GMT
expires
Wed, 27 Sep 2023 12:53:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EB1F 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:41 GMT
expires
Wed, 27 Sep 2023 12:53:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0338 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092001.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:41 GMT
expires
Wed, 27 Sep 2023 12:53:41 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 13C6 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Origin
https://googleads.g.doubleclick.net
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 13C6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIG-RyOzwF79n3eroX_PORhQ5RErKT9ZHR9EhHWox19AjR3aeb2NpHjc_CGDMOSZJYViOb0o-v61OqQMcJHIRMR3jN3w&cry=1&dbm_d=AKAmf-B1PIPAJU4vd-ke-Lyhwa34zQoyeVyyM-OgOFu-E1OUDVafF9yf0o8Is1X6jpQm2TAb6qf_OPfxdotDfZ0RqtCgfDiHAVslL6Rzx5Zl6utirt6Rh0_1y1DUrW50UrMW6ooV3O8RVtnebqfqLVXsB_wP1m9LnESswGBhYy6L2B8pOjrirRrzGzqB-IRUGZnT4Q7KPW_sgWKSPxKJis0uNYnqw_GcB0nwsgFexLH3wnFmabKtYUeOG8PJfneVUmdUGi1shYEf37yagINjrJomnxnOg6bs5Pq08v9bmzHHAuVwSrlUFnYKfCTQKZYd0fva7-ie_JKf53_kh0m2jMQwtF1_6o-r9xFmbkmJ2__UcVRJBxG9uOSLSCkTFFeqNkuvMTx2MKy3o1-Noj8AcLudtrzsEfbXIQmRLlAnp8ReVwdwm64P8CjqCQBUl1Kz37eMW375pI4Zqboi7AELUiq8634SiFeVgxn_6QBzRJJaDvNwF4fdMH1h13AWGZ0jE0l70D1xldOFcwkNdsmm4yphhODYtYZ0ekBac3VPeFGT8pFjCSMoqCCxDugKOoS4tbzMckwW0uPl7r44r1QGvGDhBbsxwkmnpjXgYzknXTzvWaQYIoFvDjZMBkeCTbLv47_LCtmPFGAlaSzHUN7w2wDShiNIeII8Hh_pD97cAAowoLEwD6Ck4NwNSa7L6RWManLRxfQwqItazAJO9WpscwJ1zXSZXjtptyZY1YHSMzq1vTrEcDV_amkiKkSGECaMceBj0-T__3bhdTzkWG6vJGDqgwpZKK7mad2G-WYcEGfkVI2IkhSaTm57ndVYJI6pwKP1hp4Vs70_IJGZyT0-IPtfKqNan26AuErKOS18h-N9SSrvN4JYhjHj9TM5frIP76hP-zl8VUzwwrIXfD0rgZKtDWKRmcUj1u04gavsYZaJ-wqt0O_nLVuO8boeu2gUu1Ix-yVFhSc1pU6LhWC93pQ5RWMJ6aIbOQxLr3QBoIEms-FoaXWvrIDpyNjCfC_pP3yVkLbAmkikRgcqfCM4TXKusbVjTDQ7WBdz4HNmQz_3d-bD_jX3ir0iM__XjVOk7cyA5t14rpYBurd51I0nrnVltp3KIjJPJ0IZFIMTYqllKJl48BTbMl_pHbDIpijR__2--X3R7v9NvYftq1BIzAqX_HZItVvwWYh_Kx68M51WlXgFjktTvkuISgnYDytU_chRObKlfAqrUP24ja8BnrhYt5Urz3Y7ORZ0SR_TvSqf3uQhf2F6207kRbLqhg1xQA0Tl1Iap6Fvj1rK7gIRzh_7nO6X-jvPFtKh3j76wXLAoq1G5RUrNlz7WSwrwpPIFMcgSWNS_FsUFUMQPRtrNhZblPf81dP2jG0eZJJtpH-q16xPObhoEL0KiMTa03nTToHjXuAhwIDXTPsBY4uWnlcHqcgswg52scaVcE6_IZWZKaLYe-bQxfTpXJxxsAlakWvmlhlO3BUicaahcViEfTxtMNbauFiTp7bZ2DY-i6StJ5PVc3mskGIm2ekprgExPhnmfWAyejkyWd0b-g0Chq8csONyS4aQOr6nOh73keKsifzARySjryGvEy4drLINoTlOR_lkjRRyhxjFZYEI-byLNQjjsjRJQ24kClvy-kxk2GNupv-kryrgxjUOTcej63yzntHGyOtBK6cFR6gJscn49QJe1e4a0WAMFbcQdJtTZFeWOyI6TogouvC7DKCXDxA16hUj-qQF1a-ECRNo2kF8BUV_1n_46CfB2brNHXhlSz8Qq3GMeeRKo1s5vLCtJ7IwwNaaleCPQnaamIkLmmuzBzldIEOpSfu8-CiLq_0C-QZY-hawltJPHlA4TreYK_F8kXFTknZm1oqZEYvMttV750vCGnPqfVqwg7jQRiXo-6d_aFv2SC8G6YQc2fWbFBuSOzspFRMa-v4k6R5jFDTt_amEDcHUHuU0Fa_YCHmHUaR8sk39iR_V4ldHHwJCsFkBOPA5jHYMxqOVwerMXy1F76xMZqRltg3kjnqjoeq2_MW4DjuCt8yv-J_vkhvQY_klyyEePVQcdeEeUYtp9rJa4Y4nWq0Zl5ClTJ7RtayGEu7dbM0QXiWWiQCINEVPUbSgh0UwzZ8F2Nqp6AUHGJYndvMZivOIm9s1tZMicKaDMzQO_VSpqF30N6tZpbNIafiEJaevtmu4LrRo2c2N_DU0O-IpDQmEqstBRcCQbRxjSnl-jAZotearHmNnvrfyCRt765t6P5kzo1niuLtKya2pZ-hmRbSduvQ7DgONxdsvMtkgpUJXpeUgPTc9WyF8wDQ0gcC_DHGja0lLbV_8be9vYFRM6HgPsVtqygjjBtPZLG7-xInc8sDGibIMUQpvJb6d1geknuPyr87U2CKZNZaNzXCnFnZ6GeRNyNehLN7bVBZf-10RVWoG5iNUBw7iu98pboyv9K7GTatKWBgBWG9Z6NWcEK-lvLZPJSl-t1FYCLNCn8mZO3ZHO-pV2Q1gUccoKltEFpkjLZS7iBoIwuar2v3cHrhxKwygLtKvskRoZ4plfzaUzeFLlXxhjnnWLuj2WW8qHN598ENHaVKzT2tcnlf2MdZEfzFNRyiK7S6w-fnnoynQJAc-yhuDNBt_IDdxa_AFmj4cAGIj_1pHshio0KJOxiopZrUsPMJ7rgH-LhxdBkj6byvzssiGW9THGT-HUPulYrEA-kqYNicgUv1lSyBwswaeOIQ5Sli6o2mP8TNuFi847dCMqpeXDlZeiio_9ebdvQRYgMjry9e5S5dNkpdHj4HyQHtbY8jp2t4fkAwH-A_ZR2hKWJRkqrTTKPs_yn0QL5puIS6jNtH9ScajhigojhFCVMFmYZPr_D_T9EPR-hpmlOkiWTD-bTjgApedGLwSfwRJsLg0bRwsgfQz_92kCXYgvtG3WhFfTiQcwQtaHRRHQyc455iFixq4X1Z2b1-j8CKeIkzJs5YIAfEd_op068MYs2W517u4QfqRtMbUZq4n1m8&cid=CAASEuRocVmtMH0aN9Ou1xUkvOGO8Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7350
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:51:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 13C6 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AIG-RyOzwF79n3eroX_PORhQ5RErKT9ZHR9EhHWox19AjR3aeb2NpHjc_CGDMOSZJYViOb0o-v61OqQMcJHIRMR3jN3w&cry=1&dbm_d=AKAmf-B1PIPAJU4vd-ke-Lyhwa34zQoyeVyyM-OgOFu-E1OUDVafF9yf0o8Is1X6jpQm2TAb6qf_OPfxdotDfZ0RqtCgfDiHAVslL6Rzx5Zl6utirt6Rh0_1y1DUrW50UrMW6ooV3O8RVtnebqfqLVXsB_wP1m9LnESswGBhYy6L2B8pOjrirRrzGzqB-IRUGZnT4Q7KPW_sgWKSPxKJis0uNYnqw_GcB0nwsgFexLH3wnFmabKtYUeOG8PJfneVUmdUGi1shYEf37yagINjrJomnxnOg6bs5Pq08v9bmzHHAuVwSrlUFnYKfCTQKZYd0fva7-ie_JKf53_kh0m2jMQwtF1_6o-r9xFmbkmJ2__UcVRJBxG9uOSLSCkTFFeqNkuvMTx2MKy3o1-Noj8AcLudtrzsEfbXIQmRLlAnp8ReVwdwm64P8CjqCQBUl1Kz37eMW375pI4Zqboi7AELUiq8634SiFeVgxn_6QBzRJJaDvNwF4fdMH1h13AWGZ0jE0l70D1xldOFcwkNdsmm4yphhODYtYZ0ekBac3VPeFGT8pFjCSMoqCCxDugKOoS4tbzMckwW0uPl7r44r1QGvGDhBbsxwkmnpjXgYzknXTzvWaQYIoFvDjZMBkeCTbLv47_LCtmPFGAlaSzHUN7w2wDShiNIeII8Hh_pD97cAAowoLEwD6Ck4NwNSa7L6RWManLRxfQwqItazAJO9WpscwJ1zXSZXjtptyZY1YHSMzq1vTrEcDV_amkiKkSGECaMceBj0-T__3bhdTzkWG6vJGDqgwpZKK7mad2G-WYcEGfkVI2IkhSaTm57ndVYJI6pwKP1hp4Vs70_IJGZyT0-IPtfKqNan26AuErKOS18h-N9SSrvN4JYhjHj9TM5frIP76hP-zl8VUzwwrIXfD0rgZKtDWKRmcUj1u04gavsYZaJ-wqt0O_nLVuO8boeu2gUu1Ix-yVFhSc1pU6LhWC93pQ5RWMJ6aIbOQxLr3QBoIEms-FoaXWvrIDpyNjCfC_pP3yVkLbAmkikRgcqfCM4TXKusbVjTDQ7WBdz4HNmQz_3d-bD_jX3ir0iM__XjVOk7cyA5t14rpYBurd51I0nrnVltp3KIjJPJ0IZFIMTYqllKJl48BTbMl_pHbDIpijR__2--X3R7v9NvYftq1BIzAqX_HZItVvwWYh_Kx68M51WlXgFjktTvkuISgnYDytU_chRObKlfAqrUP24ja8BnrhYt5Urz3Y7ORZ0SR_TvSqf3uQhf2F6207kRbLqhg1xQA0Tl1Iap6Fvj1rK7gIRzh_7nO6X-jvPFtKh3j76wXLAoq1G5RUrNlz7WSwrwpPIFMcgSWNS_FsUFUMQPRtrNhZblPf81dP2jG0eZJJtpH-q16xPObhoEL0KiMTa03nTToHjXuAhwIDXTPsBY4uWnlcHqcgswg52scaVcE6_IZWZKaLYe-bQxfTpXJxxsAlakWvmlhlO3BUicaahcViEfTxtMNbauFiTp7bZ2DY-i6StJ5PVc3mskGIm2ekprgExPhnmfWAyejkyWd0b-g0Chq8csONyS4aQOr6nOh73keKsifzARySjryGvEy4drLINoTlOR_lkjRRyhxjFZYEI-byLNQjjsjRJQ24kClvy-kxk2GNupv-kryrgxjUOTcej63yzntHGyOtBK6cFR6gJscn49QJe1e4a0WAMFbcQdJtTZFeWOyI6TogouvC7DKCXDxA16hUj-qQF1a-ECRNo2kF8BUV_1n_46CfB2brNHXhlSz8Qq3GMeeRKo1s5vLCtJ7IwwNaaleCPQnaamIkLmmuzBzldIEOpSfu8-CiLq_0C-QZY-hawltJPHlA4TreYK_F8kXFTknZm1oqZEYvMttV750vCGnPqfVqwg7jQRiXo-6d_aFv2SC8G6YQc2fWbFBuSOzspFRMa-v4k6R5jFDTt_amEDcHUHuU0Fa_YCHmHUaR8sk39iR_V4ldHHwJCsFkBOPA5jHYMxqOVwerMXy1F76xMZqRltg3kjnqjoeq2_MW4DjuCt8yv-J_vkhvQY_klyyEePVQcdeEeUYtp9rJa4Y4nWq0Zl5ClTJ7RtayGEu7dbM0QXiWWiQCINEVPUbSgh0UwzZ8F2Nqp6AUHGJYndvMZivOIm9s1tZMicKaDMzQO_VSpqF30N6tZpbNIafiEJaevtmu4LrRo2c2N_DU0O-IpDQmEqstBRcCQbRxjSnl-jAZotearHmNnvrfyCRt765t6P5kzo1niuLtKya2pZ-hmRbSduvQ7DgONxdsvMtkgpUJXpeUgPTc9WyF8wDQ0gcC_DHGja0lLbV_8be9vYFRM6HgPsVtqygjjBtPZLG7-xInc8sDGibIMUQpvJb6d1geknuPyr87U2CKZNZaNzXCnFnZ6GeRNyNehLN7bVBZf-10RVWoG5iNUBw7iu98pboyv9K7GTatKWBgBWG9Z6NWcEK-lvLZPJSl-t1FYCLNCn8mZO3ZHO-pV2Q1gUccoKltEFpkjLZS7iBoIwuar2v3cHrhxKwygLtKvskRoZ4plfzaUzeFLlXxhjnnWLuj2WW8qHN598ENHaVKzT2tcnlf2MdZEfzFNRyiK7S6w-fnnoynQJAc-yhuDNBt_IDdxa_AFmj4cAGIj_1pHshio0KJOxiopZrUsPMJ7rgH-LhxdBkj6byvzssiGW9THGT-HUPulYrEA-kqYNicgUv1lSyBwswaeOIQ5Sli6o2mP8TNuFi847dCMqpeXDlZeiio_9ebdvQRYgMjry9e5S5dNkpdHj4HyQHtbY8jp2t4fkAwH-A_ZR2hKWJRkqrTTKPs_yn0QL5puIS6jNtH9ScajhigojhFCVMFmYZPr_D_T9EPR-hpmlOkiWTD-bTjgApedGLwSfwRJsLg0bRwsgfQz_92kCXYgvtG3WhFfTiQcwQtaHRRHQyc455iFixq4X1Z2b1-j8CKeIkzJs5YIAfEd_op068MYs2W517u4QfqRtMbUZq4n1m8&cid=CAASEuRocVmtMH0aN9Ou1xUkvOGO8Q&rfl=3%2Chttps%253A%252F%252Fwww.bg3.co%242%2C%2Chttps%253A%252F%252Fadx.holmesmind.com%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 11:09:28 GMT
truncated
/ Frame 0559 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0559 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 0559 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame 0559 		15 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5414&&&vgd_l2type=sca&fp=PrxGb7CLgrm-q4h-TTGkMvOM0SfctcdG4QpQGVzwvs62GF4EbiuZjJIjdvOZ3qNO1_M9OGTBlBUaKJZtoABwVGeHHvaAJWe5Q2FuwKhrtQ4DS2DDh6oKKbl-0Wt3-HvK&cme=4LbweslrsU4TuHBiARgP67Czp4t2hA8xS0zxgrsuzQPkjYfJfg8W2b8rjZpE5ZWHARQoSAKWmfU2s-MEcVt9lkOtryW28DqapVamLO9TiaWQ8UCkWbLiSsooTUGJnyj8CQ7KZ1H_8KJxaLUMIDqjlyhCbj0rH2dxKcJ0mqT8JKdBgpBIq43VH4-WaFCUFWMuPpIMA9JwiPMmSfg0GKkHBimzBc0hcW3M%7C%7Cgglp7xNw7r2vt3NQBkmHFxGpgdcq9CUccudDh7bdpcVZG62_hyQW6y8O1s7U9ymJuhyh4X31GjEhQUdvbnACqHIHablPQTmyz3YLPSvYCeefFBGY0ezmeKzPf71PSVCxVmHd6vY68RnHu5lnIVPj9Vzq-zx2dmrPvDFvEovbjHTVAAfSKfNYPsQIT5Z1zRbN-MzAMkref-451XF4hr581PKi-Ko7aPjOKnfBeyJwWyQ%3D%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7CpoFcyC0XIrJaNvM_Vh03GBxWe7iF-3TZQC2K7v7lSWbOV-z7oZXbaL7NTqSCzw-zaYcK3p_zJvGzvN_EeWqoNBEfuVBwjqr5jmQMY_X4h2RMwxZTi5L9Ex_d_JKS1aPO%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7C&v=1&geo=-33.91%7C151.2&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170785057&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nff&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=ffoyxQJuOu99&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=26322723&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.23%7C60%3D0.31%7C12%3D0.33%7C66%3D0.83%7C10%3D4.86%7C62%3D1.56%7C1%3D0.33%7Cps%3D0.508%7C3%3D0.19%7C4%3D3.98&ktd[]=274911793408&ktrkt[]=Small+Kitchen+Designs&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=340189069&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.23%7C60%3D0.91%7C12%3D0.24%7C66%3D0.83%7C10%3D4.86%7C62%3D1.07%7C1%3D0.88%7Cps%3D0.508%7C3%3D1.25%7C4%3D4.52&ktd[]=274895016192&ktrkt[]=Website+Maker+App&kwd[]=High+Paying+Jobs&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=13666242&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.23%7C60%3D0.11%7C12%3D0.17%7C66%3D0.83%7C10%3D4.86%7C62%3D1.99%7C1%3D0.17%7Cps%3D0.508%7C3%3D0.25%7C4%3D3.98&ktd[]=274911793408&ktrkt[]=High+Paying+Jobs&kwd[]=Stocks+To+Invest+In&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=27190006&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.23%7C60%3D0.30%7C12%3D0.15%7C66%3D0.44%7C10%3D4.86%7C62%3D1.33%7C1%3D0.30%7Cps%3D0.508%7C3%3D0.43%7C4%3D4.47&ktd[]=274911723776&ktrkt[]=Stocks+To+Invest+In&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=48970281&kbc2[]=pmb%3D1%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C63%3D0.23%7C60%3D0.01%7C12%3D0.46%7C66%3D0.62%7C10%3D4.86%7C62%3D2.09%7C1%3D0.25%7Cps%3D0.508%7C3%3D0.26%7C4%3D3.98&ktd[]=274894946560&ktrkt[]=Best+Priced+Car+Insurance&cid=8CUABW64L&vi=1664283220692023791&tdAdd[]=ib%3D0&vsid=3072848216820024&tdAdd[]=asnum%3D54203&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=804&vgd_l3_sc=NSW&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170785057&vgd_nrrv=79615&vgd_nrrmf=c80a&vgd_nrrsf=scrr&vgd_cty=beaconsfield&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1664283220108955731&sttm=1664283221444&upk=1664283221.874&hvsid=00001664283221444029185682006354&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D47%2Cj3%2C150%2C133%2Chy%2Cy7%2C11%2Ca%2C13%2C14h%2C3y%2Ck2%2Cov%2Ch%2Cgo%2C12i%2Ci%2Ci2%2Cmz%2C12q%2Ciz%2Ccv%2C3%2C4%2Ccy%2C149%2C4k%2C13a%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D54203&&vgd_vstrid=3072848216820024&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~eBMJ-Nv9.HA~e8QMQOvFXF~ONfvu~QNOvzQB~eM1QzvXHf9A~ejfLMQOvf9ff9ifh9W~8xLjMGvu9fXFH.u~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fA~8EvAGB9PB~kGGv9~e8QMxLjMjvA9~L88Ex1vHH%2CHH~J7vW~LNvA%2Cu9F~LEQMQOvf9ff9ifh9W~e8QMGvAiA.Fh~xLjMGv9.9u~xLjM7e8v9~QYYMBLvhh.HX9f~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~csRvR~GYvu.9X~QYYMQOvf9ff9ifh9H~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOv9~x8OvuqJterz-qkm8L-O2ai~G7OvfHWi9HXuAWWA9uFhiAifhX9AWfAWWXufHWHh99Xu9AHHi9AiHXhXFu999AfH9ihHuHf9uhiiAFi9ff9hfffXhif~OfEMjvF9~AENkvu.ui~x8YvuH9XW~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.FX~myOfEMGv9.F~exLjMGv9.9F~QQvIK~x8Bvih~NJv9~LEQMGvf9.Hi~exLjMjvX9~%3DVvfhHf~z7QvA~7Gvou~N7vGJ1NmzQk8JjO~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvuF.Wh~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.XA~8exLjMjvX9~QxEEj5M71yM8Ov~e8JB1G8j875v9.HA~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvfAFX9huH9i~QmGEv~N7LvW.W9WAX9X4oH~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXA&vgd_optout=0&vgd_cfud=220331&vgd_scsver=322&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=NSW&vgd_l1rhst=contextual.media.net&hvsid=00001664283221444029185682006354&subBdr=196&bdrid=313&rc=0&rand=1664283222201&acid=113a58fd3824446a9c86d2d6a529c738&matm=1664283222202&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&vgd_ltimesrc=1&vgd_ltime=2020&vgd_rtime=2015&vgd_etm=15&vgd_l1hcsd=Sbsmd%7C6329&vgd_l1ch=1&vgd_lhl=3378&vgd_pgid=p0102089615t202209271253&vgd_adprefflag=11&vgd_csip=rtb-common-istio-5db8d86554-pck4d.SG&vgd_sbSup=1&vgd_nrrs=79615&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.240.25 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-240-25.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 27 Sep 2022 12:53:42 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=23855
content-length
15
publishertag.prebid.117.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.117.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
gzip
last-modified
Wed, 29 Dec 2021 12:30:46 GMT
server
nginx
etag
W/"61cc54f6-15c19"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 28 Sep 2022 12:53:42 GMT
generate_204
tpc.googlesyndication.com/ Frame 085C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?MuISQg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 13C6 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442605
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 09:56:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame C6D8 		1 KB
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
40449
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 01:39:33 GMT
etag
48472445140208031
expires
Wed, 28 Sep 2022 01:39:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 13C6 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e18a925e8c359e3f9fa508c0e91c908e01c6214a3a4eb4982e42e3bbeeb9e726

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
generate_204
tpc.googlesyndication.com/ Frame E974 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?IIJJIw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 3A01 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=2221928534233017&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 15BF 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092101&jk=1432865179791868&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame C6D8
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0QzUEE1ejQxT0RhNU41&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cver=1&google_push=AZmPxg_e8xmU7T3uwGgFE3fPJuAi4vtMAMRFNVilABMdkgE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0QzUEE1ejQxT0RhNU41&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cver=1&google_push=AZmPxg_e8xmU7T3uwGgFE3fPJuAi4vtMAMRFNVilABMdkgEgYB4fCIgKLF_yrfOOVgUO5RrEbUwkOIBDZpTOX1umLP50mdnj-lmdmg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:42 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-05e9653613838233f@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=T0QzUEE1ejQxT0RhNU41&google_gid=CAESELFyMo98mmmtV__Yc9YYay4&google_cver=1&google_push=AZmPxg_e8xmU7T3uwGgFE3fPJuAi4vtMAMRFNVilABMdkgEgYB4fCIgKLF_yrfOOVgUO5RrEbUwkOIBDZpTOX1umLP50mdnj-lmdmg
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame C6D8
Redirect Chain
  • https://aep.mxptint.net/sn.ashx?google_gid=CAESEMSbDq_oct2sRjhjXTsJzNc&google_cver=1&google_push=AZmPxg-5UEccxiGYU3CJTEiEr6O1I8O7ycTk0t0P5r09vWHju8yWjCQMSYMXW_q1qCMADUgGxf02D3T-cBLnuS6s5jMXVw-lrk2dBA
  • https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-5UEccxiGYU3CJTEiEr6O1I8O7ycTk0t0P5r09vWHju8yWjCQMSYMXW_q1qCMADUgGxf02D3T-cBLnuS6s5jMXVw-lrk2dBA&google_hm=UjFENTMxX0Y2RE...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-5UEccxiGYU3CJTEiEr6O1I8O7ycTk0t0P5r09vWHju8yWjCQMSYMXW_q1qCMADUgGxf02D3T-cBLnuS6s5jMXVw-lrk2dBA&google_hm=UjFENTMxX0Y2RERCQ0MyX0U2MEVEMjg%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pf8b3zh4kyw&google_push=AZmPxg-5UEccxiGYU3CJTEiEr6O1I8O7ycTk0t0P5r09vWHju8yWjCQMSYMXW_q1qCMADUgGxf02D3T-cBLnuS6s5jMXVw-lrk2dBA&google_hm=UjFENTMxX0Y2RERCQ0MyX0U2MEVEMjg%3D
Date
Tue, 27 Sep 2022 12:53:42 GMT
Cache-Control
private
P3P
CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE", CP="NON CUR ADM DEVo PSAo PSDo OUR IND UNI COM NAV DEM STA PRE"
Content-Length
342
Strict-Transport-Security
max-age=-347270023; includeSubDomains
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame C6D8
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEM_izrsf38FhOoCwg1ilw4g&google_cver=1&google_push=AZmPxg81en_gisgUDzy1cq4IuT_fHwkCpXSQllXXbYu3MumYzjYKZqKU-zyivNtKJy3oc-5oOB435T3WUXsXUILvVteSuR6a11bgPA
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEY3NjA0NzkxNjdCMEM4OQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEY3NjA0NzkxNjdCMEM4OQ==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=OEY3NjA0NzkxNjdCMEM4OQ==
date
Tue, 27 Sep 2022 12:53:43 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame C6D8
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjIwOWIzOWUtNDgwOC00ZWRiLWJlZDEtYmNlNGI5MzkyNmJk&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9D...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjIwOWIzOWUtNDgwOC00ZWRiLWJlZDEtYmNlNGI5MzkyNmJk&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9D9qoDSvDGbOm1I6WUWlT-BnLlkidtU7C73jazc85wRVcGO0BKsd5p_DWzO9r2neQA49uWRI1UAkvXJALgDV0US7lABdbV_A
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YjIwOWIzOWUtNDgwOC00ZWRiLWJlZDEtYmNlNGI5MzkyNmJk&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9D9qoDSvDGbOm1I6WUWlT-BnLlkidtU7C73jazc85wRVcGO0BKsd5p_DWzO9r2neQA49uWRI1UAkvXJALgDV0US7lABdbV_A
date
Tue, 27 Sep 2022 12:53:43 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
us
sync.go.sonobi.com/ Frame C6D8 		0
0
pixel
cm.g.doubleclick.net/ Frame C6D8
Redirect Chain
  • https://google.partners.tremorhub.com/sync?UIDF=CAESEImYzZB5AEWHjSjQfLyX7-Y&google_cver=1&google_push=AZmPxg-SjO7rso9mfMT8QjvQFCgUaRYEEyIcaM_cbmr8rF5QFZ-wpwADvmaaM92T7YoBchsAmdjkLPN0MYtFR6yVbnxIAqu...
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OWIzZTQ2YTAxOTUxNDM4NGEzZmU2ZTZmZDk1Y2Q0Mzg%3D&UIDF=CAESEImYzZB5AEWHjSjQfLyX7-Y&google_cver=1&google_push=AZmPxg-SjO7rso9mfMT8QjvQFCgU...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OWIzZTQ2YTAxOTUxNDM4NGEzZmU2ZTZmZDk1Y2Q0Mzg%3D&UIDF=CAESEImYzZB5AEWHjSjQfLyX7-Y&google_cver=1&google_push=AZmPxg-SjO7rso9mfMT8QjvQFCgUaRYEEyIcaM_cbmr8rF5QFZ-wpwADvmaaM92T7YoBchsAmdjkLPN0MYtFR6yVbnxIAqu45byRtA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tremor&google_hm=OWIzZTQ2YTAxOTUxNDM4NGEzZmU2ZTZmZDk1Y2Q0Mzg%3D&UIDF=CAESEImYzZB5AEWHjSjQfLyX7-Y&google_cver=1&google_push=AZmPxg-SjO7rso9mfMT8QjvQFCgUaRYEEyIcaM_cbmr8rF5QFZ-wpwADvmaaM92T7YoBchsAmdjkLPN0MYtFR6yVbnxIAqu45byRtA
date
Tue, 27 Sep 2022 12:53:43 GMT
server
Apache-Coyote/1.1
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
pixel
cm.g.doubleclick.net/ Frame C6D8
Redirect Chain
  • https://cs.media.net/cksync?type=g&google_gid=CAESEDjuQbZ4_rO1CLywAatpjbs&google_cver=1&google_push=AZmPxg_HerzaiH_4ziIT2Lkr0nYUmy3vNWBDA1dtATY22qKP-BYFVFIpG9IEoGPoGke8YyNS6Xd5FrgfHOg5RD-7U6y2sSpGm...
  • https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&mn_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_HerzaiH_4ziIT2Lkr0nYUmy3...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&mn_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_HerzaiH_4ziIT2Lkr0nYUmy3vNWBDA1dtATY22qKP-BYFVFIpG9IEoGPoGke8YyNS6Xd5FrgfHOg5RD-7U6y2sSpGmB-JYA&gdpr=&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://cm.g.doubleclick.net/pixel?google_nid=media&google_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&mn_hm=MzA3Mjg0ODIxNjgyMDAyNDAwMFYxMA%3d%3d&google_sc=1&google_push=AZmPxg_HerzaiH_4ziIT2Lkr0nYUmy3vNWBDA1dtATY22qKP-BYFVFIpG9IEoGPoGke8YyNS6Xd5FrgfHOg5RD-7U6y2sSpGmB-JYA&gdpr=&gdpr_consent=
cache-control
max-age=0, no-cache, no-store
content-type
text/html
content-length
154
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:42 GMT
attr
cm.g.doubleclick.net/pixel/ Frame C6D8 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfqfIR0x1agbrZSKQ-OMMGaCpgyIEPh6Rr4YUWOagq_gABvmkMt4okEvT2o-UBQEUQQiHN
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 146C 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
243739
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 17:11:23 GMT
expires
Sun, 24 Sep 2023 17:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 8CC2 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXhlYFBtDLk2ucGTbWwhovPJkP2byKRJ6Bvb9Y8dUEUuyOsMigHmEbNioxGN_T4MSc9CaV6E4K5SLLeY9lN1s06WRX77A
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame F046 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-Kvr2ylUPSJbhBHAGTFawL12TveGR_Dwr4wq_e_tT7WDZ_YuON91_pjOoJBMj8VEOaRaSlslePgSaIppLf_Zwvm4NrQ&cry=1&dbm_d=AKAmf-APr5xBa9iaLVEn5yE4nPs4n1IcPr2czxpyvfueV6qzjwQOXxTpoBe4usnsu_fp3JDYT9YEDU2qiT5k_6v0cpN0n2PIwqWy8ZQ5trkIbkiXG5LHJ8st2qIj-i0zW0RVxcMM9EW1sM88OSSHttq1wuWMSZSLAO2-4Jgj485QEhqWfPETgTjJjvs5CIRxBhwKSbtxpWJzPq5_-CKNUJrFRIYJfwbiM-iUr2x2g1Mr5VFf5Jo2WXuw8tDwO8YrJe-Uf1aooD6V_bYsUG6fIzAqJquKuW5dtmCDXje5wMZkWtX0QQEEGw-w1uDDuKG46HT6ZQc8RuOQTyB1eVNc5zudD2sYynSpdmX3CDwuzIWPaw-3_2dL1fvQoANwpA19XRFPp4Fg67kH9FHNiTRhg04-SOwEyI40t3ZZ8CA1cioEdHznlC6M-JXhRZU8T-HYOPe-6rAonqppuWCb8_Vb_BbeRZc7i7Y5-5_Zv8EFtcuHYzeK8KsGQPgqUQ8Saqd3JHzw8WEqZ8RYOQrR1ymAi8aWMFIUB9OvqFE5vJ4uK3zfwOBRpykNhMJ4as5_iXc9cKsUvxo5tKRtJXNj7e59xzA64OJMO1Ucpom3m9354J7DyHfUM0RwLG399-X7IWdUjm1dfO1TW9z7NOhGi70ttLD-WC773qZ-BdwdyCMjNhlYwaiyrQWAANUidR8-l5Wn7qVm_BgBsX8umu1zKW90njOj9z6NW-zz8GK51cowamkSJ444hRF3VNsQBR6CYjfA4jKKI3lZAX7BOG0UtRLTD3ybblQENgdZKxtpLjvJdTXleyqHGEOABQ1TMDQcLgMGxOSiFfsI33Lkw_DRQbjjdXBnwFVjqq6Jnx0ERfSahgWyUmWfLFvPGahuAF8SgjnQ1WNFIpu1dBaG8L2exQ-kschK6MJSsgRoI0xCM5Hm4JzF7LfueFrV2ok62FuFeiMAXAvoWWcHEYr0Aj5TUiN6YB85hKGx_tiA1Od54BR267BsH4KjXb1mNQG6rMKjTs5ThJKU2DXmsdDRskQ-oRjyBOELTcAvOElhrZA3ivHeWrN3O-IhRNABwdHImFAxORcUxzNV7K-UlB56qE9hYHVnslowQLCalBdNzImofCI9R512nsMmJAsTfAkcdEJowyowW49kBPhBXpGVXj91OUhsTZgydk71GyywywdrCz_2YkTtJnX3a26ZLLKQ1cfTzT7Qd9krRBgG6Olo7RNELiydX0Vr6FpLJj6mca9FGVLZcQnIxpeZahZe9i3DwsWcAP3hORU5_uT_wVjKR1G76DkAJt0XLd16ZYobRET7edszV5CX2WUhHhHmDgmyNy7s9j8eQSEhwf-DwJBa766Qpo-FAZPq8ZFtber9pnLHZNI7QSuPlPywBQjHITWxetAX0IfdH13FhE8V-P8xB96qorA2cHHrM_PbcsGJFRSKeszCwXLxytokOEG10VLrSw4KOrqKw15W94vtjaB2peDc2LXojCVHzOggjulGq03dJtW_216xpxNec4-YEpzD4NyuMoKVZzakvzZfacKWoSVxMyxR3Wkj5COwHf4db-OXCXhy7P9amQReOhA0RD_MsiwuUCU00hUBz4eOk67ry7bTMLmUeRKpKZZ8NNmuOHKd71QDF6l5LRUMYbjUGIrzd7ZcXvfx6G38V-xOPw6jmk-MiCfH_KBPJewC8Inxh-tq5FIeQA1MDTm6svQ8hxBi_Ap0bF9ThLIOgqFBzpr0P55buF-wh5-s3wDE8b3IsLeR01wPK5tbOmfO_4J10kY0G4WimBBpY3284nM6MLUk-iW7o6UrNwOSFn4Jyv8ppNp1nnMnjYI5caF6VzsBwDerb3pNKkG1wqpIFIStCnCnRHe3RpoIZlfFhbnQaV40EweozcC3lWK89zO-Uzo1BCrdSPUN6iyU9PP6bvc-sACgjt1eq30LR6oVGx4jrOXkd2gZn5wCJWKKpQ9Pe6citwXTOmKzotEZJMX-x3PD7x8ThugW8lLiTJzOAT5iVeYSl2pzaiQ9obeEGEtdlSoCuBuRS-8qsCLEnN95XkFFWP4PEgF7-wn8ThxgyTwW5Ft17-cwzWxU_gE2v9h3civ1TYJbusm-rEnXRSPyutc0RkHN7FVY3pkMDzLM_FszgXRvl51cjKfbgZKbakHLUnPzChq-KhXVVaPA1gIWEy1mwJ0mkFEth0wjY6mmUITLSzQJMyo0JYNHGLMaYz_ECMGpOo5JYQQwmK6LvVETlLERr74z_2tikDo41rR4CKrkBGLDExS0Mpe3JU0hRX0HfAgwnjSwDtdiq-fRqlsGbCQG17xjz4nIAJkvWrq4JJXD2Ub63QGIIYTjLOayrmmlhdiiZz821ZMSohPf1dYTEdkOZQky-CU1s81_WxG3XgHc1jzIyptvnWaXKHzUOdpCtwIgoh-tMRwQlYNoTCu2XGiccB1gqPbOi31eTaPW2uk1f0iFk_8iA1Q7fKc67G7fI3bYpiBhuF67D3RJYfMUc1WULU69e-SQ0sxFj4G0yUf08g_frlCNleccveyDPFaD980FaNPZz3Qm_FFYKwIhbpB0h-K6SHefT961BriGfyOq5JvSRkhIKiMPyagD-2A_IuL_3vbeo2jINPqwXGG6EjMpTeh2M4o2NM9vu6_90g-IBtmQuAkUm9lC93Ge7bL7LDhcdZj8_D_LLA6_WTU5BMr1ew_kP_K4-0ZL-aj1E-kzf4DSG3z8jb6zDL7W53e2LBAOt9Frtwx5dQYC9CctoM4cwPkeLH1ManUQmmhvD9EZgWZcY_n66jWv-3PXteUIgPx-XAWJDVefqSsNv9n0JLDfdsx8hTBDqLnFP15_YisZiNdJWZPnGYytBBKka5iqPtIpAehswA4dKaz4XIkcx18Z0omkGMx6xczXwhfnC-9fKbx6tL09vNyRr0Daw79SZ7XwcTU6k-mGPJtZAcW8x38aO_kyMrlKULPMphzQ-0CILp6l0WDAGsgMUn4OYf6SS_J05BM5vESEKD19LBVnjSI7bJl8aQ9o6kZnf0ySzQTMREBhhn0Ycr1-BWlrMOgn8RIeHfr59VCwE88cmKZ2aAJ-tqwYKtoqM1S5DnqcoYWKzQKMnXu1-N2j3BgZtMFJOCiatPScJQxC_0EZgz-CwB2nd_TVhQHUMkVPf68oddV21XZkcM89c_QHmXPyLQYf-imLkgE4KPMWCp5H5vUXrgmp3A1u3OJujgdiVmcSHzP_5prbwjKQOOyNk69tYqbStUauhMyeJpYex0SJw9Iq-46_pjLnyFfENr2tEIhryJ0XIBfN8mPIuEwSz56fl-wV4SDNNnZNuaBrb0ZsAjPaCvt9Xc0LTcEPnYramVZDA-aI1qYLNHIiiSp4R-KZfBfznY3O7T2eX8GiIeAppjkAbnN2WyG7&cid=CAASJeRo-tlzOzwSvOXJ_62zM6-fgjUJ0nEtA47aa_mucwoKr6_rdnc&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
db302d6b42a95ecd629a0bd1b191fd371c02f5ab858832b219d6663e7dd08fd3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34540
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame F046 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AdDapA4ixN0pM4LrzfJyD5x4bc9Kaixw7i0hP2-8gVL-db_lgv3kMyB-4iqQAlY55QFK8PaC_mwn2sRsUEtiqB3vHBzhL45GYL-BZZOFbquhJQAnc
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F046 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:19:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F046 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:48:38 GMT
l
www.google.com/ads/measurement/ Frame F046 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTroW4bxAts-Pa-DRWjNZP6e-zsJ3H55shYnmdQPYjmgsrP0GEnhvaVoX7T6CZGl4L-wGshGumaSsa3nAQI90jRQERAtg
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F046 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:42 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 80E5 		482 B
274 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW1iU5ag5J_bN2lSyEZ--iSFVbiyuZ2RUV7rUOSs1suLh4NqLoarIG5D6y7t7WiCAFeIGxr7LsfFpfw_N78n9kROW6twg
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
253
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:42 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame EB1F 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxO46yN61t7kBPBHGCFuJ856pTYcrqHwfXcig6LbNbGkucnHmka5Dm-oteTDse1tHyt4hxl50avTaZukzRWqwBLUQFJg&cry=1&dbm_d=AKAmf-CqGpSDU4121gELCQvtn5pzYI2WT3hIkI3dbO3OcfKwTzLAq49OovB7PtKwqsFoyD-0YRCDaTLLXgRL-4sig39x_9TJWXXG5uEC_Ku-8edth-dKsoo5p3FNvyMo3t4FlxuvJMxohWnmPJg4VJw1XqwX1Eq3NdHDB0DQw2eIq_PEZRaJbpAzcaq9YikXRn2ESTR_L27obom_MhxB0WlY74O17pb42VKHN73o2ruHB0bJbAXEC3QQUT7yfiHUJdAzPO8EufyFIq9M-vwCsTXbA8fkHXeakvRr54HgmAUMmywLLcTtNEUC9n4Tn6-dSE14p9XlRfCsVH5Va5P9aVUWlLdtEgYmzmOue7l107Y4J_JLn90PUpZR2drqEdypo5L209OGAyBkrKZkIEbZFiX83HVxY62rXADOtlJskljcfkaVUHnTQ5d1My06EO8YvgpgVvHFb8wOXI6TaBY_1c0Rprqd0ZMaT6K5hWczg7DwRQJHT_R0kAa1rwc3fyhfEazypZQxjRz6uHrlsC7wVgdsZyP87eJxKWyQzD-AIMh3x2zlKiWrhluwVhnidaMCv3Ur2vriGWWTpMNQloSBeZmM0RWz89zQhoI_1Yf6xb5WtIQg43FFKoXNBdIGHu6nhXz6Tp2kEqK0yRx-JHxMlaQ66XG47geker_tQl1yU0Afd92Yk7MsE1S_4GO_RzpmpZAVGgaNjlYhrrMch_FBQBlC9cBrAHBnYRM9OcOd6FbLK9lK5PYTpCmFovYF6I10_ZUx1BLqIYOnTTHnnnoPGguZMGuB0KYGqB-Ouip9c1VpoixWb0LN_suLU6MHx5X2ghQvgb2HekEGN3ssdZUP3t78z0Vun7QZ3vRR3FbJMlUaOb8SCaE8MtN_zE2l8HjFBlMVw5wRRJ33r9bTdd_vdyDOye8aJmf-z2piWos7E8f7MbvZKG_Fz2QXLOVqUuNm-4H_25x5m9zw84yQyr-LnoyvRwSyPGLBFnr0dV2nbhNEMOIb_8jsYeqHeLISTgj329VWbDg1Gefn_OKefAxbmIQnDdoqhBw-hL1h3mkAZ9p6H-B0PWF6F6rFJGFSIpI8Nfao6k0WPygk4JTewMiEtgKaMAGP_YBHFxQjTdnsHCqsJzgilZBGNBLqlxX4OWoM_h4WOApEUiAJ9_a1yNrUiM2TZXLkfUOD6x3FDtICt2RPVORTKZ7nC9w_XTijxkUr1MGTcQgKy-6lrHa-tpMxRj3qg15xl2qgElAYI1QI0o8BTvrfe7-xqANtuUtg--o3tbgpFhnN928AqaXgejyIhMS49HB_5jgFSaXRr_aGjR-RsXpXcK_u2qDlMOBhx9ULo_zrnGNmdmW5jIisutdh83SJHgOGVsTtnfQB4hwIkV6GKf3HUVx2EzUwZh5vthfGTkfXAarIgest3CDtB1hOBXvy888mIfn1fgET623o57xyUILsCaRr-Bkf0eSpohKRwYqz6kms-kp9d3lbEW96fvrFYjejMmm6TclklENcWH3bcLk3orND1zwheyJ2Zix-tDznA_LXd5NsQck1LhH4BH3At5d7p5V4HdDdPikVf2jHDUL2m6Es6u8zEcwys6lx6VFRlCSWhODMsvRA_MqbVoVCOFih262zzR7DNMcc1AxR6C8acEaiGN3dP4cz5dLQyQygG9MYqgfYMovDxtMTp3JczJsVgn6fx7Tw-Xt4_T4_a57HucZ_d5qAOoOfzH35CMeRp4rV183HU4494qzJ5C1C26eMRR4xuA8BGR3YwZsTYvx7u20oW38XYCqnW3mvpZto1hCxFo2dAFMTKa9nq9meLsAmVLuBWRpYAVdll4MXDpx2a5n8KgtLE33ydod6oX8C9gQvHx0XONWX34gmSYEK1L5QyzmR8JFeNE4NaW1rih_Z3KhnGSiF3gmJWBp8h0e7QHVW3e32Vve1Vjzxi2v-jJ-GKQAQ8xMUfc5a4wrpuL5Tl53CqSTDFflKI9OxDnQIthEzsypdHpAh59kk7jbzzrRi-pRWoCEZ6lbmmlw1pjBiatMxGiaa5VQ7tEuHejZT-SQ7aeM_I0_fsDY2gzTdCB4rU9e16X2JShsFjaMBt-ArTarNtx7uozOErmv5MNxKorhVm_-6IwOCYPa-PY6zntHyaxsd3FwgBbPMg_jfFf7ZwAmTqkvDVxSMvYMWwdbIFyoM2rD_FXieDL7_22DQeC1fn36G5z_10zobCvn-j9rZPNOjoohCNh5JdjsZniMEJSD3dOszyFqma7OPsH71VgioD4NOuVRZFhxjm9sNGWz9pBgv7ea8RBYUtGQHnrbbyUGiwZfuQe40wLHYNvtiiwSNjo87I_4em7BNtBstx0GqGdKhgsv9YO1W3AY-v7ka9cO_1LV04HrBEKNYWbhvtGjHdcFFPMd5UWANfPGh-dFDARCTCGzV1uqFjQOozOLRMQpgQCQOE3KgETO8KMwAMIBbg9P-wtvuPHPlhdhNEh8BiyCfj8iTbU76-8XfaCdxFzjBxiLfieckFx2hoTe8_egmKIh3hLmJewKyiM4csLJJfSDBMGG3jywTF5nVlhMi7dCi7FCTF8N57ZeZYXSVO-4vKAhSYVzkK5IfBR2UjI1iexMc9fg0DF-NeVpa9x4G6TrKoIKQ8oSrVnnftB3dDtrxoCuPF6P8UsENwzZGH34tNw1_Z1ncIAC3AWe-ym76YCIwH_ceGneeqEqsMTq5D1Bg0g6BE1SWfnflOLkvBrgAgOCSzkmnJV1NDv2GhgocINu_dVud1Tvj9aTkLfLAwZHIj6jT_m4qrns00SFloKKczPamsyZeZ_DsepkstTcfXoerzpXD7UgHVCUpX6PDQjbUtOWN1yxuAgnElRSPHIQoYyozwOJ0q1ceO32FatrRH3HzbgqdXQGuFEfrhKZtdRQO9T3XUuYBK41IXTKewwKk9SQQcclvYy1b7PzShc85HU8lqmEoJzAHo_ZbdkAb-3HgbbcyTKRcm7nnlRyn7hTAeVaBCL9arxt8VnBcBy93k1pRGZh8OOnC0fNmN_PFC-cSf8EBCSt6onKGi82_jKrcx1_gGHBFHntkoEBDxGwA7XDOqELKzoixQrvezaRjYsY2YXDP13c6O_TjQEe9izqbW1wOQsMNqq0op-JeDm1MsR-F5be41_cVdkX3_iYO6eSlRU3saVFNjrz8S2wVz9CHRHGaKoBMflexjz0_tX6EY-aafYVv1aDv0kmyuAUXuvOa3nf0BTIIXbXrH44KUdpMFkZCbjt_Rc-pA-YC5Z4ctkuhcWK4vN7cRafXebtaRdh1L5TaGDzFtWQwKDGcPnaWP6PbMBlA_KBBAy0dkYuJ0PqEGW9eLaCKqLHpqSCeVn9FuDrVYUpqT80tGtMvRqpxqWyAcEg279a56oHVCBIlNxuDtY5O&cid=CAASJeRoMD4Zs49QJuGJR1wRt9etW_CsPeg5ARniHRWg42P6HP4eYjs&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
abbf89f6976857105dad6d6d56fe1a6b5a956758ce3565ff5f4fbdd6b62ca2ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34507
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame EB1F 		42 B
65 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CY5FZ9xakNE2McPSc9zfUILnFivNcEPqAjZhIRYXj23sG9KjZf60krhueY_mpRrwxiorgn9O2uBSsEt_YFh0RL7YyZHGRt8BBqkxJw07o6e4WJLf0
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame EB1F 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:19:17 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame EB1F 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:48:38 GMT
l
www.google.com/ads/measurement/ Frame EB1F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSNoUvNqfTSOMBE8awJICSw4xzGgYmPYY5kZRPgBKxedQ12OrgD7RO2vxso8zvRyLr_soH_Hy7lRK61MM_UFD4mR0uNOg
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EB1F 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:42 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 0338 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C4QDXVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBMsCT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkiasZCQSobWkAJ_MLLJ9CZXrbDJJBnLMFdqb_TSKAAOqXyW9fStO9OAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODCACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=AaW5ND4Kq3c&uach_m=[UACH]&cid=CAQSPACsnQUxWj8p70M9GUWnmoIoBBC8ScuFyXutMl25wCwXz4EGV_PR4bUUy0oWsQcPSmnINH1NAiLQpgpYthgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f156.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
notify
rtb.jp2.as.criteo.com/google/auction/ Frame 0338 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.jp2.as.criteo.com/google/auction/notify?profile=14&payload=kbG-FM7xBnjYBGL4LRICAAAA-ONZtFtuTcNIE3LHEFXyMmObSHI2fyjrviP-8wASAAA&wp=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.74.19 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
server
Kestrel
server-processing-duration-in-ticks
112942
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.as.criteo.com/delivery/r/ Frame D91F 		172 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.148 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
7f3bccceefed6eed14948323678ba36af23cb1baa27e95258bff7c9b84ff9de9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:42 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.as.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.as.criteo.net/heavyad?cppv=3&cpp=LGAxPraOmZcNrrxli9i9X7qmuZr_xzwMs5y3Aetm9uIvS63QdQmqK4jb3ZL0CRqQxNc8YNTF3BmA1lmn5vVW0NBwszk8U-i53VKxw1nN03Hke_9Zw4sAf3LKu5t5_08-CjRO_A0jO63fz0JEcdStNS7pgI4CHwSJI3Kzmkib05t1Y-XEci4Fn7MiOP96XnOBwcPe_Dk7MgYgDhINDyuYx1UMIVOb-ijPkpKaiJvYH5o13FQ9TZz30f7Bwj2DW2WAC7GFXw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
72508243
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 0338 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:19:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2065
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:19:17 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 1BF2 		1 KB
751 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
40449
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 01:39:33 GMT
etag
48472445140208031
expires
Wed, 28 Sep 2022 01:39:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 0338 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
cafe /
Resource Hash
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:48:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
304
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7553
x-xss-protection
0
server
cafe
etag
15375136450269253166
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 12:48:38 GMT
l
www.google.com/ads/measurement/ Frame 0338 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSD6L3Rt6ZRq45HQVAW0PBPUtX9iCwGCIiWcsahxNcAkd7Epu00x2vnKLCaVaJeiO6boLwlm8EgcKk8iGRpCgWt9ZUHHg
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0338 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 11:01:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
179536
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 25 Sep 2023 11:01:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0338 		140 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44528
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1664191987193040"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:42 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame C516 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
81e695a8f6a78b0d287200c58c3b2502e22cd886cb74ea19c56d2922dcfcf275
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11231
x-xss-protection
0
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 146C 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473605
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
sd
us-u.openx.net/w/1.0/ Frame 8CC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXhlYFBtDLk2ucGTbWwhovPJkP2byKRJ6Bvb9Y8dUEUuyOsMigHmEbNioxGN_T4MSc9CaV6E4K5SLLeY9lN1s06WRX77A
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8CC2
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzY4ZDU4ZmItYTVkNy0yZjUxLWZjNzMtYzg5OGYxNGRhYzcx
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzY4ZDU4ZmItYTVkNy0yZjUxLWZjNzMtYzg5OGYxNGRhYzcx
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXhlYFBtDLk2ucGTbWwhovPJkP2byKRJ6Bvb9Y8dUEUuyOsMigHmEbNioxGN_T4MSc9CaV6E4K5SLLeY9lN1s06WRX77A
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Sep 2022 12:53:42 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzY4ZDU4ZmItYTVkNy0yZjUxLWZjNzMtYzg5OGYxNGRhYzcx
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 8CC2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEHricMQj7FllCAIDuYVGrFo&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEHricMQj7FllCAIDuYVGrFo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXhlYFBtDLk2ucGTbWwhovPJkP2byKRJ6Bvb9Y8dUEUuyOsMigHmEbNioxGN_T4MSc9CaV6E4K5SLLeY9lN1s06WRX77A
Protocol
H2
Server
23.74.242.157 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-74-242-157.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 27 Sep 2022 12:53:43 GMT
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEHricMQj7FllCAIDuYVGrFo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8CC2
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Njg5YzdkODctNmZhOS00OTI1LWE1ZWQtZDY3NjViMmEwNzJk
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Njg5YzdkODctNmZhOS00OTI1LWE1ZWQtZDY3NjViMmEwNzJk
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNXhlYFBtDLk2ucGTbWwhovPJkP2byKRJ6Bvb9Y8dUEUuyOsMigHmEbNioxGN_T4MSc9CaV6E4K5SLLeY9lN1s06WRX77A
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
akka-http/10.2.9
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Njg5YzdkODctNmZhOS00OTI1LWE1ZWQtZDY3NjViMmEwNzJk
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Tue, 27 Sep 2022 12:53:43 GMT
sync
partners.tremorhub.com/ Frame 80E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=tremor_video_dbm&google_cm&google_dbm
  • https://partners.tremorhub.com/sync?UIGL=CAESEK1L_jtrPMwoS_vcWuhDbJo&google_cver=1
43 B
182 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partners.tremorhub.com/sync?UIGL=CAESEK1L_jtrPMwoS_vcWuhDbJo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW1iU5ag5J_bN2lSyEZ--iSFVbiyuZ2RUV7rUOSs1suLh4NqLoarIG5D6y7t7WiCAFeIGxr7LsfFpfw_N78n9kROW6twg
Protocol
H2
Server
44.205.31.153 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-31-153.compute-1.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
server
Apache-Coyote/1.1
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://partners.tremorhub.com/sync?UIGL=CAESEK1L_jtrPMwoS_vcWuhDbJo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
283
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
partner
sync.search.spotxchange.com/ Frame 80E5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHGW8y3JwMmTyi7_qJphEYQ&google_cver=1
  • https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHGW8y3JwMmTyi7_qJphEYQ&google_cver=1&__user_check__=1&sync_id=6b1bb4f8-3e63-11ed-8742-1547970c0407
43 B
548 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEHGW8y3JwMmTyi7_qJphEYQ&google_cver=1&__user_check__=1&sync_id=6b1bb4f8-3e63-11ed-8742-1547970c0407
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW1iU5ag5J_bN2lSyEZ--iSFVbiyuZ2RUV7rUOSs1suLh4NqLoarIG5D6y7t7WiCAFeIGxr7LsfFpfw_N78n9kROW6twg
Protocol
HTTP/1.1
Server
103.71.26.126 Singapore, Singapore, ASN132134 (SPOTX-AS-AP SpotXchange, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:43 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
45
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Tue, 27 Sep 2022 12:53:43 GMT
Server
nginx
Location
/partner?adv_id=7025&uid=CAESEHGW8y3JwMmTyi7_qJphEYQ&google_cver=1&__user_check__=1&sync_id=6b1bb4f8-3e63-11ed-8742-1547970c0407
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
33
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 80E5
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
  • https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmIwY2E1MzEtM2U2My0xMWVkLWIxZDAtMTUzMDllN2QwNTA3
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmIwY2E1MzEtM2U2My0xMWVkLWIxZDAtMTUzMDllN2QwNTA3
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNW1iU5ag5J_bN2lSyEZ--iSFVbiyuZ2RUV7rUOSs1suLh4NqLoarIG5D6y7t7WiCAFeIGxr7LsfFpfw_N78n9kROW6twg
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 27 Sep 2022 12:53:43 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=NmIwY2E1MzEtM2U2My0xMWVkLWIxZDAtMTUzMDllN2QwNTA3
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
57
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://um.simpli.fi/gp_match?google_gid=CAESEIVBQs5orF_22ltGkA7nNH0&google_cver=1&google_push=AZmPxg94PUZ0L5rpW16_We6FEYFKE55Pdlj1de892x7YgNBCZMz1UrnR1EaNpYVd_qLIwqKVPG9uUeimwN0675xPMl29tCKEcKGggt...
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9CD9D5E126244C9884D0E9EF5D0D91F0&google_push=AZmPxg94PUZ0L5rpW16_We6FEYFKE55Pdlj1de892x7YgNBCZMz1UrnR1EaNpYVd_qLIwqKVPG9uUeimwN0675x...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9CD9D5E126244C9884D0E9EF5D0D91F0&google_push=AZmPxg94PUZ0L5rpW16_We6FEYFKE55Pdlj1de892x7YgNBCZMz1UrnR1EaNpYVd_qLIwqKVPG9uUeimwN0675xPMl29tCKEcKGggtm-TGIz5oa-JCekCD3A5gHSA7WoLHyrvb18DKcGXQqNerqq8E9ssA
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Sep 2022 12:53:43 GMT
x-content-type-options
nosniff
server
openresty
location
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9CD9D5E126244C9884D0E9EF5D0D91F0&google_push=AZmPxg94PUZ0L5rpW16_We6FEYFKE55Pdlj1de892x7YgNBCZMz1UrnR1EaNpYVd_qLIwqKVPG9uUeimwN0675xPMl29tCKEcKGggtm-TGIz5oa-JCekCD3A5gHSA7WoLHyrvb18DKcGXQqNerqq8E9ssA
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 26 Sep 2022 12:53:43 GMT
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://v9999.adv.admeme.net/drtb/n?google_gid=CAESENJreJgLDsRUk2hrIciM1kI&google_cver=1&google_push=AZmPxg8woMKay0YzA4MDZeQ3LoxWj0LDGgiQYcutIJE5NGotKLFKWehN17UW3tDboo8lAtOwuMpNv3gaqy21EMzeGYMS_EcD...
  • https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8woMKay0YzA4MDZeQ3LoxWj0LDGgiQYcutIJE5NGotKLFKWehN17UW3tDboo8lAtOwuMpNv3gaqy21EMzeGYMS_EcDRcnLH_ebL62r4L_5I0COVGWCIEdpCbJSEd2jLA...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8woMKay0YzA4MDZeQ3LoxWj0LDGgiQYcutIJE5NGotKLFKWehN17UW3tDboo8lAtOwuMpNv3gaqy21EMzeGYMS_EcDRcnLH_ebL62r4L_5I0COVGWCIEdpCbJSEd2jLAYwgemyY7DndG7GcXqHNxo
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
http://cm.g.doubleclick.net/pixel?google_nid=kpis&google_push=AZmPxg8woMKay0YzA4MDZeQ3LoxWj0LDGgiQYcutIJE5NGotKLFKWehN17UW3tDboo8lAtOwuMpNv3gaqy21EMzeGYMS_EcDRcnLH_ebL62r4L_5I0COVGWCIEdpCbJSEd2jLAYwgemyY7DndG7GcXqHNxo
Date
Tue, 27 Sep 2022 12:53:43 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3unJglSp9J...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3u...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3unJglSp9JF3BjQMYeA&google_hm=AWNWp0OSnu_Fks8ADsWuI7HhIcA
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
via
1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AZmPxg9HrGinDRhXqtCJAcIaSlfQ45um9uSrHy1CGX1dVe6H1ANAcKptqQUnR3LDu7HeKUXVhwjJdJA5ASCb5x7Vr4AC93H7bxxRxFbyyWbZR0yWxwSe305-UI1gYtJyQKPi0fNh3unJglSp9JF3BjQMYeA&google_hm=AWNWp0OSnu_Fks8ADsWuI7HhIcA
cache-control
no-cache
content-length
0
x-amz-cf-id
9sg3Pa0xl2IM7ZHh6M1aVsH-nB01H2t2GK7xpQCqZ4YiC5rpUjzysw==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://s.uuidksinc.net/match/47/?remote_uid=CAESEA0koD_R9vPprhGvjOmTJX8&c_param1=AZmPxg-hhpZopZZ3G7UzqxVVZFevzl2LUU_IeVT-isIwHZQImUTKNpaBssXYXffPdRSVN862NFKyo4naKInKOOaOUCD-JqpCABMpi53BRFuZ9XEXe_s...
  • https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-hhpZopZZ3G7UzqxVVZFevzl2LUU_IeVT-isIwHZQImUTKNpaBssXYXffPdRSVN862NFKyo4naKInKOOaOUCD-JqpCABMpi53BRFuZ9XEXe_sf7iAozkRKGsi0FyESr...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-hhpZopZZ3G7UzqxVVZFevzl2LUU_IeVT-isIwHZQImUTKNpaBssXYXffPdRSVN862NFKyo4naKInKOOaOUCD-JqpCABMpi53BRFuZ9XEXe_sf7iAozkRKGsi0FyESrV9SC-eCzxSf0UWj-s3unw
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=kadam&google_push=AZmPxg-hhpZopZZ3G7UzqxVVZFevzl2LUU_IeVT-isIwHZQImUTKNpaBssXYXffPdRSVN862NFKyo4naKInKOOaOUCD-JqpCABMpi53BRFuZ9XEXe_sf7iAozkRKGsi0FyESrV9SC-eCzxSf0UWj-s3unw
date
Tue, 27 Sep 2022 12:53:43 GMT
server
nginx/1.19.0
content-length
0
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pO9ZAW3Srib4OwK5d-65w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pO9ZAW3Srib4OwK5d-65w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_wKFMdukKFZ5d6BhcdOIhLtwRv1TuG6OsE7amvamfcviC9vOWqZ_dYjVKFIsi9yqKXqMFBudPoRQuL_aSOeKXwkzwvBx5ggCWZLypJhkIQLzfCTsbbjbBTBGrkT1dbwy8sHPBx42G-1qD_T-dNfg
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pO9ZAW3Srib4OwK5d-65w%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AZmPxg_wKFMdukKFZ5d6BhcdOIhLtwRv1TuG6OsE7amvamfcviC9vOWqZ_dYjVKFIsi9yqKXqMFBudPoRQuL_aSOeKXwkzwvBx5ggCWZLypJhkIQLzfCTsbbjbBTBGrkT1dbwy8sHPBx42G-1qD_T-dNfg
date
Tue, 27 Sep 2022 12:53:44 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEHHC2FDpXdnNoFyQT3sXOfk&google_cver=1&google_push=AZmPxg9m1M5tsrWd7Hsx_FJuzNTil7SZNGfJ4BAw1DUyceIbP7o2e_QjvQXL9Urz77CjZX2eCZ0ESTqTN3oNSL_...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=RDiN7Of6RbRfDq0r9bEL8a310Qg&google_push=AZmPxg9m1M5tsrWd7Hsx_FJuzNTil7SZNGfJ4BAw1DUyceIbP7o2e_QjvQXL9Urz77CjZX2eCZ0ESTqTN3oNSL...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=RDiN7Of6RbRfDq0r9bEL8a310Qg&google_push=AZmPxg9m1M5tsrWd7Hsx_FJuzNTil7SZNGfJ4BAw1DUyceIbP7o2e_QjvQXL9Urz77CjZX2eCZ0ESTqTN3oNSL_F3UeU6PkWY5tE9z-nQLCQEUA4TmjZ6EoLIEP9WqyPbt53lwVfrqC4j0tIPVgqFOT-XrM
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=RDiN7Of6RbRfDq0r9bEL8a310Qg&google_push=AZmPxg9m1M5tsrWd7Hsx_FJuzNTil7SZNGfJ4BAw1DUyceIbP7o2e_QjvQXL9Urz77CjZX2eCZ0ESTqTN3oNSL_F3UeU6PkWY5tE9z-nQLCQEUA4TmjZ6EoLIEP9WqyPbt53lwVfrqC4j0tIPVgqFOT-XrM
Date
Tue, 27 Sep 2022 12:53:43 GMT
Connection
keep-alive
Content-Length
297
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 1BF2
Redirect Chain
  • https://sync.inmobi.com/gob?google_gid=CAESEIEdoY5EFi6jEaAYHjytOS0&google_cver=1&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf...
  • https://id5-sync.com/i/495/0.gif?gdpr_consent=&gdpr=&callback=https%3A%2F%2Fsync.inmobi.com%2FgobRedirectFromId5%3Fid%3D%7BID5UID%7D%26google_push%3DAZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Id...
  • https://id5-sync.com/c/495/0/0/1.gif?gdpr=0&gdpr_consent=&us_privacy=
  • https://sync.inmobi.com/gobRedirectFromId5?id=ID5-ZHMOMU0fISZOjSBOpWbtHyLrfvQGxixY-grNULWe_w&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAV...
  • https://cm.g.doubleclick.net/pixel?google_hm=L5Pjq7lnNJi0L8DgqG61&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_hm=L5Pjq7lnNJi0L8DgqG61&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96Qk97MAhgtTuUa30WHnv8xjAQhsdDE-DRzHj8a&google_nid=inmobi_new_eb
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

content-security-policy
default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
referrer-policy
no-referrer
x-permitted-cross-domain-policies
none
date
Tue, 27 Sep 2022 12:53:45 GMT
expect-ct
max-age=0
x-frame-options
SAMEORIGIN
x-download-options
noopen
content-type
text/plain; charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_hm=L5Pjq7lnNJi0L8DgqG61&google_push=AZmPxg8S31cof93k7eo48qC_hwSCh5xtdIy9J9-KOF1936Idr08c-rYg9cTvulxh505_JxGgcKRDh8DluH0xCXbAaFAVN45uYZfJKTbf2rhCIXajDDXkF96Qk97MAhgtTuUa30WHnv8xjAQhsdDE-DRzHj8a&google_nid=inmobi_new_eb
x-xss-protection
0
strict-transport-security
max-age=15552000; includeSubDomains
x-dns-prefetch-control
off
vary
Accept
content-length
281
x-content-type-options
nosniff
attr
cm.g.doubleclick.net/pixel/ Frame 1BF2 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KfMQ6G0ICWiFJICBx2xxG0ImG7KoEkKlP99dE4fyVq3exDMYgUmFiHriZCS6VcnRBv7WZ6OA
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 49F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=2221928534233017&bg=!e3ileDzNAAYIxsuQKMY7ACkAdvg8WuuU_HRU78o_mBLG7KEJhKqfxOK6se5H1HcnyQ4D0XeDVkcy5wIAAAB2UgAAAAJoAQcKAJrMIH_-4WzT3xHZuCqeOvP1z0vHBtmc-HZIqLeJyW3o_sJpjzW01aiWioJBx8j-68FHs8rGytQkQgEIdltS7FM-OXnK4CYKjCbG8yuMcntsG3nzD42ohZPOtoIHIZdEJi80mOF4S2yJ1TzOjdQ4f8UvCRUorxgMHH8SCm613w9xQarELEordN8gt9IKqfMWvcS1wgwdhmhcGFaXmQK3TjMuABPR4laoZWDW38PVf3NFgaTGbgSbsK3sNSuNy6uWo7MRZya-QFRdkA4BkP8v6mdkfnZJsTpZ2UwF1xOCpNeN7XxCTqsal_FdEplIhiWcIxDh7-QBhY85RD-rvQlNp9zEWREXLhFDMCDBQsU4PtyBlitDYGwL-B_GuxKVExjcvSIit5rwDvsL24L6n54T5zJrrHoXORv4Ak4C-6LQYoUuTrghSt66Ic2Q1RTTE-v6AD3IaHKC1T4cgz5aQn-j4R85xyxCb4vyz0vWbo3S4Ndrp-l22OHoEQuMdxvmqZN4FMFOhqvKVub0U0IAQHLPAtGaoXZB43AK1BQlK6fbopjCgXS-znwTW5HXvDdUAPUuJSJIc1zmEeAQYd6oBY_62MWtB62Ulawp_iUbPCFHiSVFbQMQtCh2qJ2MbB3OqQ8Ihcah05frb0oXGBkSwCPrlxs7EDOJZF6A1w1VXYQas66pQIFAG-dACRgu71pvd7wO92mdmUyIeN2hoBtbya40pl4hIMHTvpN4wCIXdgMVpXSlP4pcvb99-S8usGP0fEbF6rvEGSKatckA5dsZgg7ZR8cWejYNqD3dbG_ErLdQDR3JLSYMqm_fXGGEpyyk_f9iFmtDXRUMfdVjG7GjYqdj5KWYkke4gn_48R-b8yb615JwNLnjOBx7ufTPUmNjeneKl34Pi3ioMXaOmKDk4KyeRwnOJaRpP9BmgXfMb8ABwuOt0hdb0-XosorqU1HjXyTxqb7GPoK88pDjCuvQEUziRUh_LvxuO6sINTXZfUY_Jp8tEhTCvWcTXt3AJYQI944-1wFkr1YCfjCkSIilVxLY0FGgMuu-iWMyjbxBygOfsA4c_0OOyhUeGRhDDajtsv3sMgWi966ICPa-miW2GgfGOx3ktWaRAg3PU5_9wSUjJmJmgzjHV-c
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame C516 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:43 GMT
truncated
/ Frame 0338 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1abf57c49607ef8b1dd4d790f06e1fd18567ba485d2ca0403714279fc50b4aa

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 047D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092101&jk=1432865179791868&bg=!LS6lLmrNAAYIxsuQKMY7ACkAdvg8Wr0qTp3jZzzf08dDB200vRcFSeEoaUkAGdbPfeCIQaQlG0yUWwIAAACtUgAAAANoAQeZAr2GQARgIs3MKq0kuzi4Wv7E0yY8vl7OP8Wb_h2Ta3-H9eZRRUbfnv7Ki3X2lMN31mVg6siBkEmN9heDFZROZDPRdzZrydMGHJhQ4JwluWeNQIkNcES905Kxws5-19_KrnmDx8bMC_dfUovrCuKcKy72s6S9J4MmqvPBQqEHo5jU-J6Uv2AfoKplNbB56Gmr_CSIvxnr1-p9lV5aUuif6PSfbfYo5fbsm-7m-0RDxcIdZ5XCjDONojgPKFe3pNbUDXzTgpeObCfulce1GOtpBwHGbMe9Akk2ukO4Zno5aBYxYpcHW0SaQosWsMcbj3c-mRNv167ulDeCLyZUbk65AKfFKkpaUzalVsaMvq_IxRpXU9xHPmSDqbIg_MwHPiTxqcAXk3lK9VOVNpHZpubTOC8rk-OiP04A_VkCOz31ekhHZJqmZEZJvQZFWKgGsILvxoN2icxYlYnmt1y44aaKf-YitPEwuygCGrAvyTK5kEB7ybCACsgeTtaqb8TpIaSDOf9K_Q61tjhJowwLDP0DxdmjEJkp8kn9inIJ24eEowbumzHWTYLjgJSQpbMXwT8aj-B1wTp-u-ZE1fn1l6bkoGXRDtR4zlHA4AsEKMjOUFG0QQmmlOybDFpMRnz12Chx7ZBhVcwo4TeN3gxu65ji_QuxUs16n4Wtpmp--DuvLYyjEi9zLY4b40nxEzF3F9V3D7Ykbrk1nOW2IYu4y7-fwCVEpS5EUi4uo0NbJRSF5tUzcjL9kkhFGPvtH8Z9lx4KedLCyiTttVWisbn_nrLUg9M4YvwZw6Qya_lB3CvlF00aBh9G_nuyNLZ9ZbTImlVH4NDPmHVpoOSgYcJYCMH2rp48s5trdKeht-arJRvY-isktjmgYZF3kFPGn0ZN6YYXQ52jFZdqE5sWqTy5cjdEEdPrbogzq_TYD5P2Nfv87g
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
WOOD0342_reliable_power_300x250.html
s0.2mdn.net/sadbundle/2717636683251514590/ Frame 5D4C 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
421ee0579432a67a0dfa8b86098fff22e71a841d241323667303e53b98975b88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
826
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
2354
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:39:57 GMT
expires
Wed, 27 Sep 2023 12:39:57 GMT
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 13C6 		0
445 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEItXoOyaA--wRpVXrsCz-vTP3nh7L03VFBGkMhtSXXWIeNXwz2SWOnm27IsMeLGtiombMCDkHnjlWShzB1Ptez18OqddH-sgTE2QIGuoafDffJ6u-BlRZnoreD95LfMqT-afGhh3rmp0B-mAaiTxlix0iqk-w6-5gyNXPaTPVBSlSE83LSK_sljAXOAEXdrPOC1gyigEMGdLIqHuK_ZXvx5HQeM-U6q0gWmmJ08iJPvWiKMcjciH4o-MzhPHvJ1pU-BmWfziA2ZN7bvYjx8Ekw8QzvgthUGbdgIzhqbDgaVgTRLsckRmWhQLon5F9trK60NtMw88TxjI0cS20G6GKIlM8Lg3TJ5vrLg94OxBuhCiuXwLvdnnVtale89xFpV0OyepNHhZm-zWVJdDCYFGlYTwYif6_3XHRrI06Ig3A9isyuDiIGWfGwLpTm5RfM4mjkogrWigVZntPNxlgSAC1FX0EGgUXOd-5o_bhVLlhaEFplV9wEdeTJL8dcEtpPvgx3u_RyZmfLZSvxXv2MunvBiiBamjEYe-Z1pqdPh6OWjr3mYEcgCs8bUMz22FduAoVhUKh3lexu2npG9MFOpWiHWwawH-LXD7IA4R0Qd4XNrxV6FpLt6XKJ4XPPJSCBKq26Pd699Crkg-N_vWAMXR9TmajllUBESofCFYS6AhL9tDiohysuBKvTCWZhwDwCz-ePXbW6YbPOCT2ZP0fmqlT2Tj9C2o9IWlzEMuw8TmWPgU5vo1J_rNe9FSS0oiDWHKJS0q-JWWW5S4-Dl_NMAsf7nkE6Ps_Y9JVokBtOGgD7e8owVLjVS19-b6y4Rg5CarhIEYklIqbWk_tn6wVZEWfSBrxZ9FcArKh1IOZuIBTMBIzT5sFeilerJjXONWWATUkygQoBYIw4bkbv_WAxYzhILZnIHe-I6o-_lFsPxywugS0zhfpKaj0YhBnN7nLrvXImdZJ1wX_jE-V50uBtANdMFKgsq7wntU3hEKqFrvRqprQZVDGstQ3WIppbl3XrWUXO7jCbpJJGkp5p9A-gCnULFxowIXjQnNGMM-2YHmHZ9A5FnHCUjGMEqxseCIrQRfXNoUhwu77XeT6Ulmtcn27KXiLBGwctRgwaygTBrN9ufPecLiJtqfiB_vU9IJjbESuO7aJQa9vuNhPEBpAH2TQb79S7LsySjtmIkZy6QtgSUJhLwG0Bw&sai=AMfl-YT2O1d2Cs2UdBsiB82pha_6gGFSqSM2G4dTOcxUed3t0UxuEtg2R7rwvCK8nEeAeYIc872vatIlbuiJOnXIDkukdgIKGEl1ZjyHIkajSJG4Z1f0o2ysUzPukyyHyxGNStaOP6HyVmxZntiW_ZjMK3qiKqw24g&sig=Cg0ArKJSzIA9fIh8vumrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=837&cbvp=1&cstd=835&cisv=r20220922.07373&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 27 Sep 2022 12:53:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
publishertag.prebid.js
static.criteo.net/js/ld/ 		88 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Sat, 17 Sep 2022 19:59:55 GMT
server
nginx
etag
W/"6326273b-16120"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 28 Sep 2022 12:53:43 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame F046 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Origin
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame F046 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-Kvr2ylUPSJbhBHAGTFawL12TveGR_Dwr4wq_e_tT7WDZ_YuON91_pjOoJBMj8VEOaRaSlslePgSaIppLf_Zwvm4NrQ&cry=1&dbm_d=AKAmf-APr5xBa9iaLVEn5yE4nPs4n1IcPr2czxpyvfueV6qzjwQOXxTpoBe4usnsu_fp3JDYT9YEDU2qiT5k_6v0cpN0n2PIwqWy8ZQ5trkIbkiXG5LHJ8st2qIj-i0zW0RVxcMM9EW1sM88OSSHttq1wuWMSZSLAO2-4Jgj485QEhqWfPETgTjJjvs5CIRxBhwKSbtxpWJzPq5_-CKNUJrFRIYJfwbiM-iUr2x2g1Mr5VFf5Jo2WXuw8tDwO8YrJe-Uf1aooD6V_bYsUG6fIzAqJquKuW5dtmCDXje5wMZkWtX0QQEEGw-w1uDDuKG46HT6ZQc8RuOQTyB1eVNc5zudD2sYynSpdmX3CDwuzIWPaw-3_2dL1fvQoANwpA19XRFPp4Fg67kH9FHNiTRhg04-SOwEyI40t3ZZ8CA1cioEdHznlC6M-JXhRZU8T-HYOPe-6rAonqppuWCb8_Vb_BbeRZc7i7Y5-5_Zv8EFtcuHYzeK8KsGQPgqUQ8Saqd3JHzw8WEqZ8RYOQrR1ymAi8aWMFIUB9OvqFE5vJ4uK3zfwOBRpykNhMJ4as5_iXc9cKsUvxo5tKRtJXNj7e59xzA64OJMO1Ucpom3m9354J7DyHfUM0RwLG399-X7IWdUjm1dfO1TW9z7NOhGi70ttLD-WC773qZ-BdwdyCMjNhlYwaiyrQWAANUidR8-l5Wn7qVm_BgBsX8umu1zKW90njOj9z6NW-zz8GK51cowamkSJ444hRF3VNsQBR6CYjfA4jKKI3lZAX7BOG0UtRLTD3ybblQENgdZKxtpLjvJdTXleyqHGEOABQ1TMDQcLgMGxOSiFfsI33Lkw_DRQbjjdXBnwFVjqq6Jnx0ERfSahgWyUmWfLFvPGahuAF8SgjnQ1WNFIpu1dBaG8L2exQ-kschK6MJSsgRoI0xCM5Hm4JzF7LfueFrV2ok62FuFeiMAXAvoWWcHEYr0Aj5TUiN6YB85hKGx_tiA1Od54BR267BsH4KjXb1mNQG6rMKjTs5ThJKU2DXmsdDRskQ-oRjyBOELTcAvOElhrZA3ivHeWrN3O-IhRNABwdHImFAxORcUxzNV7K-UlB56qE9hYHVnslowQLCalBdNzImofCI9R512nsMmJAsTfAkcdEJowyowW49kBPhBXpGVXj91OUhsTZgydk71GyywywdrCz_2YkTtJnX3a26ZLLKQ1cfTzT7Qd9krRBgG6Olo7RNELiydX0Vr6FpLJj6mca9FGVLZcQnIxpeZahZe9i3DwsWcAP3hORU5_uT_wVjKR1G76DkAJt0XLd16ZYobRET7edszV5CX2WUhHhHmDgmyNy7s9j8eQSEhwf-DwJBa766Qpo-FAZPq8ZFtber9pnLHZNI7QSuPlPywBQjHITWxetAX0IfdH13FhE8V-P8xB96qorA2cHHrM_PbcsGJFRSKeszCwXLxytokOEG10VLrSw4KOrqKw15W94vtjaB2peDc2LXojCVHzOggjulGq03dJtW_216xpxNec4-YEpzD4NyuMoKVZzakvzZfacKWoSVxMyxR3Wkj5COwHf4db-OXCXhy7P9amQReOhA0RD_MsiwuUCU00hUBz4eOk67ry7bTMLmUeRKpKZZ8NNmuOHKd71QDF6l5LRUMYbjUGIrzd7ZcXvfx6G38V-xOPw6jmk-MiCfH_KBPJewC8Inxh-tq5FIeQA1MDTm6svQ8hxBi_Ap0bF9ThLIOgqFBzpr0P55buF-wh5-s3wDE8b3IsLeR01wPK5tbOmfO_4J10kY0G4WimBBpY3284nM6MLUk-iW7o6UrNwOSFn4Jyv8ppNp1nnMnjYI5caF6VzsBwDerb3pNKkG1wqpIFIStCnCnRHe3RpoIZlfFhbnQaV40EweozcC3lWK89zO-Uzo1BCrdSPUN6iyU9PP6bvc-sACgjt1eq30LR6oVGx4jrOXkd2gZn5wCJWKKpQ9Pe6citwXTOmKzotEZJMX-x3PD7x8ThugW8lLiTJzOAT5iVeYSl2pzaiQ9obeEGEtdlSoCuBuRS-8qsCLEnN95XkFFWP4PEgF7-wn8ThxgyTwW5Ft17-cwzWxU_gE2v9h3civ1TYJbusm-rEnXRSPyutc0RkHN7FVY3pkMDzLM_FszgXRvl51cjKfbgZKbakHLUnPzChq-KhXVVaPA1gIWEy1mwJ0mkFEth0wjY6mmUITLSzQJMyo0JYNHGLMaYz_ECMGpOo5JYQQwmK6LvVETlLERr74z_2tikDo41rR4CKrkBGLDExS0Mpe3JU0hRX0HfAgwnjSwDtdiq-fRqlsGbCQG17xjz4nIAJkvWrq4JJXD2Ub63QGIIYTjLOayrmmlhdiiZz821ZMSohPf1dYTEdkOZQky-CU1s81_WxG3XgHc1jzIyptvnWaXKHzUOdpCtwIgoh-tMRwQlYNoTCu2XGiccB1gqPbOi31eTaPW2uk1f0iFk_8iA1Q7fKc67G7fI3bYpiBhuF67D3RJYfMUc1WULU69e-SQ0sxFj4G0yUf08g_frlCNleccveyDPFaD980FaNPZz3Qm_FFYKwIhbpB0h-K6SHefT961BriGfyOq5JvSRkhIKiMPyagD-2A_IuL_3vbeo2jINPqwXGG6EjMpTeh2M4o2NM9vu6_90g-IBtmQuAkUm9lC93Ge7bL7LDhcdZj8_D_LLA6_WTU5BMr1ew_kP_K4-0ZL-aj1E-kzf4DSG3z8jb6zDL7W53e2LBAOt9Frtwx5dQYC9CctoM4cwPkeLH1ManUQmmhvD9EZgWZcY_n66jWv-3PXteUIgPx-XAWJDVefqSsNv9n0JLDfdsx8hTBDqLnFP15_YisZiNdJWZPnGYytBBKka5iqPtIpAehswA4dKaz4XIkcx18Z0omkGMx6xczXwhfnC-9fKbx6tL09vNyRr0Daw79SZ7XwcTU6k-mGPJtZAcW8x38aO_kyMrlKULPMphzQ-0CILp6l0WDAGsgMUn4OYf6SS_J05BM5vESEKD19LBVnjSI7bJl8aQ9o6kZnf0ySzQTMREBhhn0Ycr1-BWlrMOgn8RIeHfr59VCwE88cmKZ2aAJ-tqwYKtoqM1S5DnqcoYWKzQKMnXu1-N2j3BgZtMFJOCiatPScJQxC_0EZgz-CwB2nd_TVhQHUMkVPf68oddV21XZkcM89c_QHmXPyLQYf-imLkgE4KPMWCp5H5vUXrgmp3A1u3OJujgdiVmcSHzP_5prbwjKQOOyNk69tYqbStUauhMyeJpYex0SJw9Iq-46_pjLnyFfENr2tEIhryJ0XIBfN8mPIuEwSz56fl-wV4SDNNnZNuaBrb0ZsAjPaCvt9Xc0LTcEPnYramVZDA-aI1qYLNHIiiSp4R-KZfBfznY3O7T2eX8GiIeAppjkAbnN2WyG7&cid=CAASJeRo-tlzOzwSvOXJ_62zM6-fgjUJ0nEtA47aa_mucwoKr6_rdnc&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:51:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame F046 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D-Kvr2ylUPSJbhBHAGTFawL12TveGR_Dwr4wq_e_tT7WDZ_YuON91_pjOoJBMj8VEOaRaSlslePgSaIppLf_Zwvm4NrQ&cry=1&dbm_d=AKAmf-APr5xBa9iaLVEn5yE4nPs4n1IcPr2czxpyvfueV6qzjwQOXxTpoBe4usnsu_fp3JDYT9YEDU2qiT5k_6v0cpN0n2PIwqWy8ZQ5trkIbkiXG5LHJ8st2qIj-i0zW0RVxcMM9EW1sM88OSSHttq1wuWMSZSLAO2-4Jgj485QEhqWfPETgTjJjvs5CIRxBhwKSbtxpWJzPq5_-CKNUJrFRIYJfwbiM-iUr2x2g1Mr5VFf5Jo2WXuw8tDwO8YrJe-Uf1aooD6V_bYsUG6fIzAqJquKuW5dtmCDXje5wMZkWtX0QQEEGw-w1uDDuKG46HT6ZQc8RuOQTyB1eVNc5zudD2sYynSpdmX3CDwuzIWPaw-3_2dL1fvQoANwpA19XRFPp4Fg67kH9FHNiTRhg04-SOwEyI40t3ZZ8CA1cioEdHznlC6M-JXhRZU8T-HYOPe-6rAonqppuWCb8_Vb_BbeRZc7i7Y5-5_Zv8EFtcuHYzeK8KsGQPgqUQ8Saqd3JHzw8WEqZ8RYOQrR1ymAi8aWMFIUB9OvqFE5vJ4uK3zfwOBRpykNhMJ4as5_iXc9cKsUvxo5tKRtJXNj7e59xzA64OJMO1Ucpom3m9354J7DyHfUM0RwLG399-X7IWdUjm1dfO1TW9z7NOhGi70ttLD-WC773qZ-BdwdyCMjNhlYwaiyrQWAANUidR8-l5Wn7qVm_BgBsX8umu1zKW90njOj9z6NW-zz8GK51cowamkSJ444hRF3VNsQBR6CYjfA4jKKI3lZAX7BOG0UtRLTD3ybblQENgdZKxtpLjvJdTXleyqHGEOABQ1TMDQcLgMGxOSiFfsI33Lkw_DRQbjjdXBnwFVjqq6Jnx0ERfSahgWyUmWfLFvPGahuAF8SgjnQ1WNFIpu1dBaG8L2exQ-kschK6MJSsgRoI0xCM5Hm4JzF7LfueFrV2ok62FuFeiMAXAvoWWcHEYr0Aj5TUiN6YB85hKGx_tiA1Od54BR267BsH4KjXb1mNQG6rMKjTs5ThJKU2DXmsdDRskQ-oRjyBOELTcAvOElhrZA3ivHeWrN3O-IhRNABwdHImFAxORcUxzNV7K-UlB56qE9hYHVnslowQLCalBdNzImofCI9R512nsMmJAsTfAkcdEJowyowW49kBPhBXpGVXj91OUhsTZgydk71GyywywdrCz_2YkTtJnX3a26ZLLKQ1cfTzT7Qd9krRBgG6Olo7RNELiydX0Vr6FpLJj6mca9FGVLZcQnIxpeZahZe9i3DwsWcAP3hORU5_uT_wVjKR1G76DkAJt0XLd16ZYobRET7edszV5CX2WUhHhHmDgmyNy7s9j8eQSEhwf-DwJBa766Qpo-FAZPq8ZFtber9pnLHZNI7QSuPlPywBQjHITWxetAX0IfdH13FhE8V-P8xB96qorA2cHHrM_PbcsGJFRSKeszCwXLxytokOEG10VLrSw4KOrqKw15W94vtjaB2peDc2LXojCVHzOggjulGq03dJtW_216xpxNec4-YEpzD4NyuMoKVZzakvzZfacKWoSVxMyxR3Wkj5COwHf4db-OXCXhy7P9amQReOhA0RD_MsiwuUCU00hUBz4eOk67ry7bTMLmUeRKpKZZ8NNmuOHKd71QDF6l5LRUMYbjUGIrzd7ZcXvfx6G38V-xOPw6jmk-MiCfH_KBPJewC8Inxh-tq5FIeQA1MDTm6svQ8hxBi_Ap0bF9ThLIOgqFBzpr0P55buF-wh5-s3wDE8b3IsLeR01wPK5tbOmfO_4J10kY0G4WimBBpY3284nM6MLUk-iW7o6UrNwOSFn4Jyv8ppNp1nnMnjYI5caF6VzsBwDerb3pNKkG1wqpIFIStCnCnRHe3RpoIZlfFhbnQaV40EweozcC3lWK89zO-Uzo1BCrdSPUN6iyU9PP6bvc-sACgjt1eq30LR6oVGx4jrOXkd2gZn5wCJWKKpQ9Pe6citwXTOmKzotEZJMX-x3PD7x8ThugW8lLiTJzOAT5iVeYSl2pzaiQ9obeEGEtdlSoCuBuRS-8qsCLEnN95XkFFWP4PEgF7-wn8ThxgyTwW5Ft17-cwzWxU_gE2v9h3civ1TYJbusm-rEnXRSPyutc0RkHN7FVY3pkMDzLM_FszgXRvl51cjKfbgZKbakHLUnPzChq-KhXVVaPA1gIWEy1mwJ0mkFEth0wjY6mmUITLSzQJMyo0JYNHGLMaYz_ECMGpOo5JYQQwmK6LvVETlLERr74z_2tikDo41rR4CKrkBGLDExS0Mpe3JU0hRX0HfAgwnjSwDtdiq-fRqlsGbCQG17xjz4nIAJkvWrq4JJXD2Ub63QGIIYTjLOayrmmlhdiiZz821ZMSohPf1dYTEdkOZQky-CU1s81_WxG3XgHc1jzIyptvnWaXKHzUOdpCtwIgoh-tMRwQlYNoTCu2XGiccB1gqPbOi31eTaPW2uk1f0iFk_8iA1Q7fKc67G7fI3bYpiBhuF67D3RJYfMUc1WULU69e-SQ0sxFj4G0yUf08g_frlCNleccveyDPFaD980FaNPZz3Qm_FFYKwIhbpB0h-K6SHefT961BriGfyOq5JvSRkhIKiMPyagD-2A_IuL_3vbeo2jINPqwXGG6EjMpTeh2M4o2NM9vu6_90g-IBtmQuAkUm9lC93Ge7bL7LDhcdZj8_D_LLA6_WTU5BMr1ew_kP_K4-0ZL-aj1E-kzf4DSG3z8jb6zDL7W53e2LBAOt9Frtwx5dQYC9CctoM4cwPkeLH1ManUQmmhvD9EZgWZcY_n66jWv-3PXteUIgPx-XAWJDVefqSsNv9n0JLDfdsx8hTBDqLnFP15_YisZiNdJWZPnGYytBBKka5iqPtIpAehswA4dKaz4XIkcx18Z0omkGMx6xczXwhfnC-9fKbx6tL09vNyRr0Daw79SZ7XwcTU6k-mGPJtZAcW8x38aO_kyMrlKULPMphzQ-0CILp6l0WDAGsgMUn4OYf6SS_J05BM5vESEKD19LBVnjSI7bJl8aQ9o6kZnf0ySzQTMREBhhn0Ycr1-BWlrMOgn8RIeHfr59VCwE88cmKZ2aAJ-tqwYKtoqM1S5DnqcoYWKzQKMnXu1-N2j3BgZtMFJOCiatPScJQxC_0EZgz-CwB2nd_TVhQHUMkVPf68oddV21XZkcM89c_QHmXPyLQYf-imLkgE4KPMWCp5H5vUXrgmp3A1u3OJujgdiVmcSHzP_5prbwjKQOOyNk69tYqbStUauhMyeJpYex0SJw9Iq-46_pjLnyFfENr2tEIhryJ0XIBfN8mPIuEwSz56fl-wV4SDNNnZNuaBrb0ZsAjPaCvt9Xc0LTcEPnYramVZDA-aI1qYLNHIiiSp4R-KZfBfznY3O7T2eX8GiIeAppjkAbnN2WyG7&cid=CAASJeRo-tlzOzwSvOXJ_62zM6-fgjUJ0nEtA47aa_mucwoKr6_rdnc&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 11:09:28 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame EB1F 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Origin
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:51:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3727
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 28 Sep 2022 11:51:36 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame EB1F 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxO46yN61t7kBPBHGCFuJ856pTYcrqHwfXcig6LbNbGkucnHmka5Dm-oteTDse1tHyt4hxl50avTaZukzRWqwBLUQFJg&cry=1&dbm_d=AKAmf-CqGpSDU4121gELCQvtn5pzYI2WT3hIkI3dbO3OcfKwTzLAq49OovB7PtKwqsFoyD-0YRCDaTLLXgRL-4sig39x_9TJWXXG5uEC_Ku-8edth-dKsoo5p3FNvyMo3t4FlxuvJMxohWnmPJg4VJw1XqwX1Eq3NdHDB0DQw2eIq_PEZRaJbpAzcaq9YikXRn2ESTR_L27obom_MhxB0WlY74O17pb42VKHN73o2ruHB0bJbAXEC3QQUT7yfiHUJdAzPO8EufyFIq9M-vwCsTXbA8fkHXeakvRr54HgmAUMmywLLcTtNEUC9n4Tn6-dSE14p9XlRfCsVH5Va5P9aVUWlLdtEgYmzmOue7l107Y4J_JLn90PUpZR2drqEdypo5L209OGAyBkrKZkIEbZFiX83HVxY62rXADOtlJskljcfkaVUHnTQ5d1My06EO8YvgpgVvHFb8wOXI6TaBY_1c0Rprqd0ZMaT6K5hWczg7DwRQJHT_R0kAa1rwc3fyhfEazypZQxjRz6uHrlsC7wVgdsZyP87eJxKWyQzD-AIMh3x2zlKiWrhluwVhnidaMCv3Ur2vriGWWTpMNQloSBeZmM0RWz89zQhoI_1Yf6xb5WtIQg43FFKoXNBdIGHu6nhXz6Tp2kEqK0yRx-JHxMlaQ66XG47geker_tQl1yU0Afd92Yk7MsE1S_4GO_RzpmpZAVGgaNjlYhrrMch_FBQBlC9cBrAHBnYRM9OcOd6FbLK9lK5PYTpCmFovYF6I10_ZUx1BLqIYOnTTHnnnoPGguZMGuB0KYGqB-Ouip9c1VpoixWb0LN_suLU6MHx5X2ghQvgb2HekEGN3ssdZUP3t78z0Vun7QZ3vRR3FbJMlUaOb8SCaE8MtN_zE2l8HjFBlMVw5wRRJ33r9bTdd_vdyDOye8aJmf-z2piWos7E8f7MbvZKG_Fz2QXLOVqUuNm-4H_25x5m9zw84yQyr-LnoyvRwSyPGLBFnr0dV2nbhNEMOIb_8jsYeqHeLISTgj329VWbDg1Gefn_OKefAxbmIQnDdoqhBw-hL1h3mkAZ9p6H-B0PWF6F6rFJGFSIpI8Nfao6k0WPygk4JTewMiEtgKaMAGP_YBHFxQjTdnsHCqsJzgilZBGNBLqlxX4OWoM_h4WOApEUiAJ9_a1yNrUiM2TZXLkfUOD6x3FDtICt2RPVORTKZ7nC9w_XTijxkUr1MGTcQgKy-6lrHa-tpMxRj3qg15xl2qgElAYI1QI0o8BTvrfe7-xqANtuUtg--o3tbgpFhnN928AqaXgejyIhMS49HB_5jgFSaXRr_aGjR-RsXpXcK_u2qDlMOBhx9ULo_zrnGNmdmW5jIisutdh83SJHgOGVsTtnfQB4hwIkV6GKf3HUVx2EzUwZh5vthfGTkfXAarIgest3CDtB1hOBXvy888mIfn1fgET623o57xyUILsCaRr-Bkf0eSpohKRwYqz6kms-kp9d3lbEW96fvrFYjejMmm6TclklENcWH3bcLk3orND1zwheyJ2Zix-tDznA_LXd5NsQck1LhH4BH3At5d7p5V4HdDdPikVf2jHDUL2m6Es6u8zEcwys6lx6VFRlCSWhODMsvRA_MqbVoVCOFih262zzR7DNMcc1AxR6C8acEaiGN3dP4cz5dLQyQygG9MYqgfYMovDxtMTp3JczJsVgn6fx7Tw-Xt4_T4_a57HucZ_d5qAOoOfzH35CMeRp4rV183HU4494qzJ5C1C26eMRR4xuA8BGR3YwZsTYvx7u20oW38XYCqnW3mvpZto1hCxFo2dAFMTKa9nq9meLsAmVLuBWRpYAVdll4MXDpx2a5n8KgtLE33ydod6oX8C9gQvHx0XONWX34gmSYEK1L5QyzmR8JFeNE4NaW1rih_Z3KhnGSiF3gmJWBp8h0e7QHVW3e32Vve1Vjzxi2v-jJ-GKQAQ8xMUfc5a4wrpuL5Tl53CqSTDFflKI9OxDnQIthEzsypdHpAh59kk7jbzzrRi-pRWoCEZ6lbmmlw1pjBiatMxGiaa5VQ7tEuHejZT-SQ7aeM_I0_fsDY2gzTdCB4rU9e16X2JShsFjaMBt-ArTarNtx7uozOErmv5MNxKorhVm_-6IwOCYPa-PY6zntHyaxsd3FwgBbPMg_jfFf7ZwAmTqkvDVxSMvYMWwdbIFyoM2rD_FXieDL7_22DQeC1fn36G5z_10zobCvn-j9rZPNOjoohCNh5JdjsZniMEJSD3dOszyFqma7OPsH71VgioD4NOuVRZFhxjm9sNGWz9pBgv7ea8RBYUtGQHnrbbyUGiwZfuQe40wLHYNvtiiwSNjo87I_4em7BNtBstx0GqGdKhgsv9YO1W3AY-v7ka9cO_1LV04HrBEKNYWbhvtGjHdcFFPMd5UWANfPGh-dFDARCTCGzV1uqFjQOozOLRMQpgQCQOE3KgETO8KMwAMIBbg9P-wtvuPHPlhdhNEh8BiyCfj8iTbU76-8XfaCdxFzjBxiLfieckFx2hoTe8_egmKIh3hLmJewKyiM4csLJJfSDBMGG3jywTF5nVlhMi7dCi7FCTF8N57ZeZYXSVO-4vKAhSYVzkK5IfBR2UjI1iexMc9fg0DF-NeVpa9x4G6TrKoIKQ8oSrVnnftB3dDtrxoCuPF6P8UsENwzZGH34tNw1_Z1ncIAC3AWe-ym76YCIwH_ceGneeqEqsMTq5D1Bg0g6BE1SWfnflOLkvBrgAgOCSzkmnJV1NDv2GhgocINu_dVud1Tvj9aTkLfLAwZHIj6jT_m4qrns00SFloKKczPamsyZeZ_DsepkstTcfXoerzpXD7UgHVCUpX6PDQjbUtOWN1yxuAgnElRSPHIQoYyozwOJ0q1ceO32FatrRH3HzbgqdXQGuFEfrhKZtdRQO9T3XUuYBK41IXTKewwKk9SQQcclvYy1b7PzShc85HU8lqmEoJzAHo_ZbdkAb-3HgbbcyTKRcm7nnlRyn7hTAeVaBCL9arxt8VnBcBy93k1pRGZh8OOnC0fNmN_PFC-cSf8EBCSt6onKGi82_jKrcx1_gGHBFHntkoEBDxGwA7XDOqELKzoixQrvezaRjYsY2YXDP13c6O_TjQEe9izqbW1wOQsMNqq0op-JeDm1MsR-F5be41_cVdkX3_iYO6eSlRU3saVFNjrz8S2wVz9CHRHGaKoBMflexjz0_tX6EY-aafYVv1aDv0kmyuAUXuvOa3nf0BTIIXbXrH44KUdpMFkZCbjt_Rc-pA-YC5Z4ctkuhcWK4vN7cRafXebtaRdh1L5TaGDzFtWQwKDGcPnaWP6PbMBlA_KBBAy0dkYuJ0PqEGW9eLaCKqLHpqSCeVn9FuDrVYUpqT80tGtMvRqpxqWyAcEg279a56oHVCBIlNxuDtY5O&cid=CAASJeRoMD4Zs49QJuGJR1wRt9etW_CsPeg5ARniHRWg42P6HP4eYjs&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 10:51:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
10699485926258732851
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 10:51:12 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame EB1F 		30 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxO46yN61t7kBPBHGCFuJ856pTYcrqHwfXcig6LbNbGkucnHmka5Dm-oteTDse1tHyt4hxl50avTaZukzRWqwBLUQFJg&cry=1&dbm_d=AKAmf-CqGpSDU4121gELCQvtn5pzYI2WT3hIkI3dbO3OcfKwTzLAq49OovB7PtKwqsFoyD-0YRCDaTLLXgRL-4sig39x_9TJWXXG5uEC_Ku-8edth-dKsoo5p3FNvyMo3t4FlxuvJMxohWnmPJg4VJw1XqwX1Eq3NdHDB0DQw2eIq_PEZRaJbpAzcaq9YikXRn2ESTR_L27obom_MhxB0WlY74O17pb42VKHN73o2ruHB0bJbAXEC3QQUT7yfiHUJdAzPO8EufyFIq9M-vwCsTXbA8fkHXeakvRr54HgmAUMmywLLcTtNEUC9n4Tn6-dSE14p9XlRfCsVH5Va5P9aVUWlLdtEgYmzmOue7l107Y4J_JLn90PUpZR2drqEdypo5L209OGAyBkrKZkIEbZFiX83HVxY62rXADOtlJskljcfkaVUHnTQ5d1My06EO8YvgpgVvHFb8wOXI6TaBY_1c0Rprqd0ZMaT6K5hWczg7DwRQJHT_R0kAa1rwc3fyhfEazypZQxjRz6uHrlsC7wVgdsZyP87eJxKWyQzD-AIMh3x2zlKiWrhluwVhnidaMCv3Ur2vriGWWTpMNQloSBeZmM0RWz89zQhoI_1Yf6xb5WtIQg43FFKoXNBdIGHu6nhXz6Tp2kEqK0yRx-JHxMlaQ66XG47geker_tQl1yU0Afd92Yk7MsE1S_4GO_RzpmpZAVGgaNjlYhrrMch_FBQBlC9cBrAHBnYRM9OcOd6FbLK9lK5PYTpCmFovYF6I10_ZUx1BLqIYOnTTHnnnoPGguZMGuB0KYGqB-Ouip9c1VpoixWb0LN_suLU6MHx5X2ghQvgb2HekEGN3ssdZUP3t78z0Vun7QZ3vRR3FbJMlUaOb8SCaE8MtN_zE2l8HjFBlMVw5wRRJ33r9bTdd_vdyDOye8aJmf-z2piWos7E8f7MbvZKG_Fz2QXLOVqUuNm-4H_25x5m9zw84yQyr-LnoyvRwSyPGLBFnr0dV2nbhNEMOIb_8jsYeqHeLISTgj329VWbDg1Gefn_OKefAxbmIQnDdoqhBw-hL1h3mkAZ9p6H-B0PWF6F6rFJGFSIpI8Nfao6k0WPygk4JTewMiEtgKaMAGP_YBHFxQjTdnsHCqsJzgilZBGNBLqlxX4OWoM_h4WOApEUiAJ9_a1yNrUiM2TZXLkfUOD6x3FDtICt2RPVORTKZ7nC9w_XTijxkUr1MGTcQgKy-6lrHa-tpMxRj3qg15xl2qgElAYI1QI0o8BTvrfe7-xqANtuUtg--o3tbgpFhnN928AqaXgejyIhMS49HB_5jgFSaXRr_aGjR-RsXpXcK_u2qDlMOBhx9ULo_zrnGNmdmW5jIisutdh83SJHgOGVsTtnfQB4hwIkV6GKf3HUVx2EzUwZh5vthfGTkfXAarIgest3CDtB1hOBXvy888mIfn1fgET623o57xyUILsCaRr-Bkf0eSpohKRwYqz6kms-kp9d3lbEW96fvrFYjejMmm6TclklENcWH3bcLk3orND1zwheyJ2Zix-tDznA_LXd5NsQck1LhH4BH3At5d7p5V4HdDdPikVf2jHDUL2m6Es6u8zEcwys6lx6VFRlCSWhODMsvRA_MqbVoVCOFih262zzR7DNMcc1AxR6C8acEaiGN3dP4cz5dLQyQygG9MYqgfYMovDxtMTp3JczJsVgn6fx7Tw-Xt4_T4_a57HucZ_d5qAOoOfzH35CMeRp4rV183HU4494qzJ5C1C26eMRR4xuA8BGR3YwZsTYvx7u20oW38XYCqnW3mvpZto1hCxFo2dAFMTKa9nq9meLsAmVLuBWRpYAVdll4MXDpx2a5n8KgtLE33ydod6oX8C9gQvHx0XONWX34gmSYEK1L5QyzmR8JFeNE4NaW1rih_Z3KhnGSiF3gmJWBp8h0e7QHVW3e32Vve1Vjzxi2v-jJ-GKQAQ8xMUfc5a4wrpuL5Tl53CqSTDFflKI9OxDnQIthEzsypdHpAh59kk7jbzzrRi-pRWoCEZ6lbmmlw1pjBiatMxGiaa5VQ7tEuHejZT-SQ7aeM_I0_fsDY2gzTdCB4rU9e16X2JShsFjaMBt-ArTarNtx7uozOErmv5MNxKorhVm_-6IwOCYPa-PY6zntHyaxsd3FwgBbPMg_jfFf7ZwAmTqkvDVxSMvYMWwdbIFyoM2rD_FXieDL7_22DQeC1fn36G5z_10zobCvn-j9rZPNOjoohCNh5JdjsZniMEJSD3dOszyFqma7OPsH71VgioD4NOuVRZFhxjm9sNGWz9pBgv7ea8RBYUtGQHnrbbyUGiwZfuQe40wLHYNvtiiwSNjo87I_4em7BNtBstx0GqGdKhgsv9YO1W3AY-v7ka9cO_1LV04HrBEKNYWbhvtGjHdcFFPMd5UWANfPGh-dFDARCTCGzV1uqFjQOozOLRMQpgQCQOE3KgETO8KMwAMIBbg9P-wtvuPHPlhdhNEh8BiyCfj8iTbU76-8XfaCdxFzjBxiLfieckFx2hoTe8_egmKIh3hLmJewKyiM4csLJJfSDBMGG3jywTF5nVlhMi7dCi7FCTF8N57ZeZYXSVO-4vKAhSYVzkK5IfBR2UjI1iexMc9fg0DF-NeVpa9x4G6TrKoIKQ8oSrVnnftB3dDtrxoCuPF6P8UsENwzZGH34tNw1_Z1ncIAC3AWe-ym76YCIwH_ceGneeqEqsMTq5D1Bg0g6BE1SWfnflOLkvBrgAgOCSzkmnJV1NDv2GhgocINu_dVud1Tvj9aTkLfLAwZHIj6jT_m4qrns00SFloKKczPamsyZeZ_DsepkstTcfXoerzpXD7UgHVCUpX6PDQjbUtOWN1yxuAgnElRSPHIQoYyozwOJ0q1ceO32FatrRH3HzbgqdXQGuFEfrhKZtdRQO9T3XUuYBK41IXTKewwKk9SQQcclvYy1b7PzShc85HU8lqmEoJzAHo_ZbdkAb-3HgbbcyTKRcm7nnlRyn7hTAeVaBCL9arxt8VnBcBy93k1pRGZh8OOnC0fNmN_PFC-cSf8EBCSt6onKGi82_jKrcx1_gGHBFHntkoEBDxGwA7XDOqELKzoixQrvezaRjYsY2YXDP13c6O_TjQEe9izqbW1wOQsMNqq0op-JeDm1MsR-F5be41_cVdkX3_iYO6eSlRU3saVFNjrz8S2wVz9CHRHGaKoBMflexjz0_tX6EY-aafYVv1aDv0kmyuAUXuvOa3nf0BTIIXbXrH44KUdpMFkZCbjt_Rc-pA-YC5Z4ctkuhcWK4vN7cRafXebtaRdh1L5TaGDzFtWQwKDGcPnaWP6PbMBlA_KBBAy0dkYuJ0PqEGW9eLaCKqLHpqSCeVn9FuDrVYUpqT80tGtMvRqpxqWyAcEg279a56oHVCBIlNxuDtY5O&cid=CAASJeRoMD4Zs49QJuGJR1wRt9etW_CsPeg5ARniHRWg42P6HP4eYjs&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 11:09:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6255
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11724
x-xss-protection
0
server
cafe
etag
16554960040364120486
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 11 Oct 2022 11:09:28 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 146C 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BAg8ZVfIyY7beOOGK9fwP2uuEmAwAAAAAOAHgBAI&bg=!XF-lXxvNAAYIxsuQKMY7ACkAdvg8WsB10NvIIjHf1lXJwjpvfJzDEOvS0duD4wKXpsh097JrHY44hQIAAABfUgAAAAJoAQcKAHhPu7lOoKR6i6Clu9v4zOd-m45dm5uGxgUqkIil4XV0pG6rUFkMixcXb7POSmXNcMo-jAu0D_IX-g7yZ2RWPuksizxYHnHSUlI3tFcyvvdBu6pbqBd34SDyYrmTpkgSMqUEttiJKWA1sKdA3HZhYjIhEWpeo8cd5gmZAwLT2Mi2eQC0G-w0KIaxU3rZ-ErJ1Pvyjv94VqS0QfJgYMLTgVCWbfEBI3yvv0Di6NbqjE8kn8_YK07unwGMwFbFBBigD7tk63CgX-8kcRWonEHJWYnGdtDeYsil2_S2uP5T_Cxr7AShOXUMOHl2IXEtQsZHMuxG0vfELjW33Ea9DmoToRnl35t7PDZQ8err2H2kZTx9KOSwJTWsVs0-cq59kJmmY7gcQmb-YRI-haWY2UXA9KzT_rBuFarFGhoaCWdhGQu9ZXE16vKqkHw-fWJGRo7CiEGpBY6K052HdJJjbN0U_4YYMAEBSI96DchZE3sT41ncj466RtAcmoNtPRZFekJozaKAJiuxy17wNTxDq26b4SRHKG4XNuM6Vr6xknHyhZKOortRTnUv51J2p5B6rkUuC6J1xwpD0B1m5vTLNM8J03KVpKnGOed1aD9bWSEJEN62BUG6xU_ogPIVY--fG6ROv3FwUtzFi1c9SD8x3YQL_KOhMNgnyc_k5Jwzzx8e4bXuJO_-eXrXSurlstzcaQZVbYyiVxxA9ZofhCDrqv4KZykP11exNlHKmqHEB_kwTZtd-tLIXmb8M9tIG1ILBpTK05H1EE7EwJ5A00vO_5egi8O-tQWREnb8Egr19gwcYXXe_DrGmJnJbvdWNQzsqleW4NxZ4O78bYCbuvHZXdpwfHqDJ2glVorRaZtzE1703yCs1LC4kR6JcODrdDv_N-QFFkmCcV1NO9jAsv3M167n1K9uL2SrTsiILiELTxqLODZk33LIeS5uLuD0CbbrOYEVM3h4Pg9eNRaFJbyXtdv9o3Ny37p-oo35OugYNHmg0lFuL0J5c-CwEmSjTBUxr-6PKWfvgIMLYYGKWR0pufZM6ierxtdz7b3sbepNc4quOI92WrnT74WlQIu8F6WRlFA3wbVwmzFudUukw2M6gh5tAJf2xFz7qaQBVGkhSI22tO5tk2O0pAMOZDMKxBfyxpbOpAo0W7z25NcDeJg2ZNCu7FAFv48LMhrum1EeQWvt3w
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame F046 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442606
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 09:56:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 998D 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
40450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 01:39:33 GMT
etag
48472445140208031
expires
Wed, 28 Sep 2022 01:39:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame F046 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6c2ffbe972d83f233c2a5d4bc95de654d36e31fa50e6888f4d0faff628bbf3c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6EFB 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
17343
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:04:40 GMT
expires
Wed, 27 Sep 2023 08:04:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5177 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
6d2b466469b575bdfc367ac4129a792adc3ecf5f4f7575245be1a4fab09bdc66
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Czh_FvtuVIcxQYhKjG5pBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Czh_FvtuVIcxQYhKjG5pBA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:43 GMT
expires
Tue, 27 Sep 2022 12:53:43 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame EB1F 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 09:56:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442606
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Sep 2023 09:56:57 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 2AB9 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
40450
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 01:39:33 GMT
etag
48472445140208031
expires
Wed, 28 Sep 2022 01:39:33 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame EB1F 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3630e7451559f7a49df882cdedd63e32952b842036d7ccb54065ab422daaecce

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame D91F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
adchoices_en.svg
static.criteo.net/flash/icon/ Frame D91F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_en.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-759"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D91F 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 22 Sep 2023 12:53:43 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame D91F 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 22 Sep 2023 12:53:43 GMT
lg.php
cat.sg1.as.criteo.com/delivery/ Frame D91F 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.sg1.as.criteo.com/delivery/lg.php?cppv=3&cpp=S-N-6-j4Mib_ocuQNjG5KtEf8VJRDjEb2VnQ_xG1ciJ_wUSZKm84PUC7I3EzyFDkue4TCSyRrCt_l-TdSh6o1TDf2wvVM5RMDDI3iBdsDiuVQmGJt8JkzKNL5S6yhnuxZJmduLPapINQEQbg2HzzZNxwoODCDD262d7DAwKiOWoVyQo4DY8l3MBgzURKbSaCOfD4X_Bl53UwrvtWTuEmdw0W6L46R8_p6VqET4Khd0Zge3vkt00ZfE_ogUNXPE3rZt5hTxs3q2B6cd-P1uFgbPVEAXzMr0N3oeERGxrIeaOwNGd7Huv_7e0S4iE_Oqx7cPc50o_Yxlqh4fT6Sl-_779I-0iIWu3CIdYppbrpyZmDEV96eVFVvVpbVBq25ClGWnHj12jXo2pb1sPMqSSq6SpUnNqlFdytFjWe2VhTcqM-LTPbEu4gu6qEfbr9a3oFrdme0w
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.132 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2768564
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 998D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN4bxEFnFwqTM4W0fG3irYk&google_cver=1&google_push=AZmPxg8iSxXCWUjk--6C_LXnO5JeJ7YG6ekep_jR3eTHIB0_DA0WrivNu3r3NCtx-qJwqYW4nBnTxyrT54BycbXLy7aqEJE92C_JtQ
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDEwNzMxMDU3NTkxNzcyOTg1Nw==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN4bxEFnFwqTM4W0fG3irYk&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN4bxEFnFwqTM4W0fG3irYk&google_cver=1
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEN4bxEFnFwqTM4W0fG3irYk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gdn.socdm.com/rtb/ Frame 998D
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1&google_push=AZmPxg9_qumHxHYEw6zLRuRPi3rrAUrHewrWY9jgc4DMg3hnzGrIa-LXEYsXbDCU3bnbZ...
  • https://cm.g.doubleclick.net/pixel?google_nid=scout&google_cm&google_hm=WXpMeVdNQ284WUFBQUk5bmQzQUFBQUFB
  • https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Server
202.241.208.4 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:45 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1","cluster_id":38,"gdpr":false,"ipv4":"173.245.209.8","key":"YzLyWMCo8YAAAI9nd3AAAAAA","privacy_sensitive":false,"uid":"YzLyWMCo8YAAAI9nd3AAAAAA","upstream_id":"m-ad7"}
X-SO-Key
YzLyWMCo8YAAAI9nd3AAAAAA
X-SO-Upstream-ID
m-ad7
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad7.dc4p.scaleout.jp
X-SO-UID
YzLyWMCo8YAAAI9nd3AAAAAA
Connection
keep-alive
Content-Length
43
X-SO-IP
173.245.209.8
X-SO-Cluster-ID
38
Server
nginx
Content-Type
image/gif
Cache-Control
private
X-SO-Ads-Time
3
X-SO-LB-Hostname
a-ng40008.dc2p.scaleout.jp

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://gdn.socdm.com/rtb/sync?proto=google&sspid=google&google_gid=CAESEPxiA24YxKQVLBp3MBTfqUw&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
318
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 998D
Redirect Chain
  • https://mweb.ck.inmobi.com/sync/3?redirect=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dinmobi_pte_limited%26google_hm%3D%24DSP_CKID&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=...
  • https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmQxNGFlNTUtNDYzMy00M2JiLTkyMjktODQ4ZTBhZDk3NzU1&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9C...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmQxNGFlNTUtNDYzMy00M2JiLTkyMjktODQ4ZTBhZDk3NzU1&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9Cu2FugNYjeufurS2JdjMsEyqqIVaW2qfvN8dECM7M6jgEjo594mYf8hhEAjnNBvrUgFAsvlxNB1_E-98ZXPkv0OrUAk6DoQ
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=inmobi_pte_limited&google_hm=YmQxNGFlNTUtNDYzMy00M2JiLTkyMjktODQ4ZTBhZDk3NzU1&google_gid=CAESEC2K8Z6hsitTr0RkGTtq0UQ&google_cver=1&google_push=AZmPxg9Cu2FugNYjeufurS2JdjMsEyqqIVaW2qfvN8dECM7M6jgEjo594mYf8hhEAjnNBvrUgFAsvlxNB1_E-98ZXPkv0OrUAk6DoQ
date
Tue, 27 Sep 2022 12:53:43 GMT
content-length
0
strict-transport-security
max-age=15724800; includeSubDomains
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 998D
Redirect Chain
  • https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESELAHCvMBpe62n8TY0JP_x2E&google_cver=1&google_push=AZmPxg94PxTu6tL0Sbnt5agE33YBIe5ct548a2to_DRdMctV-tfeyPYKaWvaZmonoLoBqAdaGYSZUCKhR9K6cMXZ-u...
  • https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg94PxTu6tL0Sbnt5agE33YBIe5ct548a2to_DRdMctV-tfeyPYKaWvaZmonoLoBqAdaGYSZUCKhR9K6cMXZ-u8K...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg94PxTu6tL0Sbnt5agE33YBIe5ct548a2to_DRdMctV-tfeyPYKaWvaZmonoLoBqAdaGYSZUCKhR9K6cMXZ-u8Kz22lZ0Fh
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=adkernel&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg94PxTu6tL0Sbnt5agE33YBIe5ct548a2to_DRdMctV-tfeyPYKaWvaZmonoLoBqAdaGYSZUCKhR9K6cMXZ-u8Kz22lZ0Fh
Date
Tue, 27 Sep 2022 12:53:44 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 998D
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_hm=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&google_nid=index&google_push=AZmPxg_T5m_RGgvWfpJFvg1Sw2geW7dOqC3eC...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_hm=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&google_nid=index&google_push=AZmPxg_T5m_RGgvWfpJFvg1Sw2geW7dOqC3eCig3xSTNHqxcxpZhU1L4PFdBfmGEZyRylXb4ONxbSRtrcmbNilTX8PEKKwltCr-25Q
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:43 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BygVgQX2pb%2B5yQiY30F7ac3Yfxdu392eevTZuqzTHB4hwQyUyQbrCwjMgU129dqocuque3LufLXzoGvu%2FtnyxwwuemWh8CCByoQZorU8yea5M%2F8oGzIU5B3cnYskpNvksJywHJSy11A9xQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_hm=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&google_nid=index&google_push=AZmPxg_T5m_RGgvWfpJFvg1Sw2geW7dOqC3eCig3xSTNHqxcxpZhU1L4PFdBfmGEZyRylXb4ONxbSRtrcmbNilTX8PEKKwltCr-25Q
cache-control
no-cache
cf-ray
751462446d57a949-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 998D
Redirect Chain
  • https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESENkUUQ3xgjKGkMXdDVGP3pg&google_cver=1&google_push=AZmPxg85DLUq3TWn_C9A5aGwJQvRIQTVA7k6wAWt8JiRSfkN-f5dw61EW7DvvNQ-f2G_0wSdd5mQXpKYKu_aE-o3...
  • https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=279a924&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg85DLUq3TWn_C9A5aGwJQvRIQTVA7k6wAWt8JiRSfkN-...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=279a924&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg85DLUq3TWn_C9A5aGwJQvRIQTVA7k6wAWt8JiRSfkN-f5dw61EW7DvvNQ-f2G_0wSdd5mQXpKYKu_aE-o3F39mtICqKRewsg
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 27 Sep 2022 12:53:43 GMT
via
1.1 5157dedfe33ef5a309f236599901abe2.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
SIN52-C3
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_hm=279a924&google_redir=https%3A%2F%2Fs.ad.smaato.net%2Fc%2F%3FadExInit%3Dg&google_push=AZmPxg85DLUq3TWn_C9A5aGwJQvRIQTVA7k6wAWt8JiRSfkN-f5dw61EW7DvvNQ-f2G_0wSdd5mQXpKYKu_aE-o3F39mtICqKRewsg
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ghGGNON-ZUCudSL-9eWZ6wiwS9S9qac4eMj6yzRuSfx--YdTnDtj9w==
pixel
cm.g.doubleclick.net/ Frame 998D
Redirect Chain
  • https://im.bluevoox.com/pixel?s1=2&s2=203601&s3=m52eksbsgbowze8o&cm=1&rd=1&google_gid=CAESEN9QTmYbLP1OH0er6l9Y0bs&google_cver=1&google_push=AZmPxg_5dAsFgAcUCO87Jo7X441bY0Bbg5eaM3X-3vSmgBNVG12Z1TziT...
  • https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg_5dAsFgAcUCO87Jo7X441bY0Bbg5eaM3X-3vSmgBNVG12Z1TziT_AZk3aOnuY5ZiWulSksSA3xr3CU6ASom4Wuj6nBSef8aA&google_hm=QlMuZDkxMy0wYTM0...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg_5dAsFgAcUCO87Jo7X441bY0Bbg5eaM3X-3vSmgBNVG12Z1TziT_AZk3aOnuY5ZiWulSksSA3xr3CU6ASom4Wuj6nBSef8aA&google_hm=QlMuZDkxMy0wYTM0LTRmZjUtYTIzNQ==
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=do_global&google_push=AZmPxg_5dAsFgAcUCO87Jo7X441bY0Bbg5eaM3X-3vSmgBNVG12Z1TziT_AZk3aOnuY5ZiWulSksSA3xr3CU6ASom4Wuj6nBSef8aA&google_hm=QlMuZDkxMy0wYTM0LTRmZjUtYTIzNQ==
Date
Tue, 27 Sep 2022 12:53:44 GMT
Server
openresty
Connection
close
Content-Length
142
Content-Type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 998D 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JgxeT7EOTwLqz5djmv5VwKKAUcmVpV_IMbTTSmccY0q6kAUUnAK5fe7NxFtTfLI3JqVqI3zw
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
static.criteo.net/design/dt/ Frame D91F 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/e228b6a4e90947dcaf6c5ad0025ee925_skyscannerrelative-bold.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10f14"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame D91F 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
Origin
https://ads.as.criteo.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
strict-transport-security
max-age=31536000; preload;
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A4D5 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
243740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 17:11:23 GMT
expires
Sun, 24 Sep 2023 17:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame 2AB9
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEMltLhg_kTYYLHLW_p34Pyk&google_cver=1&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEMltLhg_kTYYLHLW_p34Pyk&google_cver=1&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjR...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrl...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrls_7-8cokjsNOzfPuffCgM&google_hm=BxeXFssITSqHZSPBkGG2Kg==
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrls_7-8cokjsNOzfPuffCgM&google_hm=BxeXFssITSqHZSPBkGG2Kg==
Date
Tue, 27 Sep 2022 12:53:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2AB9
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEHnHpm4ktp7ByxAVTef0KPo&google_cver=1&google_push=AZmPxg_z34TjRDq7lF4XbgzApmZwOADSOgXlFc48Ot2Bx2HBJiZKnUANH8ZzqUMvv1Kkln5wT2gIRqghogxMcMwKm2r2j09uNINAtnKxJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg_z34TjRDq7lF4XbgzApmZwOADSOgXlFc48Ot2Bx2HBJiZKnUANH8ZzqUMvv1Kkln5wT2gIRqghogxMcMwKm2r2j09uNINAtnKxJj3lNHRasqRM-EexMsHEjpK3JHESxu...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg_z34TjRDq7lF4XbgzApmZwOADSOgXlFc48Ot2Bx2HBJiZKnUANH8ZzqUMvv1Kkln5wT2gIRqghogxMcMwKm2r2j09uNINAtnKxJj3lNHRasqRM-EexMsHEjpK3JHESxuLfQAITrHpLmre4DQzrnbI&google_hm=NTBnQ3JpMDBqQkRHYTAwN1l2UE8
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Tue, 27 Sep 2022 12:53:44 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AZmPxg_z34TjRDq7lF4XbgzApmZwOADSOgXlFc48Ot2Bx2HBJiZKnUANH8ZzqUMvv1Kkln5wT2gIRqghogxMcMwKm2r2j09uNINAtnKxJj3lNHRasqRM-EexMsHEjpK3JHESxuLfQAITrHpLmre4DQzrnbI&google_hm=NTBnQ3JpMDBqQkRHYTAwN1l2UE8
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame 2AB9
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3...
  • https://sync.targeting.unrulymedia.com/csync/RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAZmPxg90LoSCH9h_7p8LHV7YG...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp1xJiG0lnBoWEDouEFVc&google_hm=BHYta6Ttlk6diwb_g6TMM9w
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AZmPxg90LoSCH9h_7p8LHV7YGTCcBNZOHzA7ad8OTEYjwUai48o-oMmkSqdDld-VtF21YCToUVWLiv2PIYWg4c_NbQTAXfRroymNSvToX3Mx-WBK0qqzwU6SsSVgQ7hGhM3G9zNp1xJiG0lnBoWEDouEFVc&google_hm=BHYta6Ttlk6diwb_g6TMM9w
date
Tue, 27 Sep 2022 12:53:44 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX762d6ba4ed964e9d8b06ff83a4cc33dc004
content-type
text/html
ebda_cs
y.one.impact-ad.jp/ul_cb/ Frame 2AB9 		11 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://y.one.impact-ad.jp/ul_cb/ebda_cs?google_gid=CAESEJH-mYZjBaX0C8GqQBczqng&google_cver=1&google_push=AZmPxg9lzeImlxx9k8EFpNDNr1lVG8EcQSLCqtJb4_mbDLvhldcpgbY6mhN5nUCp7IAAz8qp9PHK5lM4AMEaNlM_-3sCSwfhZ9ms4LPce1847vEibc2sGUtOSOf8dG4TcIJEeRL6ZzOV9HXbLG7ECxw8mA
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.109.249 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
249.109.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:44 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
11
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 2AB9
Redirect Chain
  • https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESEKuGF59TvU6MDoT4LklPTKc&google_cver=1&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOE...
  • https://dsp.adkernel.com/adkuid?r=https%3A%2F%2Frtb2-useast.e-volution.ai%2Fsync%3Fexchange%3D193%26google_gid%3DCAESEKuGF59TvU6MDoT4LklPTKc%26google_cver%3D1%26google_push%3DAZmPxg_Le9T_LUGWNyYnES...
  • https://rtb2-useast.e-volution.ai/sync?adkuid=A5993991167863545809&exchange=193&google_gid=CAESEKuGF59TvU6MDoT4LklPTKc&google_cver=1&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB...
  • https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOErN4lQ7lADSD8gqeNzC7U6-6jyFYXx-ujUWczv2fy4PctC8uqsA-3DNlUKLAZVd_UbA0hEkvRsjo3
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=metup_srl_w_bidswitch&google_hm=QTU5OTM5OTExNjc4NjM1NDU4MDk&google_push=AZmPxg_Le9T_LUGWNyYnES1l7z8hcVE8KWv1xgcnB7s6kQxVvmTB6Ef37cxQQpP_-eFu1KUygl3qHnOErN4lQ7lADSD8gqeNzC7U6-6jyFYXx-ujUWczv2fy4PctC8uqsA-3DNlUKLAZVd_UbA0hEkvRsjo3
Date
Tue, 27 Sep 2022 12:53:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 2AB9
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDBL9E0g1wZ7WKT1_EkGx48&google_cver=1&google_push=AZmPxg_sm2OgaCZTAlyDXb-KINHV4giIzOfTnDTd4V8Octs1KlbKOKZzqIei5SsKJ_CnAclkehFzVWc_S3KLVlzqN...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjE2N2Y5YTItY2M5Zi00NWNhLThjMDQtNDJhZWJiMjAzYTM2&google_push=AZmPxg_sm2OgaCZTAlyDXb-KINHV4giIzOfTnDTd4V8Octs1KlbKOKZzqIei5SsK...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjE2N2Y5YTItY2M5Zi00NWNhLThjMDQtNDJhZWJiMjAzYTM2&google_push=AZmPxg_sm2OgaCZTAlyDXb-KINHV4giIzOfTnDTd4V8Octs1KlbKOKZzqIei5SsKJ_CnAclkehFzVWc_S3KLVlzqN5Zo1KhMf18q1Hfg1TgMjTuGAD9QdM2D1DVIaYlv_R3RJoQcySV6MMF2FM240o8kBRh6
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=MjE2N2Y5YTItY2M5Zi00NWNhLThjMDQtNDJhZWJiMjAzYTM2&google_push=AZmPxg_sm2OgaCZTAlyDXb-KINHV4giIzOfTnDTd4V8Octs1KlbKOKZzqIei5SsKJ_CnAclkehFzVWc_S3KLVlzqN5Zo1KhMf18q1Hfg1TgMjTuGAD9QdM2D1DVIaYlv_R3RJoQcySV6MMF2FM240o8kBRh6
date
Tue, 27 Sep 2022 12:53:44 GMT
content-length
0
pixel
cm.g.doubleclick.net/ Frame 2AB9
Redirect Chain
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEEKIWcPU1zdhAEdYuDpUxD8&google_cver=1&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQz...
  • https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=google&pixel_match=y&google_gid=CAESEEKIWcPU1zdhAEdYuDpUxD8&google_cver=1&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQz...
  • https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQzhpfAMg9Rwt0ZLLXgj1lOhQ-XMg_X8uC7EWgwaXNbENATkdVG9WZovnDt4SF-6l...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQzhpfAMg9Rwt0ZLLXgj1lOhQ-XMg_X8uC7EWgwaXNbENATkdVG9WZovnDt4SF-6lzfhjhrCucLOzkq4bkpSpNSzpG4ZA3I&google_hm=Mklnd2lIWUdMVDY=&suid-set=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:45 GMT
Server
nginx
Location
https://cm.g.doubleclick.net/pixel?google_nid=admatrix_dsp&google_push=AZmPxg9NzL07YruEwz2frgbfXRsFRlwy5ePa5Iw34TAanFIkoMcXp3Rp5C92EcQzhpfAMg9Rwt0ZLLXgj1lOhQ-XMg_X8uC7EWgwaXNbENATkdVG9WZovnDt4SF-6lzfhjhrCucLOzkq4bkpSpNSzpG4ZA3I&google_hm=Mklnd2lIWUdMVDY=&suid-set=1
Cache-Control
no-store,no-cache
Connection
close
Content-Length
0
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 2AB9 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L6gBkNF8tJq3VN8q32ev_PV18z81pv6hgpvlpFyxf52S7kEAIxC9H5gjr6rRd0B9fZZ8t4HWrx
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar
pagead2.googlesyndication.com/pagead/ Frame 5177 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=3553646191836451&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 6EFB 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D91F 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1089933
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Uz4OJePMagVvAwRCwsyjy01ipYUwHD%2BzjxP0L64ESbgkPudTII%2Fl0kvcTFF1ypmSlSgH6qvYXQ9ymMDR321Jn7fxtboOLMCQrwKkWs%2FU2MTt4%2FwCLkkEi%2FUp4vyGLROvsNzx6B%2Bs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
75146244d879a7ea-SYD
expires
Sun, 17 Sep 2023 12:53:43 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 5CDE 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
243740
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 17:11:23 GMT
expires
Sun, 24 Sep 2023 17:11:23 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
createjs_2019.11.15_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame 5D4C 		236 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/createjs_2019.11.15_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64275
x-xss-protection
0
last-modified
Fri, 15 Nov 2019 19:16:20 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 12:53:43 GMT
WOOD0342_reliable_power_300x250.js
s0.2mdn.net/sadbundle/2717636683251514590/ Frame 5D4C 		15 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.js?1661403160994
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
00cc9f6c863cfc75693f62b0e2fc0762ae0faaf8db35a9b62e996be3e248afb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:39:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
826
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3029
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 12:39:57 GMT
index.html
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		83 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
b2aea5ba0178061f83601430402d012a88a5db02d0bc4a0155f9a1a069a93a6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
208125
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20358
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sun, 25 Sep 2022 03:04:58 GMT
expires
Mon, 25 Sep 2023 03:04:58 GMT
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame F046 		0
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssy7OJZaYGWRTCHvsaxh1z4oY1vwd824P-I2nbrw5hoYd_ZuQJ4A5sPQKMwWjIb8TbsicWoMdhp_vaGAgnWQwGQwp5xBQnDxRWdWUaFr-TI1JMqRhNF7ReT6uL9A-PfHaDipXJSyoaGFfqzTdjamWr7N0l6TeY5QMjQcaGPj5-APxYvI9bwz9D_C8uHRZe4vaYjXDI5wk-l6HFqDJ8xQawNOhxFA_JXmXym9yVm6ZV0CRbXiJIs_l6iWHqFPm70mpht3N_EVDTIsRlruia2zdlzqRfWozTG1IxfJwRHZ5zbg8IYKalOh-YW9_Lh-TXLB4QlV-it6MexhdHhyObbl10dMcUCyQ_bBQkkUwXn59mGctSItMbN__nf-IiF1z1hdA18HnAUVtJfnaptzksmN3G1_j9B5hjK4ay9fFvndyJKpVRTlK_clOFSU_ervsNANb_u6xogElT8qLcs3zFtf1cm8M2otdM42WtAyjYZfPo89jGG02V2MN-8rhcuUHDcaMXX-MrLLwr18lJsuIaUpYWGMvFo-OVt2YM_QMK2rJg_KxbOWkvUNeNsNs4vFmLTfF-x6S6-hK-7-bIjP_FQNW-78eSF0MNadsNVD4G9b2dFphsWcfi1sfy77K9VgKPrEnT5s_TL3ctMi4W6kqnJ2b-PTaCMhtmjJYg0YfTOnupq8WtouzaYwq44yLmxo47257hzZU_BOhMwarjlCsjvjBqg2eBf3dJ-5fwnGGRWTdxGohWBikcsLmyuKrtneRMOgKkmpX-HdHtezfote5pOGEKbItWIJ8hDgOAkEWLqXc0qKuoe6bJ5dO62jnQEq9NiO_jAtYlCcF9SCzRCUcRnv2PPp8606SI4BztTHfhHFR6y678VUY4jm2COZ5OsgEvLyb3FNkFWh6L05SFwOtgfYWh7LqhP50NJx_mKDcXus_JUAXbozn6aIfgWy4t4cJsKuhiJdMj3PJSdSQkPObCyKa2ftYgMHw3tKYfcVbdH0FZ3cvQtKmLqNxWldOiolxZTOt4BBdQzvleqOitzc_y8lbzJhpF_kNImBfNKUUx24wt_WmyCNo0HJRiQhN1m7umrmq5OBlSvaGR15-LgtVQ0bVSzDhzr2_6pfN8gIt7xrwnNmeBE42Ir7HUUpavAVu0TrivxxqGu2eKWd_5gmMMQGHk-0cvLF72ES75_txrzbNRBZxGX3pg1nKzHc-oj6U2wHARBJUALkag9rX05uubsUd7wZbMQ2XiBe_8DvtDlrTZhLTOij8FbV_pnwQqaTdklV8vqMyC5-A0gG1qdvkn4PYQAskQuZlYrrM3FKr1LXgpD7lrAdPQ1H8sbIx6r&sai=AMfl-YR4Uz6MIexxa8omIiatM_-lPmQSFT-CCcqn48gTeCL_lozs1Va5lZS1odBvbPZdMAVZi1Skzvgdhf10rT1ZcLPd0lgCGeWHKwsGVMxXxh_q3RMGuT-4BOn2XOysJOt7GM3CieAI7IApmpWysW3COWHKUSrjVV6Bnzyy7gvLQYRCTkv81VU0bJ7nwNoBogx3QqGFIUGEL8Zn9UDwP3mwxIt1&sig=Cg0ArKJSzHTgZdunFXVuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=590&cbvp=1&cstd=589&cisv=r20220922.63435&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 27 Sep 2022 12:53:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame F046 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.365.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:44 GMT
Server
MMBD/3.365.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x59, hkg-bidder-x50
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 27 Sep 2022 12:53:43 GMT
animejs.js
static.criteo.net/animejs/ Frame D91F 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
img
pix.as.criteo.net/img/ Frame D91F 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.as.criteo.net/img/img?h=1200&m=0&partner=9736&q=80&r=0&u=http%3A%2F%2Fstatic.sg1.as.criteo.net%2Fdesign%2Fdt%2F2936%2F210730%2Fae7c74bbff6a47faaeb0d1dba10321b8_img_vertical_1.jpg&v=3&w=1200&s=zUR3N4MFkc83fgmD6nxRYPTw
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.135 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
3288212b66509bcca02524204f3d2c8cc0b6a6a83cf3a7ff0a2e28e773d9c5dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=25933168
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
26074
expires
Mon, 24 Jul 2023 16:33:12 GMT
all
csm.as.criteo.net/ Frame D91F 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=LGAxPraOmZcNrrxli9i9X7qmuZr_xzwMs5y3Aetm9uIvS63QdQmqK4jb3ZL0CRqQxNc8YNTF3BmA1lmn5vVW0NBwszk8U-i53VKxw1nN03Hke_9Zw4sAf3LKu5t5_08-CjRO_A0jO63fz0JEcdStNS7pgI4CHwSJI3Kzmkib05t1Y-XEci4Fn7MiOP96XnOBwcPe_Dk7MgYgDhINDyuYx1UMIVOb-ijPkpKaiJvYH5o13FQ9TZz30f7Bwj2DW2WAC7GFXw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 27 Sep 2022 12:53:43 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D91F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D91F 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.as.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 22 Sep 2023 12:53:43 GMT
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame A4D5 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
index.html
s0.2mdn.net/sadbundle/8748151230531897985/ Frame E3C1 		305 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/8748151230531897985/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
357264af68c8e1d6843f737a9feebe450cb1c9646ef2bd67662b90ae5bf7523c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
264092
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
54363
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Sat, 24 Sep 2022 11:32:11 GMT
expires
Sun, 24 Sep 2023 11:32:11 GMT
last-modified
Fri, 02 Sep 2022 01:14:46 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame EB1F 		0
31 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstavNeUtuEow39_-Q4axGpXsKBrThA3c2iwO0lQ1rzRoKvl9RSuY9Ve9kUAzjlvbxP6PfvUCTwzARIgZieNKvITug7kxUHbHPfi0viLftpih_Y8Rzw5oKQT_iyoZnWlHgiOJ7KakNYD4ifYHb-yeUB8l32H0WNwM13mpwDZikR8wyFtszLd-BS8PPRf4FvCe2cuaSiSM9X7Qpg02qL_MSUajT5-9EvjuKTgoMXPFfP71Mw3qQW8M1OM9N27snY18k9iwjeldzLAHKUYH7g4sr0tZgT3QqZY-ojZwUVZ6loEAecDDlwUMLajL9BddbWpK2R8xg1xjwtZ0024LZqH375WtnOfkEQUuNUzFZpf10fPkloED5r_V3Fsk9F8cLmXMZD5OkbbNO9GXFtdW93H2u-CFAdf2QqcA8qfYwY4kJjQj7AWGrM_kow5yLIpI2Cna-iZ5iOJoq8hiJSxHn3cpOf51OCJL0mA9BGpeY6UwG06D04AH0hJkMjYVVmBk6_BsSxS9R4TQo-nJNvVqNmQusQVYFV_CFPJoUBf3ADHc1DOXTlHacTigcFUAPZUJCf9-CKHhPBRaDfJGZMrqMJU1t5UJ7seJ6zYszdmrBZpkcjoG1GsTHUvD2UqgaNuC7AyMgFx9KUAw8d1YWcSSkxpBJKQKiSeWtAUobWPf4bWB8ApNypNxbKN8FMH9W9jvh1I-7JxSzPE84_vpOD9jC3IgCCD7wwhippJ0_mc8JLuO_b5zuBrsVN9aciiULhsF_r3OIR3zcSTgQ_A4HFsBpPZabwlLgbxVj7kruOFTbXfsIhVHRgWq_4qQUAE_S1WYMVkYHAdg1Xb0ceBMPqBODGWm6UyNJAtnSycmlO2w5n58iFxasaBdiXogtpXs80Gi0RX_SPX-_oUCf30-L2GSLZs7Jx1zASeD93Yz1bQv7yz0SWmBqizhmDCnHjjtuVbK9HFYjqWWfH-co8jBt9T7zW1Ztxr_vTy6XdEFrgskgn7HNLY6ebjZLlsnfDEQyBix8BEP-Ku9NQPq9Ky_zAM9MS_Z2h3PO97T--Uf5YyM4Lf2CyQ_QtXiFpMZH6IkNJLVtUM9wJCoyJgzsroUg-OX18aU4WpPKcA4sZLnWf-KIJKZamGWaFC0d9mml0FzoSWiwKVWz2rNhH96lLi_K0FsJqysIWVMT3vHnTMFBeZVS89loXhB-1HAf1T9WSEbYyvqXugrf1A8OKSYryk5gtosJ2bvuD7qtUE-wk9RyE9MIcJV4zhGuba18xS8mjWMZHDjPUuVKOJTsiqA6qVjvuqtK6Qa3Qvw0kq39KV30NV6HE9arO1EG_hVmJKq-ErpYe1R4k3&sai=AMfl-YSMf4zKpMztiBoLG9-BXReikVP21P7MCfNuVyHHSrpAqoGHzQ6sAfyjsAohkX_hqg0LxXrX5-Xu7V84NwP4JOJFsoF2BPJo8rkqnyWzg_pCciCmHaEUpxqr0l5ZqGdnkG1-EGHE_mlxuv1ejDqjie_i41dWZS6OpO1BQkL1vxghO5XBUXgZ_OQX36NeMk18W7lfko6V0OUmnYLLLPf_twfp&sig=Cg0ArKJSzCPshq38vI78EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=677&cbvp=1&cstd=675&cisv=r20220922.13709&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 27 Sep 2022 12:53:43 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame EB1F 		49 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.206.241 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.365.0 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:44 GMT
Server
MMBD/3.365.0
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
hkg-router-x50, hkg-bidder-x110
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 27 Sep 2022 12:53:43 GMT
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 5CDE 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473606
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
generate_204
tpc.googlesyndication.com/ Frame 6EFB 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?BtR3Zw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:43 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 4F1D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 14:10:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0338 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvsowX9ynAHS9GeByaN-jGmUSG3L_CnAG_Qcf0gDbqKww3gXLr4FaS4EV7cwBHbwAYQoo9-2YBIql5Z9ZUEqKNFzp-x&sig=Cg0ArKJSzLP_-8wt35cnEAE&cid=CAASFeRorIaZw-9fNtQAkOY4CuErzShUPw&id=lidar2&mcvt=1010&p=300,5,900,125&mtos=1010,1010,1010,1010,1010&tos=1010,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664283222151&rpt=819&isd=0&lsd=0&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame E3C1 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8748151230531897985/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8748151230531897985/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 26 Sep 2022 14:10:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
81805
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Sep 2022 14:10:19 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A4D5 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BzjJKVvIyY7SxLtmD9fwPwbWC2AQAAAAAOAHgBAI&bg=!8POl87fNAAYIxsuQKMY7ACkAdvg8WqoBszRxIdG0m0s6Cr5e6SJat5MaRgKPxW2aN-ZqcewrJyfkugIAAACIUgAAAAJoAQeZAuSuox0YhzNVKp1uM0gS2boxqr3eUt8ZrGujpcw1Cyb8efS1NdSJbtU3O8VpePFnozGdt7ViVbGIVH53-psML--QyvHGHQVlPxA-_uGw_bz3o6K9M5Yy-8KLNQTwohjQVAwMylC6lrMBWpWeBBaa30zy-YjTNoc2pNzkBELvQ_bHjkOUB7TNJ9-pN-w8et65KHpcta1bEnqCyehaViRdgK9riBOvxk-NqHJgEAkWGwNt0Y4KjEcwp5GN6JTTi7Dus7mWNNOhjD9POU9H2MbS3EANO4GpTHZLNFhEc_zfCKnTbRbAF8U4h14S7bZU8QbJZB--ZYYhzx0p3FG7o2GzYy_h61EpjPUkibCq9xsiBZY2huAp9glc8sxc1x3-IQd1-PWVHzIGFTdnWb9pMv-gVn88ui2G2N9jf0rc5HOLfacyjAVNvT2NqRwb3HfACgr7q80RyqrhVRXwxJzs6-mH6D-gQkIc-wqyXPdGKwEAL8_f7U7w9vXXbiL2Zhq7JCptMg4o8Vlv0KGeOnz2rk2qrB-bDKCyGjCW7Qnt83Bq_P2h0Mjs0svhh2HNACfaMUWhAY6Kh9LUEfIdq57drPxWe0sN0CS12afdBn9pzci9zFW0E1pLvtsdRvmc7pML5Vj_VhFONfdlx-7krFYJInH-poQ_JlGLdephMcMWTdnFaNtAMoLpkUivVyd3-pdEOUPkIRHNbR2sHbc2xy2AokFFq5D8eVjpB23dsOQUH0IObuQT0ElQITa8IAIAb8WFg17-Umj4VGeQiK2e8Uho64M79cvmZwk6ebgft8S_ohBKPtWTCxOnkcUUr0SPZjztgRlHYrtEoxNfEuMN5wQkj0vgCLPFg4vOq9CoYFVoZv6N2EgCUbouFNjvIpuA2Q0bRt2nT8OmYjIVdlouhEKFdXMfydFvv6-EAN8tIzG2yr8MD20hk_5jnIVGBN21s1IJ7NU7zbb6n8hXX5qeV0yZB6irE6ZsDYq8HQ
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5CDE 		0
25 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdpFkVvIyY9iFL4mF9fwPuuKeEAAAAAA4AeAEAg&bg=!9_Sl9LDNAAYIxsuQKMY7ACkAdvg8WiFk6bBbEnPwMY393BYv03re5E3fxaecm3VXl-7Yl5A43YtdXQIAAAB0UgAAAAJoAQeZAvXkPk2e5EnyPqNdwmjMXdlHJFBa1mPPygSRXlTtNLw56RXZGQ4CNoA1ItHtcI2tLTNYTHhs5E_CMbpSg3Hkpxsr18Eatjk7eVtBMbt8biP-j-sNelBZVFigGBotZtILx31vpab2-mvtOs9rlQNrzdxT9JJprKT5z14wygcq3NVWB7XCSBULbcBTG_Oe8YmxsyTYCtdNsCp7D0iWEFe5t7lAVYQ8vPcQ1-qZBBXOy7mkAvHWjN2dL5bUy4sBdMSuVNI2fvRP3LANHNdW4CxmrrhPzzxSdaMqVgX9KYfwoLdr7VM6hVLtVzqM_1V961RuuItCVURTI620c--dG1fzaFQBOD1SgG0JIlYVvJsTerinNMNsIb8kod5LfCCZuUDN9bWrwim3lQpjjhMgEcPxCbx7NMeb1j2ysFNygIVrTSfNKlv6vd7aQycAIhsGt9vE3W0JRWquafStI-2dcXW_LM0yrioZZhghwNrbdAbaiY8jgLupH-qw03vv5w1zeISYB7WPaG2wkt3tNMGoyPpojo9VLhIERBN5t1uPVRPPBvu7l0o6MBZvl1E02CI0uaNyaQLvITBJZttxHu7MIGe-gAyaLRe2tp5QpW_dvjnk3SKuLf9AprTIe6Yr-E0iLUU4PWWGlxVqY4BKteQJUHORxW8tcqWHBb7blIofb9G_m-y_aa2Y7XngU6jqT7u7N-eiaZsx3DLGs8jcnzI2JlXxM9FR4iTkNI1xgCSlmpyyxggWimTVqVV4Y9idWBw3wgLY2ZWkKk1Rmn9q6Z1L87H9Z0t6gGdcE51iyVYlnCp3BFT3_dtd5DNEkjbASrvpdC6sOYM_NEEAYRXHm9FF0eX4-GqIafDb0ZgGTwdS6kp7SI-23Gi-JsPxoTzBRY7s6xQbc63qdv7oDAF8JsAQbsMgaTpMUPjGPKVVWOHn2Ruyfz836wpenSm3UqHkJFj_zh7BDROKvLbPNVL7RBA5mBJGTIsVQtbDtje9VgqU5pwAAHZUr5Wzsypa
Requested by
Host: 1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
null
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 27 Sep 2022 12:53:45 GMT
Disclaimer.svg
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		81 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/Disclaimer.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e0e06bf9474271817dc8e27f36b65bcc1e96f8115b1e641311f7a262a541c94b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 03:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12071
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 03:04:59 GMT
Text_1_1.svg
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		11 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/Text_1_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
139a15a804633e7af452494ba33f3cdd1828dbe7f9ef93baea072e9c6289604b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 03:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2880
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 03:04:59 GMT
Text_2_1.svg
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/Text_2_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
2a6384683981270666be2d013760606db6f5c4df5fbec25b059b00339bdb23fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 03:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2283
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 03:04:59 GMT
Text_3_1.svg
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/Text_3_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
c5cdb4a26e914e1ff159f52f5d3520b40394d7b3d3ec7b70b2f7bf311502dc3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 03:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2679
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 03:04:59 GMT
Illustration_1.svg
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		3 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/Illustration_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e8c3c3270c2619447417283abfc80eb697a9ceb8680f90132a6131c52c59af18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 03:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1112
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 03:04:59 GMT
Background_1.svg
s0.2mdn.net/sadbundle/13908002842451597805/ Frame 4F1D 		20 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/13908002842451597805/Background_1.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
b9ee8da3c92ebe0984c6511146aaba266323f749fb3130d5473e14b745a22be0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/13908002842451597805/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 25 Sep 2022 03:04:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
208125
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5623
x-xss-protection
0
last-modified
Mon, 12 Sep 2022 04:50:47 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 25 Sep 2023 03:04:59 GMT
truncated
/ Frame 4F1D 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
s300x250_bg.jpg
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_bg.jpg?1661403160473
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020617&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664283220800&bpp=5&bdt=236&idt=295&shv=r20220922&mjsv=m202209220101&ptt=5&saldr=sa&correlator=4309456834272&frm=8&ife=1&pv=2&ga_vid=1929176802.1664283221&ga_sid=1664283221&ga_hid=666906826&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759837%2C31069957&oid=2&pvsid=108063896023097&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.sjil8934op5v&fsb=1&dtd=308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
e3fc473e00b4a1f654cddc41536d01737633b9416e6e9165f9c70e3c75539c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:39:57 GMT
x-content-type-options
nosniff
age
827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5886
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 12:39:57 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 13C6 		0
30 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEItXoOyaA--wRpVXrsCz-vTP3nh7L03VFBGkMhtSXXWIeNXwz2SWOnm27IsMeLGtiombMCDkHnjlWShzB1Ptez18OqddH-sgTE2QIGuoafDffJ6u-BlRZnoreD95LfMqT-afGhh3rmp0B-mAaiTxlix0iqk-w6-5gyNXPaTPVBSlSE83LSK_sljAXOAEXdrPOC1gyigEMGdLIqHuK_ZXvx5HQeM-U6q0gWmmJ08iJPvWiKMcjciH4o-MzhPHvJ1pU-BmWfziA2ZN7bvYjx8Ekw8QzvgthUGbdgIzhqbDgaVgTRLsckRmWhQLon5F9trK60NtMw88TxjI0cS20G6GKIlM8Lg3TJ5vrLg94OxBuhCiuXwLvdnnVtale89xFpV0OyepNHhZm-zWVJdDCYFGlYTwYif6_3XHRrI06Ig3A9isyuDiIGWfGwLpTm5RfM4mjkogrWigVZntPNxlgSAC1FX0EGgUXOd-5o_bhVLlhaEFplV9wEdeTJL8dcEtpPvgx3u_RyZmfLZSvxXv2MunvBiiBamjEYe-Z1pqdPh6OWjr3mYEcgCs8bUMz22FduAoVhUKh3lexu2npG9MFOpWiHWwawH-LXD7IA4R0Qd4XNrxV6FpLt6XKJ4XPPJSCBKq26Pd699Crkg-N_vWAMXR9TmajllUBESofCFYS6AhL9tDiohysuBKvTCWZhwDwCz-ePXbW6YbPOCT2ZP0fmqlT2Tj9C2o9IWlzEMuw8TmWPgU5vo1J_rNe9FSS0oiDWHKJS0q-JWWW5S4-Dl_NMAsf7nkE6Ps_Y9JVokBtOGgD7e8owVLjVS19-b6y4Rg5CarhIEYklIqbWk_tn6wVZEWfSBrxZ9FcArKh1IOZuIBTMBIzT5sFeilerJjXONWWATUkygQoBYIw4bkbv_WAxYzhILZnIHe-I6o-_lFsPxywugS0zhfpKaj0YhBnN7nLrvXImdZJ1wX_jE-V50uBtANdMFKgsq7wntU3hEKqFrvRqprQZVDGstQ3WIppbl3XrWUXO7jCbpJJGkp5p9A-gCnULFxowIXjQnNGMM-2YHmHZ9A5FnHCUjGMEqxseCIrQRfXNoUhwu77XeT6Ulmtcn27KXiLBGwctRgwaygTBrN9ufPecLiJtqfiB_vU9IJjbESuO7aJQa9vuNhPEBpAH2TQb79S7LsySjtmIkZy6QtgSUJhLwG0Bw&sai=AMfl-YT2O1d2Cs2UdBsiB82pha_6gGFSqSM2G4dTOcxUed3t0UxuEtg2R7rwvCK8nEeAeYIc872vatIlbuiJOnXIDkukdgIKGEl1ZjyHIkajSJG4Z1f0o2ysUzPukyyHyxGNStaOP6HyVmxZntiW_ZjMK3qiKqw24g&sig=Cg0ArKJSzIA9fIh8vumrEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2070&vt=11&dtpt=1233&dett=3&cstd=835&cisv=r20220922.07373&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 524B 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
b6236bb32b44bfb3f2450b7d57529cb20f0fc94195a8fb5906909a606f70cbb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11264
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 03CC 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220922&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
5504c31d84fb15d87bb4e68ff4abfdcfe646702041f42b44d08ffa254f1b2062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11300
x-xss-protection
0
null
s0.2mdn.net/sadbundle/8748151230531897985/ Frame E3C1 		43 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/8748151230531897985/null
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8748151230531897985/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/8748151230531897985/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
x-content-type-options
nosniff
server
sffe
x-dns-prefetch-control
off
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=0
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
expires
Tue, 27 Sep 2022 12:53:45 GMT
truncated
/ Frame E3C1 		43 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/gif
activeview
pagead2.googlesyndication.com/pcs/ Frame F046 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3fKJ4OtWFsUan_CwHyL46qPTmXFt5wuAr8PW2du8bBP2L6TsNMEsRDaO7EzqYghp4Y06GLAOy1rLCm4v2IySUvAAktpvOkqhszXUFQY9FxtO7V8lZFesAgB8tcJQ-VDvslN0&sai=AMfl-YTWmFgIkNUKyEangAGnismILrczOvzmbpi_p0Zmgse0YfYoAtA86QWi93capB-MW7G16pn3MFQPEPJ7-pn9KtLbqV7lBz3vbYkTiU0WWgg2zkebP_8hyJ4Wq0Id&sig=Cg0ArKJSzG24MYwUHm7nEAE&cid=CAASJeRo-tlzOzwSvOXJ_62zM6-fgjUJ0nEtA47aa_mucwoKr6_rdnc&id=lidar2&mcvt=1007&p=60,450,310,750&mtos=1007,1007,1007,1007,1007&tos=1007,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664283222138&rpt=1139&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EB1F 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvePfNaQ42fmS9XSEp0EVLGwAT26ONE0XicUhvWCuJeSOgfVeNuBkXEqHLoLDUUnThDVAE_iLHkQhfahIFiyFdWXEMS_jsZ_MXgnvTfopA34F2THbLxgTk5lI9al83TGEmK8D0&sai=AMfl-YQnh7z6ztCQxkRlTaFCxax-pNOgEe4NQ1V49AHxzayA_MNa6P_Gii59FWw5Yt_eu9tDdDOKDrNJAnMhxikr0tc9hn3Nf3baCeoTUcTDOJieP0Hgt18fHqhzmhRb&sig=Cg0ArKJSzPj3UPMRhnsLEAE&cid=CAASJeRoMD4Zs49QJuGJR1wRt9etW_CsPeg5ARniHRWg42P6HP4eYjs&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664283222148&rpt=1187&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame C516 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=3553646191836451&bg=!TU6lTgrNAAYIxsuQKMY7ACkAdvg8WsttEoL61VjcVrYSJOS7L5whMDsgx4DiEXelud3xrQB0XMxxSwIAAABuUgAAAAFoAQeZArqnuDRvJGE502ZmUpUhYsoJYUl8XyD2RqK4SHvo5HSW753gunTHWQxV9d8B9Me2m-woyiHgaTwLc6KYgYK6CTM65rza1dVzHVUuYmmzogIYdQjMZdfmQQhR3pqa9TmfNNHR5XpXuPGyFsNgykIhLrpCMRq86I_0NmQ3v-NafvcUOW1SHvGid3dTpkSZo9bBBBf0T5gYzHY_RVEubGSxcM3TrWXklAqk23xAHIqcN_mzrm6-eLDMbSDddxPqAe6HnsLgqme-BHDYx-Sgvc-KIdya4QZ-ehF3uboqJ3wX9gKvtqY4lGn3x1NL1xsqifccVTjfkvJRcOrMLTWWvLvl9L9xdS0cK3nH2uzZNFscOWFEuHpRgc7BhP62pgHwjRs-XznKT-qP6ar20LbRfuUCFivImTKSMK53vIoN0R1Ueoj2Nm9E3UG0_osm6YPxsn_IcxxH-lGSKmLhckYOtxj5FF_j2-i2YUL598f98MEtR761TBUzh3ORwSxPbOategX5CRW1W5GPVsypBUIdmPFS9VqoFaBHV3z6kQ3MwDt_nNSq9qHyLLn6Hq_IjEkg5wLajtOG6veiyFb3SJAXxHTu1VZckVSkb-jVo-iPyhXscTikb-nyI4jbr_5RrJpIdfi0209x3lYpjEb_L1FIR9adpOaf_N7Iu3EGD18x0TbCQpQwFiP4-ZfU9jno58TYuC3AuCRiGdMchfnc1m4JLV0BN3Y1oIg0nzWNdKFQYNAW20jfC7JDA8pVOFb65ugFPRgcL1KJEzeIeVy2AJSQiuIL9UUugtblbbNtPD6gM_51AySG05wtkCK-5AugtZbUfQLRZNNt914Vpb1IoVLlNOKinfBWOha0WJilyDr4LmLwx286PQrA1qwbYlUZvqRnXi5X-sLNT6YttDZzocQpaoRXEKmjumuwpvCpMJAPEw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 524B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:44 GMT
s300x250_btn.png
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_btn.png?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
530fe2ab535433c7efb846372589616e2f71735a452165f2d0b9f63987d4cdd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 10:48:41 GMT
x-content-type-options
nosniff
age
266703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1541
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 10:48:41 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 03CC 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209220101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Sep 2022 12:53:44 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 27 Sep 2022 12:53:44 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
575714
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		340 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&pbt=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
16ec7c5222ffca737c24af4e2498cb3e774b5af6592f103cef3ceb94e7a00494
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1190503
strict-transport-security
max-age=31536000; preload;
expires
0
rid
match.adsrvr.org/track/ 		108 B
648 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
b2d6f1f43b99443ba2c094451f961606510727eaf534f406c58e0449069b446f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 27 Sep 2022 12:53:44 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 27 Oct 2022 12:53:44 GMT
ixmatch.html
js-sec.indexww.com/um/ Frame 623B 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.74 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-78-217-74.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 12:53:45 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame F25E 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1664283219781
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync.html
public.servenobid.com/ Frame 8294 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-81.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
20663
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 27 Sep 2022 07:09:22 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f1647fac58c5fa2c4d7d531e7b786e56.cloudfront.net (CloudFront)
x-amz-cf-id
BEweEJB4MxQYfmCSWbkJo22YXC9kvdX91u8GuwTz6OypMWvRvwkdXQ==
x-amz-cf-pop
MRS52-P1
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame E7D7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
25768
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 27 Sep 2022 12:53:44 GMT
ETag
W/"623de86a-cf34"
Expires
Sun, 18 Sep 2022 08:33:42 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
4, 23606
X-Served-By
cache-lga21956-LGA, cache-syd10135-SYD
X-Timer
S1664283225.769273,VS0,VE0
sync
eb2.3lift.com/ Frame 84A4
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
78c5086395f0bcd568ef8b38bc409da95090ba20b2d338a96cfae1feef7036b6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
460
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 12:53:45 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 27 Sep 2022 12:53:44 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
usync.html
eus.rubiconproject.com/ Frame 64C4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 12:53:45 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 3A33 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cfa8f47125a56d077a4099df80368e006faf9384a1c7d610838b6b32e8448c1a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 12:53:44 GMT
expires
Thu, 29 Sep 2022 12:53:44 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
isyn
prebid.a-mo.net/ Frame B76B 		2 KB
762 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
7537e99ef204fec8326566ca4ac1cb202864f308e9b87ede899b20b52d8c31fb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
content-encoding
gzip
content-length
673
content-type
text/html; charset=utf-8
date
Tue, 27 Sep 2022 12:53:43 GMT
server
envoy
vary
accept-encoding
x-envoy-upstream-service-time
2
pd
u.openx.net/w/1.0/ Frame 6C93 		533 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1663912421366.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
f9a8764f7e7de7faa769c6420e94c8db843dc8a593c0c6261413720c113a6389

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
326
content-type
text/html
date
Tue, 27 Sep 2022 12:53:44 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
activeview
pagead2.googlesyndication.com/pcs/ Frame 13C6 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQxvmeDzVS5Yz-OZyej6uu_CjvZjoNz0po7Xms8sCph5OLDzem-nXeGCEZrL1trYDBKl32WQgv1HR1Su6hWqVt9HInOuEwq818uekwRzfP5AILIXFvDCue8g&sai=AMfl-YQ4TdeO7esVvLxkUi9q4k22gM6TA6aSI844ecz9erWlQLZi2qWCfoGKb1nsTJfV2fydvdYMwF3vQTodNQtu2JCEL9Lv3JFNk4k&sig=Cg0ArKJSzLNrYu3b6yt2EAE&cid=CAASEuRocVmtMH0aN9Ou1xUkvOGO8Q&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3314916115&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664283221110&rpt=2393&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5C3F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
17344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:04:40 GMT
expires
Wed, 27 Sep 2023 08:04:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 12B0 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
7545cbfdbed4ca83770c6eb997a068f2d7c676f39584a67c8701fa2c94e496be
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Bw4yknTHkhFTL0KBZEYgYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-Bw4yknTHkhFTL0KBZEYgYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:44 GMT
expires
Tue, 27 Sep 2022 12:53:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s300x250_img_01.jpg
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_img_01.jpg?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
7d45ce77d7421d68ba9fd24a93349c3bd7013a452c53d3c279540b9fe5e738f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:39:57 GMT
x-content-type-options
nosniff
age
827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31253
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 12:39:57 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 63C9 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
17344
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 08:04:40 GMT
expires
Wed, 27 Sep 2023 08:04:40 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 9452 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f106.1e100.net
Software
GSE /
Resource Hash
09a04b8e087b62bdabe0608de1be4f8f41520f39da75b3fc137e8b12eb270dc2
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ryzJzpyylzDiwHKBSH7-EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-ryzJzpyylzDiwHKBSH7-EA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:44 GMT
expires
Tue, 27 Sep 2022 12:53:44 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sd
us-u.openx.net/w/1.0/ Frame 6C93
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=4107310575917729857&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4107310575917729857&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=4107310575917729857&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame 6C93
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=eae28b31-6ca0-71f5-e993-92213baf6211&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e7b7f15-67bd-407f-a491-9253efff8d18&ttd_puid=eae28b31-6ca0-71f5-e993-92213baf6211&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e7b7f15-67bd-407f-a491-9253efff8d18&ttd_puid=eae28b31-6ca0-71f5-e993-92213baf6211&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=1e7b7f15-67bd-407f-a491-9253efff8d18&ttd_puid=eae28b31-6ca0-71f5-e993-92213baf6211&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame 6C93
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzLyWMCo8YAAAI9nd3AAAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzLyWMCo8YAAAI9nd3AAAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Tue, 27 Sep 2022 12:53:44 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":38,"gdpr":false,"ipv4":"173.245.209.8","key":"YzLyWMCo8YAAAI9nd3AAAAAA","privacy_sensitive":false,"uid":"YzLyWMCo8YAAAI9nd3AAAAAA","upstream_id":"m-ad7"}
X-SO-Key
YzLyWMCo8YAAAI9nd3AAAAAA
X-SO-Upstream-ID
m-ad7
P3P
CP="See also http://www.scaleout.jp/privacy/"
X-SO-HostName
m-ad7.dc4p.scaleout.jp
X-SO-UID
YzLyWMCo8YAAAI9nd3AAAAAA
Connection
keep-alive
Content-Length
0
X-SO-IP
173.245.209.8
X-SO-Cluster-ID
38
Server
nginx
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YzLyWMCo8YAAAI9nd3AAAAAA
Cache-Control
private
X-SO-Ads-Time
7
X-SO-LB-Hostname
m-tgng28.dc4p.scaleout.jp
sd
jp-u.openx.net/w/1.0/ Frame 6C93
Redirect Chain
  • https://cr-p3.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCkCf5LqEZjks8ADsWuI7HhIc8AAAGDfwKrTA
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCkCf5LqEZjks8ADsWuI7HhIc8AAAGDfwKrTA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
via
1.1 ffa0d2acb6ab662531e95cf2a187fa40.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AfCkCf5LqEZjks8ADsWuI7HhIc8AAAGDfwKrTA
cache-control
no-cache
content-length
0
x-amz-cf-id
YXbxnAMtYyBwRN3vdzn0E9_Y5rrnTcKZl80052VRI4sLOxPY37HW4Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 6C93 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=YzY4ZDU4ZmItYTVkNy0yZjUxLWZjNzMtYzg5OGYxNGRhYzcx
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 6C93
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEAZGZ3_b8B2AbVMapkqZK1Q&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.as.criteo.net/ Frame D91F 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.as.criteo.net/all?cppv=3&cpp=LGAxPraOmZcNrrxli9i9X7qmuZr_xzwMs5y3Aetm9uIvS63QdQmqK4jb3ZL0CRqQxNc8YNTF3BmA1lmn5vVW0NBwszk8U-i53VKxw1nN03Hke_9Zw4sAf3LKu5t5_08-CjRO_A0jO63fz0JEcdStNS7pgI4CHwSJI3Kzmkib05t1Y-XEci4Fn7MiOP96XnOBwcPe_Dk7MgYgDhINDyuYx1UMIVOb-ijPkpKaiJvYH5o13FQ9TZz30f7Bwj2DW2WAC7GFXw&sds=2&rev=82884&sendBeacon=true
Requested by
Host: ads.as.criteo.com
URL: https://ads.as.criteo.com/delivery/r/afr.php?z=YzLyVQAKR7sFS42qAA39XS4y5djR8ld7WQjfag&u=%7Ch2m9STjgcHD5Y%2BiqXaJJzoyqglwygiNkKmCisEYhHrU%3D%7C&c1=0n2XosTo5cnA_wU1W2mnTJB6TrPmo_vK2VRn8AedBrStNtuqeOWC0rJuk9LNUepMCSxueFF3nyObcPlD00Gir02S3lfyLtrNEHmEp8bMck_2kmNVsPTS7St3QV12afTBbm0dDEj7l30XSMmy9ydBOV7o-VZVJ-8CFmwq5XxQCEi_SGkNPrcJ0C117e3xbPAXLWoxHvi1oCQmO79fIjjVHE1WBJajryJ7IY7FNq4j3KuA905t6XPhiuZtHchB0JUnqJYIw-gnB-t6KvXCT85SGlBodfeZUGCwyJazpsdaihhq3yRUBgBI0rDncl87Hm0SI4Rk_kHqa81i8L_NUm-eX0GUhy-kIwvzbgSEheRBnwxJVCYaB-Y8iA6RUQ1k06989240mS9tCV_cwfNPnRO4kBugJf65nhMfsISyI0-I_E9Hl4Yo7qYZyCOhTRzgOFPhCcQMX0E1UFh7c8-p-BNI6ETKgLJ0spgr5fRP_1aB6z4qsXxHhAGLVdJfu6chsP4DYMukL4gj2UgxdeqSqLqxYa-JuTqGKqg04etdm7LgXGdpcmvubaGye6N3258T0JmO-TO83jsO33QV5_4iWF3peOpf7rCdIgbeFM5Tvz0zYw8KJIqWTQC_R3RrnVMa5qhOUaodUIhCano&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCqn0ZVfIyY7uPKaqbrtoP3fq36AaY_NGxXKqEzOSFAcCNtwEQASAAYKWAgICQAYIBF2NhLXB1Yi04OTMzMzI5OTk5MzkxMTA0oAG22aPQA8gBCakCPDbcGNuipT7gAgCoAwGqBM4CT9CJpmxWonl_7ftgfnEZbI_1qN7aV8DRHnKuudDS_tAbn67Csyo5DWIEn7pj1yYHwaVElK5C50oFLLD0A72K20cdXbMD8LhylXIFYO-VxT0Jo4pJWPOUYCjbYdvSaYKHYck4oumO3HbB4sVt44lepACUD-GWOv6jwX7d0ZUAktOoNVRfdoh-pyKJlWIi8buKE0e_U-kNxxtyklysHx7KfSD2hsEVUWIlaueTJdpzn8Dg950Gp4sGrV3d7_aCNbwfy2_lCmtdC9st_uW-ihpXqIQjXQv89VGG8wVkZ4kH95zc8IxTv0dJSxk3oh4yoHb5jmaT_jdIzUBT1nhKK0zVsxz12AmHNQtSBi2TbINQs5KF71L8HeDP3eOzLuKpGAxRcCAkkibuZgWARHstfmBFXSyWXw8oRSZDkXjiDTITDmIQyb20cz1alrowCx24meAEAYAGyJmFzIjMzr9coAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDQiAYRABMgKKAjoCgEDyCBthZHgtc3Vic3luLTUyMzk5MzgyMTM4NzAzODD6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3HSvg-zJ_yR9upN2aTDVa4k0qKbA%26client%3Dca-pub-8933329999391104%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.142 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.as.criteo.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 27 Sep 2022 12:53:44 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
cframe.js
assets.a-mo.net/js/ Frame B76B 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://assets.a-mo.net/js/cframe.js
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.19.159.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
via
1.1 7bda591fa44b42ef6384ae955fdd5d7c.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
486
x-cache
Hit from cloudfront
content-encoding
br
last-modified
Tue, 16 Aug 2022 15:29:37 GMT
server
cloudflare
etag
W/"b5a666dd0f7ba9330dd36461c34df0c8"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
SYD62-P2
cf-ray
7514624cea52dfb3-SYD
x-amz-cf-id
NUtQ9r5ZjK5VBwYUZsYjUrXAJU3PAgLVOX9fkaSPNuVKAxnmnzWztw==
expires
Tue, 27 Sep 2022 13:53:45 GMT
async_usersync
ib.adnxs.com/ Frame E7D7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:44 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b0e80107-0421-479e-a172-bc421edb3308
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
s300x250_img_02.jpg
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_img_02.jpg?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
c6e27b6ca121715c65b37282e3c2177b8539a7632afb9d49e23e1945d209453c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 23 Sep 2022 17:23:48 GMT
x-content-type-options
nosniff
age
329396
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38220
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 23 Sep 2023 17:23:48 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 12B0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=108063896023097&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 5C3F 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473607
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 9452 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220922&jk=1890999272127215&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
pagead2.googlesyndication.com/bg/ Frame 63C9 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/EiKF25-Ew8QnV9WFt1cB1UkyXxUODWVwE4mmpr-jolo.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
sffe /
Resource Hash
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 22 Sep 2022 01:20:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473608
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15943
x-xss-protection
0
last-modified
Mon, 19 Sep 2022 14:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 22 Sep 2023 01:20:17 GMT
sync
gum.criteo.com/ Frame 3A33 		61 B
301 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
719822
strict-transport-security
max-age=31536000; preload;
expires
60
usync.html
eus.rubiconproject.com/ Frame BFED
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 12:53:45 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Sep 2022 12:53:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cm
p.rfihub.com/ Frame D363 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB71 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dpba%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58254
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 12:53:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 28 Sep 2022 05:04:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 3A33
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dapx%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=apx&refUrl=&vid=42832249943072848216820024000V10&ovsid=3288935868696266179
45 B
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=apx&refUrl=&vid=42832249943072848216820024000V10&ovsid=3288935868696266179
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 27 Sep 2022 12:53:45 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:45 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:45 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c6d00a0b-ceea-42cc-b9d5-7ddeb55cdce6
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=apx&refUrl=&vid=42832249943072848216820024000V10&ovsid=3288935868696266179
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 3A33
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072848216820024...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3072848216820024000V10&type=opx&refUrl=&vid=42832249943072848216820024000V10&ovsid=22cee2ae-c7a0-4b15-8adc-ec4f8940f0cd
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3072848216820024000V10&type=opx&refUrl=&vid=42832249943072848216820024000V10&ovsid=22cee2ae-c7a0-4b15-8adc-ec4f8940f0cd
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 27 Sep 2022 12:53:45 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:45 GMT

Redirect headers

date
Tue, 27 Sep 2022 12:53:45 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3072848216820024000V10&type=opx&refUrl=&vid=42832249943072848216820024000V10&ovsid=22cee2ae-c7a0-4b15-8adc-ec4f8940f0cd
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 3A33
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dr1%26refUrl%3D%26vid%3D42832249943072848216...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6041044554
  • https://sync.1rx.io/usersync/tradedesk/1e7b7f15-67bd-407f-a491-9253efff8d18
  • https://sync.targeting.unrulymedia.com/csync/RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=r1&refUrl=&vid=42832249943072848216820024000V10&ovsid=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004
45 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=r1&refUrl=&vid=42832249943072848216820024000V10&ovsid=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 27 Sep 2022 12:53:45 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:45 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=r1&refUrl=&vid=42832249943072848216820024000V10&ovsid=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004
date
Tue, 27 Sep 2022 12:53:45 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX762d6ba4ed964e9d8b06ff83a4cc33dc004
content-type
text/html
cksync.php
contextual.media.net/ Frame 3A33
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Ddxu%26refUrl%3D%26vid%3D42832249943072848216820...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=dxu&refUrl=&vid=42832249943072848216820024000V10&ovsid=OD3PA5z41ODa5N5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=dxu&refUrl=&vid=42832249943072848216820024000V10&ovsid=OD3PA5z41ODa5N5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
104.71.48.26 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-71-48-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 27 Sep 2022 12:53:45 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 27 Sep 2022 12:53:45 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:44 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0c66a101650797f5a@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=dxu&refUrl=&vid=42832249943072848216820024000V10&ovsid=OD3PA5z41ODa5N5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame 3A33 		43 B
363 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:44 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
317985
content-type
image/gif
expires
Tue, 27 Sep 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 3A33
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dmedianet%26bsw_param%3D07179716-cb08-4d2a-8765-23c19061b6...
  • https://x.bidswitch.net/sync?dsp_id=80&user_id=c2ba6332-f259-4c00-a2ab-7d6feae29c6e&expires=30&ssp=medianet&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a&gdpr=0&gdpr_consent=
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=07179716-cb08-4d2a-8765-23c19061b62a&gdpr=0&gdpr_consent=&gdpr_pd=
0
0
23178
stags.bluekai.com/site/ Frame 3A33
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dzem%26refUrl%3D%26vid%3D42832249943072848216820024...
  • https://stags.bluekai.com/site/23178?id=DLedyQr_5WhQjAZx4geI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
0
0
sync
rtb.mfadsrvr.com/ul_cb/ Frame 3A33
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3072848216820024000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3072848216820024000V10
0
0
um
cs.emxdgt.com/ Frame 3A33 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Demx%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C262%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.156.87.203 -, , ASN (),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
s300x250_logo.png
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_logo.png?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
77ed16f62631c03cbb86215503c50d38db3c6e00866dd6f3c8e301847fd06d3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 10:48:42 GMT
x-content-type-options
nosniff
age
266703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5578
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 10:48:42 GMT
usync
id.a-mx.com/ Frame B76B 		0
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.a-mx.com/usync?uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.154.71 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-l1
AU
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljSdzD99Ps8l3mrtfehloqaBi3Cp1BON87ffwcsll8DLENUWCJpjHcQExsn9z4IWIj9qhfcAIsb9xCAEqieIhboUVHKrFn3DFBkiICA6uZzKv5iJjuWyaaiACeKizA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private,max-age=0
cf-ray
7514624f0ddea831-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
check
pixel.tapad.com/idsync/ex/receive/ Frame B76B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=adaptmx&user_id=907bed1b-a7d2-4b75-b159-8288ea3f9b92&gdpr=0&gdpr_consent=&us_privacy=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=07179716-cb08-4d2a-8765-23c19061b62a&ssp=adaptmx&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10522801271404239827&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801271404239827&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
0
0
yahoo
prebid.a-mo.net/setuid/ Frame B76B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-9UdJFC1E2uGLFq2eZ2A4OdYHWbLFbZYsPJrR9qc-~A&gdpr=0&gdpr_consent=
0
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-9UdJFC1E2uGLFq2eZ2A4OdYHWbLFbZYsPJrR9qc-~A&gdpr=0&gdpr_consent=
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-9UdJFC1E2uGLFq2eZ2A4OdYHWbLFbZYsPJrR9qc-~A&gdpr=0&gdpr_consent=
date
Tue, 27 Sep 2022 12:53:45 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync.php
pixel.rubiconproject.com/exchange/ Frame B76B 		0
0
cookie
cm.adform.net/ Frame B76B 		43 B
105 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=0&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dadform%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
server
nginx
content-length
43
content-type
image/gif
partner=adaptmx
ssp.disqus.com/ Frame B76B 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssp.disqus.com/partner=adaptmx?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dzeta%26uid%3D%24UID
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.147.206.141 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
content-length
0
setuid
prebid.a-mo.net/ Frame B76B
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%...
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=smartadserver&uid=7950373988733814251
0
0
Pug
image2.pubmatic.com/AdServer/ Frame B76B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=158355&gdpr=0&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo....
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=RkU5M0JENjQtMDVCNy00QUI4LTlCRTAtRUMwQUU1REZCQUU3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
0
setuid
prebid.a-mo.net/ Frame B76B
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dindex_rtb%26uid%3D
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=index_rtb&uid=YzLyVvF-2FR72Eq3gQssUgAA%264766
0
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=index_rtb&uid=YzLyVvF-2FR72Eq3gQssUgAA%264766
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
6
server
envoy
vary
Accept-Encoding

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9HEo9OU7XIrSADGaFssWajuPxNQ9LILTaBRjcAOhCBqQuPO1Jw9s85qoN30bAdZk0e8bmntrwJn075IYA32E5TIxFpmaaCouiuUM7sNlUGRKDEgedSuD7U8KfXjrQs0jD%2Bk0fJKu"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=index_rtb&uid=YzLyVvF-2FR72Eq3gQssUgAA%264766
cache-control
no-cache
cf-ray
7514624f2b53aae3-SYD
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
setuid
prebid.a-mo.net/ Frame B76B
Redirect Chain
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&us_privacy=&redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=sovrn&uid=FYuFELZHu62G6_KdRGGNUIko
0
0
setuid
prebid.a-mo.net/ Frame B76B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dappnexus%26uid%3D%24UID
  • https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=appnexus&uid=3288935868696266179
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=appnexus&uid=3288935868696266179
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:44 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:45 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
cddce105-1bca-4022-b844-cdcf3c9710d1
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=appnexus&uid=3288935868696266179
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
setuid
ib.adnxs.com/prebid/ Frame B76B 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=amx&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:46 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
bbe22b3d-a3b8-4ae7-8fe0-a2c587c05e3c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
ADMX
c.deployads.com/cs/ Frame B76B 		0
0
setuid
ow.pubmatic.com/ Frame B76B 		0
0
setuid
pbs.aniview.com/ Frame B76B 		0
0
setuid
prebid-server.rubiconproject.com/ Frame B76B 		86 B
698 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid-server.rubiconproject.com/setuid?bidder=amx&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92
Requested by
Host: prebid.a-mo.net
URL: https://prebid.a-mo.net/isyn?__st=iframe&gdpr=0&gdpr_consent=&us_privacy=1---
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.192.218.173 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-192-218-173.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://prebid.a-mo.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/png
content-encoding
gzip
expires
0
xuid
eb2.3lift.com/ Frame 84A4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=1e7b7f15-67bd-407f-a491-9253efff8d18&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=1e7b7f15-67bd-407f-a491-9253efff8d18&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=1e7b7f15-67bd-407f-a491-9253efff8d18&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame 84A4
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjQwMTMyMDgzNjIxODg4MTM0MA%3D%3D
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 84A4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDo0r6S7CBzvssEVokYos9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDo0r6S7CBzvssEVokYos9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEDo0r6S7CBzvssEVokYos9E&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 84A4
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjQwMTMyMDgzNjIxODg4MTM0MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjQwMTMyMDgzNjIxODg4MTM0MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
74.125.24.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=MzY0MjQwMTMyMDgzNjIxODg4MTM0MA%3D%3D
date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame 84A4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3642401320836218881340&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=3642401320836218881340&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec&_noobservation=1&_expected_cookie=dc87043...
43 B
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec&_noobservation=1&_expected_cookie=dc870435099feb30ed1f973d1ee4399c
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

p3p
CP='NON DSP COR CONi OUR BUS CNT'
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
751462559c43a811-SYD
content-length
43
content-type
image/gif

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec&_noobservation=1&_expected_cookie=dc870435099feb30ed1f973d1ee4399c
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
751462545b21a811-SYD
content-length
0
/
c1.adform.net/serving/cookie/match/ Frame 84A4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=3642401320836218881340&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
0
0
xuid
eb2.3lift.com/ Frame 84A4
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/3642401320836218881340?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-f2u7pPxE2oS1YjXj7GZTDcpSnj_v545NsnwdDYbEXg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-f2u7pPxE2oS1YjXj7GZTDcpSnj_v545NsnwdDYbEXg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
35.71.178.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 27 Sep 2022 12:53:45 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-f2u7pPxE2oS1YjXj7GZTDcpSnj_v545NsnwdDYbEXg--~A&dongle=0883
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame 84A4
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=3642401320836218881340
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3642401320836218881340&dcc=t
0
0
c.gif
c.bing.com/ Frame 84A4 		42 B
667 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=3642401320836218881340&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:45 GMT
etag
"8766f3fc1fc7d81:0"
last-modified
Tue, 13 Sep 2022 03:22:00 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E0A77942CD2C4F0C962A95A9042A338C Ref B: SYD03EDGE1319 Ref C: 2022-09-27T12:53:45Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
23178
stags.bluekai.com/site/ Frame 84A4
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=DKfJcvSiuFZ24wkyTxdf&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
0
0
view
googleads4.g.doubleclick.net/pcs/ Frame F046 		0
30 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssy7OJZaYGWRTCHvsaxh1z4oY1vwd824P-I2nbrw5hoYd_ZuQJ4A5sPQKMwWjIb8TbsicWoMdhp_vaGAgnWQwGQwp5xBQnDxRWdWUaFr-TI1JMqRhNF7ReT6uL9A-PfHaDipXJSyoaGFfqzTdjamWr7N0l6TeY5QMjQcaGPj5-APxYvI9bwz9D_C8uHRZe4vaYjXDI5wk-l6HFqDJ8xQawNOhxFA_JXmXym9yVm6ZV0CRbXiJIs_l6iWHqFPm70mpht3N_EVDTIsRlruia2zdlzqRfWozTG1IxfJwRHZ5zbg8IYKalOh-YW9_Lh-TXLB4QlV-it6MexhdHhyObbl10dMcUCyQ_bBQkkUwXn59mGctSItMbN__nf-IiF1z1hdA18HnAUVtJfnaptzksmN3G1_j9B5hjK4ay9fFvndyJKpVRTlK_clOFSU_ervsNANb_u6xogElT8qLcs3zFtf1cm8M2otdM42WtAyjYZfPo89jGG02V2MN-8rhcuUHDcaMXX-MrLLwr18lJsuIaUpYWGMvFo-OVt2YM_QMK2rJg_KxbOWkvUNeNsNs4vFmLTfF-x6S6-hK-7-bIjP_FQNW-78eSF0MNadsNVD4G9b2dFphsWcfi1sfy77K9VgKPrEnT5s_TL3ctMi4W6kqnJ2b-PTaCMhtmjJYg0YfTOnupq8WtouzaYwq44yLmxo47257hzZU_BOhMwarjlCsjvjBqg2eBf3dJ-5fwnGGRWTdxGohWBikcsLmyuKrtneRMOgKkmpX-HdHtezfote5pOGEKbItWIJ8hDgOAkEWLqXc0qKuoe6bJ5dO62jnQEq9NiO_jAtYlCcF9SCzRCUcRnv2PPp8606SI4BztTHfhHFR6y678VUY4jm2COZ5OsgEvLyb3FNkFWh6L05SFwOtgfYWh7LqhP50NJx_mKDcXus_JUAXbozn6aIfgWy4t4cJsKuhiJdMj3PJSdSQkPObCyKa2ftYgMHw3tKYfcVbdH0FZ3cvQtKmLqNxWldOiolxZTOt4BBdQzvleqOitzc_y8lbzJhpF_kNImBfNKUUx24wt_WmyCNo0HJRiQhN1m7umrmq5OBlSvaGR15-LgtVQ0bVSzDhzr2_6pfN8gIt7xrwnNmeBE42Ir7HUUpavAVu0TrivxxqGu2eKWd_5gmMMQGHk-0cvLF72ES75_txrzbNRBZxGX3pg1nKzHc-oj6U2wHARBJUALkag9rX05uubsUd7wZbMQ2XiBe_8DvtDlrTZhLTOij8FbV_pnwQqaTdklV8vqMyC5-A0gG1qdvkn4PYQAskQuZlYrrM3FKr1LXgpD7lrAdPQ1H8sbIx6r&sai=AMfl-YR4Uz6MIexxa8omIiatM_-lPmQSFT-CCcqn48gTeCL_lozs1Va5lZS1odBvbPZdMAVZi1Skzvgdhf10rT1ZcLPd0lgCGeWHKwsGVMxXxh_q3RMGuT-4BOn2XOysJOt7GM3CieAI7IApmpWysW3COWHKUSrjVV6Bnzyy7gvLQYRCTkv81VU0bJ7nwNoBogx3QqGFIUGEL8Zn9UDwP3mwxIt1&sig=Cg0ArKJSzHTgZdunFXVuEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2185&vt=11&dtpt=1595&dett=3&cstd=589&cisv=r20220922.63435&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
generate_204
tpc.googlesyndication.com/ Frame 5C3F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?f1Iqeg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 63C9 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?G5rcDw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:45 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
view
googleads4.g.doubleclick.net/pcs/ Frame EB1F 		0
30 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstavNeUtuEow39_-Q4axGpXsKBrThA3c2iwO0lQ1rzRoKvl9RSuY9Ve9kUAzjlvbxP6PfvUCTwzARIgZieNKvITug7kxUHbHPfi0viLftpih_Y8Rzw5oKQT_iyoZnWlHgiOJ7KakNYD4ifYHb-yeUB8l32H0WNwM13mpwDZikR8wyFtszLd-BS8PPRf4FvCe2cuaSiSM9X7Qpg02qL_MSUajT5-9EvjuKTgoMXPFfP71Mw3qQW8M1OM9N27snY18k9iwjeldzLAHKUYH7g4sr0tZgT3QqZY-ojZwUVZ6loEAecDDlwUMLajL9BddbWpK2R8xg1xjwtZ0024LZqH375WtnOfkEQUuNUzFZpf10fPkloED5r_V3Fsk9F8cLmXMZD5OkbbNO9GXFtdW93H2u-CFAdf2QqcA8qfYwY4kJjQj7AWGrM_kow5yLIpI2Cna-iZ5iOJoq8hiJSxHn3cpOf51OCJL0mA9BGpeY6UwG06D04AH0hJkMjYVVmBk6_BsSxS9R4TQo-nJNvVqNmQusQVYFV_CFPJoUBf3ADHc1DOXTlHacTigcFUAPZUJCf9-CKHhPBRaDfJGZMrqMJU1t5UJ7seJ6zYszdmrBZpkcjoG1GsTHUvD2UqgaNuC7AyMgFx9KUAw8d1YWcSSkxpBJKQKiSeWtAUobWPf4bWB8ApNypNxbKN8FMH9W9jvh1I-7JxSzPE84_vpOD9jC3IgCCD7wwhippJ0_mc8JLuO_b5zuBrsVN9aciiULhsF_r3OIR3zcSTgQ_A4HFsBpPZabwlLgbxVj7kruOFTbXfsIhVHRgWq_4qQUAE_S1WYMVkYHAdg1Xb0ceBMPqBODGWm6UyNJAtnSycmlO2w5n58iFxasaBdiXogtpXs80Gi0RX_SPX-_oUCf30-L2GSLZs7Jx1zASeD93Yz1bQv7yz0SWmBqizhmDCnHjjtuVbK9HFYjqWWfH-co8jBt9T7zW1Ztxr_vTy6XdEFrgskgn7HNLY6ebjZLlsnfDEQyBix8BEP-Ku9NQPq9Ky_zAM9MS_Z2h3PO97T--Uf5YyM4Lf2CyQ_QtXiFpMZH6IkNJLVtUM9wJCoyJgzsroUg-OX18aU4WpPKcA4sZLnWf-KIJKZamGWaFC0d9mml0FzoSWiwKVWz2rNhH96lLi_K0FsJqysIWVMT3vHnTMFBeZVS89loXhB-1HAf1T9WSEbYyvqXugrf1A8OKSYryk5gtosJ2bvuD7qtUE-wk9RyE9MIcJV4zhGuba18xS8mjWMZHDjPUuVKOJTsiqA6qVjvuqtK6Qa3Qvw0kq39KV30NV6HE9arO1EG_hVmJKq-ErpYe1R4k3&sai=AMfl-YSMf4zKpMztiBoLG9-BXReikVP21P7MCfNuVyHHSrpAqoGHzQ6sAfyjsAohkX_hqg0LxXrX5-Xu7V84NwP4JOJFsoF2BPJo8rkqnyWzg_pCciCmHaEUpxqr0l5ZqGdnkG1-EGHE_mlxuv1ejDqjie_i41dWZS6OpO1BQkL1vxghO5XBUXgZ_OQX36NeMk18W7lfko6V0OUmnYLLLPf_twfp&sig=Cg0ArKJSzCPshq38vI78EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2189&vt=11&dtpt=1512&dett=3&cstd=675&cisv=r20220922.13709&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 27 Sep 2022 12:53:45 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
usync.js
eus.rubiconproject.com/ Frame 64C4 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a990c1548dfa09adfa38710df97525b6952b8146dd58b0f2793eb339fa29a901

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59344
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Wed, 28 Sep 2022 05:22:49 GMT
s300x250_txt_01.png
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_txt_01.png?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
3884e93f5f502cbcb8450d070a78f9225029390b9fb3d0b7c0f675f69bf0b195
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 24 Sep 2022 10:48:42 GMT
x-content-type-options
nosniff
age
266703
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2995
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 24 Sep 2023 10:48:42 GMT
s300x250_txt_02.png
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_txt_02.png?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
5cc3f8a90249f354cb54d5d1e256b2d9c65f57e42f7b89a1d23b172e16fdd24f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:40:39 GMT
x-content-type-options
nosniff
age
786
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3474
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 12:40:39 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 0BEF 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5925112dc522327660fd2acb9e6535bed62be7232d4fc14cbb1b64e6d656e74b

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
751462514973aac9-SYD
content-encoding
br
content-type
text/html
date
Tue, 27 Sep 2022 12:53:46 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Y0tm6u7aMDgi3WzftHuBsNIXNH6syirZpkBfvqoOz30zk7UiqiqECFgp1mXe64FbuOjDAtGhB96KMQ60WmRZKF4tPMiI7YyakiaD3AxMwCRaFnSpQZZzCM2EGI0ewu9Xn4fLUVJ7z%2FvkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
dcm
s.amazon-adsystem.com/ Frame 64C4 		0
0
_i4cd9RtzPuVDDbmyg-EmMn5EUdSAgOZEtemQ7w0kco
pr-bh.ybp.yahoo.com/sync/rubicon/ Frame 64C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/_i4cd9RtzPuVDDbmyg-EmMn5EUdSAgOZEtemQ7w0kco?csrc=
0
0
pixel
cm.g.doubleclick.net/ Frame 64C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLNzlCODAtMTktRDFYSg==
0
0
tap.php
pixel.rubiconproject.com/ Frame 64C4
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e7b7f15-67bd-407f-a491-9253efff8d18&gdpr=0&gdpr_consent=&expires=30
0
0
setuid
px.ads.linkedin.com/ Frame 64C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K79B80-19-D1XJ
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 64C4 		0
0
tap.php
pixel.rubiconproject.com/ Frame 64C4
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQkUKBz246bbfha-vuknZ4&google_cver=1
0
0
pixel
cm.g.doubleclick.net/ Frame 64C4
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTUyNjU3NTU3YTIxOGM4YzkzZmEzNTBjZTc2NGY1ZmUxNDhkYzFmOA
0
0
s300x250_txt_03.png
s0.2mdn.net/sadbundle/2717636683251514590/images/ Frame 5D4C 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/2717636683251514590/images/s300x250_txt_03.png?1661403160473
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f149.1e100.net
Software
sffe /
Resource Hash
1245ab3505f1844a568ca582a3df3484fdfe7a95a16595f59dae20adb44d3733
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/2717636683251514590/WOOD0342_reliable_power_300x250.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:40:39 GMT
x-content-type-options
nosniff
age
786
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3635
x-xss-protection
0
last-modified
Thu, 01 Sep 2022 03:53:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 27 Sep 2023 12:40:39 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 975C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.78.217.19 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=58254
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 27 Sep 2022 12:53:45 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 28 Sep 2022 05:04:39 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
unused62
8096267
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame 346F 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.233.134 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
5eba698295cca526df630447071d891316984955afe93d393fc31ab862071218

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 27 Sep 2022 12:53:46 GMT
etag
W/"034657e5dce68dc7add000cf60e9271e3"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame EF7D 		2 KB
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.79.234.100 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip100.ip-51-79-234.net
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
content-type
text/html
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 305E 		859 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.53 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc3519f8490f4b660e2826e118562ea1a134570ce757b1a305f628d55ea36388

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
859
content-type
text/html
date
Tue, 27 Sep 2022 12:53:45 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 12EC 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728dbf19c0637e3ea1b251d78c29dcc86051044bd9fd7600bcacac8d1457e857

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
751462514972aac9-SYD
content-encoding
br
content-type
text/html
date
Tue, 27 Sep 2022 12:53:45 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LmqWl7Q8pt9IhBMUUFeNozHDw%2Bs83fHCt5LfMAnHfgr2fgZEAfuBYKe0HFPlVy66cEn1D94t2Qhr7Po4cu7pFO%2F1aeB5zEy0viu%2B3li%2B864OeljbhnP2an5JJQpwIhscFCn%2BjY4QbPe04A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 0E13
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 27 Sep 2022 12:53:46 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 27 Sep 2022 12:53:45 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
sync.php
pixel.rubiconproject.com/exchange/ Frame 8294 		0
0
sync
ads.servenobid.com/ Frame 8294
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=3288935868696266179
0
0
merge
ce.lijit.com/ Frame 8294
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
0
0
pixel
ap.lijit.com/ Frame 8294
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
0
0
getuid
x.yieldlift.com/ Frame 8294 		0
0
sync
x.bidswitch.net/ Frame 8294
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004&rndcb=4583656758
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=adconductor&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a&google_hm=MDcxNzk3MTYtY2IwOC00ZDJhLTg3NjUtMjNjMTkwNjFi...
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBEYLjx4Buek3-1TrgHazyY&google_cver=1&ssp=adconductor&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a
0
0
cm
p.rfihub.com/ Frame 8294 		0
0
usa
sync.go.sonobi.com/ Frame 8294 		0
0
cookie
cm.adform.net/ Frame 8294
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4796%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D907bed1b-a7d2-4b75-b159-8288e...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4796%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
37.157.6.247 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F4796%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Tue, 27 Sep 2022 12:53:45 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
3
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 8294
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-84BgJn1E2uGDe79FTGa0anZWBak8mw8JXkMhuYA-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-84BgJn1E2uGDe79FTGa0anZWBak8mw8JXkMhuYA-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-84BgJn1E2uGDe79FTGa0anZWBak8mw8JXkMhuYA-~A
date
Tue, 27 Sep 2022 12:53:46 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
merge
ce.lijit.com/ Frame 8294
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ce.lijit.com/merge?pid=279534&3pid=ua-341c5082-1018-3d18-ac64-c1b2cd9121bd&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRN...
0
0
sync
ads.servenobid.com/ Frame 8294
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ups.analytics.yahoo.com/ups/58632/occ?verify=true
  • https://ads.servenobid.com/sync?pid=339&uid=y-t9fhH4tE2uF4wUcoraq9lCFNS7Ei7vP2xc7U6mY-~A
0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-t9fhH4tE2uF4wUcoraq9lCFNS7Ei7vP2xc7U6mY-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-t9fhH4tE2uF4wUcoraq9lCFNS7Ei7vP2xc7U6mY-~A
date
Tue, 27 Sep 2022 12:53:46 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sodar
pagead2.googlesyndication.com/pagead/ Frame 524B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=108063896023097&bg=!hIelh8PNAAYIxsuQKMY7ACkAdvg8Wlizivor1wvEkBmO0jxH0L6FONZp-9A-msFFbd8J4SPR-Vo9UwIAAAC4UgAAAAJoAQcKAE4gaGywjjzqCFUrRxFsbS0GBUn-EtswOapMFKMXyNfVqJ0WALdyeZFsjoeyJfmB589g0h7dez_UikGD7eKR3AzPSGYDxWZgkhpNSBpgpaqZAtBMpEvibq1Tnl5Ccg22yYoVsI6rOT_EvBMXxg-zHy4NH2ECB7E7DUhP9KqvRJFS6Qk-NJhI44YBJ_vEwmYnEIV-dYmYCj4hijUpHeQ3j3k1-r_h2jiiw0ePQx13qKoPfE0EKxuchn1YH4IcJeYb28BJTOGcapZNsDO7PdVytHX7RTxv3eRalM73PtfO9tw6xs0FuMWolNwrbOV8sDIMNjNykx6GWauv8wu9nHMwNjiPqBTUqiOjD6tQ0UBuMrjnWrScXO37WAPeE7ps5tyLkBNQtm46zMOtgbDe9Q55SAvIKn5JPvDZhtaOoX0CDuTFTlXDkKUVkoAc4i1gnOYy7EX44eFbbWF6ftM7iYwDLBAnMB7x2OtenneiKlds43JqnH-2MRZ4az1KoiG6r44QLhKLwn4MTRIM9XlC4DFJmeipxA8WqOsvEA8iMxl5sP8-1WfJWXlDPqcc33y8JwfzOGFexEkPMP_XEpA5VyrsgPSWqBa5jU2mnl193_AsbfU_9JRnGycvL80N8prSbYfGg55O4f9TkownZuMC2GLYM6r7ieEzb2sVseuPTJpwOhc_kxphFUOtnpHy3ErTkB1vre3OeBgn6tVPTCul50mIIGoaWpVra36I9-aHOIPtjWJEM35FHAVNMHIun1Y55NlHXAWWX37nCvhv8J9ltu86v-ZQr7sH-MPl7biHfY7LZowRW4gIZmv2hwGVyPuxGsI3s6uVIlIZSFM9f5hED5B7aEfwRNcd6gSRQQEiFskpSTxK2PCEm5uDemRkGLslVHUSXgyhl2EVk6q3xAEAY_fcIIM7HlNQ5aD4ZEx2mtigbQrrtd7oQFMohgatlRme4hgrAZhFCojwqDwCFrpp3cI-wO4YshCVnnX_AOuoji1KblqbBBWuYG6zvNHCEpIFlBJ4GlKEhEyepot0RVJJUc7Sob4OSMiE54UgtiJlaxMgGMjEaxQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 03CC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220922&jk=1890999272127215&bg=!lZalltLNAAYIxsuQKMY7ACkAdvg8WjWf7C2I-LgMkAf5bbqfalhD-2kVvQg7rOj9fAG0z-_AlmP66gIAAACTUgAAAAJoAQcKAKaN4dw46ANjwRBjm80w9bT4eQMmgD3A8hVTVxfQydwM6mXfVpZRLgG7lycOaala_u8jgLJLR2paz7pVEHuevKtbYsoKEcLRtiCWirtW6gTQ_eb4zf4exmKlzpydrMOQL_Salr8iHZhRVeOsQJF-KJHHcN-ka_wY23uqZQ530vNCh-GM8NXOPWsZjE-KWavMu9hCnjv3vUjRmeZ-gWpZCMrXuM1rQggwmQKmSZeE7S3TKCqck8TuiR3Ky1JHtoQBaDjq5v4ZumTFrcyU3ubtUe73SJKwNzt4h9qxbDkMa1_v3Uidr0_uPRQ2bODPFmgPRpf9dWCG5tTfV7ioytIU14phQajsZkeU7aJfvbS2t62MlLeIgS14IjM8iWxOVGpVeVC5FqvsHKOi-_Bya-Z4jn6IRp3EGiNf3mcti_z7pyR9k4MHAhqjoZnJFu_MSTso0fh9SISIXY8X-j8G_tLlFsoqHyGGRT9MWkFo6AtFvZ5WydwzTJvSFBvAzIoh7wpWwGnWoIKPhWJTfNa8FUhz1n-7D0uagPBDZQa2gl5j1_XyUqKXddSh_9Za1hJfYSFQ4vKiQohdOzCDuqTdNB09CSvyoYqkOnrUaFgX2O_JWf-70zBWsEg18DqYlwuHGUsN7n07AxU8sfvHXgFU8P6IMVreK5vePg0zblR3wK9J5tP4iKwX5oqiwA9ojdZ4mefTZIiUmOJggJ7icARIbemgng2X20CCqWMcUoaOyMXKXdohEHMa66NbbIJMtaRB7axHS5tb9wtOuQQZB6bXlDPpM0ZaFZapkNfarMwxgLfSxQfWo7bY0U6b4qKWOOhKJdRj5eIXudln5aykRujcl7-OELBOaqDhr3YN3vlXgaFm0QUlUQvRbs1_Hu6CAMgnSiQDpW_ySsG-zPOVthnHbfskQwx2RDiN6fcHw-DWf4qzI33hrHI5RXKxbGSxYQqGxFaBlDxOqyL3loFzNdIN8i0k4bv5gLhpKxB6tp826pS2m-SC52V4gwvWmC32dM2U34S4qcAy6ZgOxutaq77rUqQ9x1cQhKzv04VAmzPdy-tEHdgW5V2nBLYtvfwIyYeWefGh4AZu8Mzuh6I8BnVwUS5T1wda7vEctMlhEyoDLOXmCLAk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/qi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame E7D7 		0
743 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:45 GMT
X-Proxy-Origin
173.245.209.8; 173.245.209.8; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
22300d6a-36ad-459e-8a11-d1ae33859ef5
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame FB71 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=19002881&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dpba%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.196 , Japan, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
79ff73bf3d0e0b9d742b3ff723121cbb30d64dca35e9330ad3407200d0ab8bb0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
dcm
s.amazon-adsystem.com/ Frame 12EC 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_cver=1
43 B
845 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
75146254bcf1aac9-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y5EH162DH3rb%2FTbL75K71SpUXD8hC0oybCG5WIvdTF70tlEHnE2UT%2Bylvxu9eM8cGrku9iWNjYiHvd1SPmTWlwGmZ%2B71V%2BTnJp6XNH%2BEwx5OGZHRB9OTLtx7OpmkqRIdFUhccUz07TDgPg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESELYhn-M8EMWCXZ-J2BhgbV0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e7b7f15-67bd-407f-a491-9253efff8d18&expiration=1666875226&gdpr=0&gdpr_consent=
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e7b7f15-67bd-407f-a491-9253efff8d18&expiration=1666875226&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
7514625438e7aaea-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EYwT1JvRyaGISQ8So8W7sMTa4eHDHk9%2FhdQbh4gn4Ww%2FrUI0F8Ig8lh4w1KIjpcd0zC3UPfwee2uK6YyLboz%2BS907FzNfKgscwSadVDuVd2IpDnYez3cK5Kj57KgX2QS%2FZim26D71eGq%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=1e7b7f15-67bd-407f-a491-9253efff8d18&expiration=1666875226&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
getuid
secure.adnxs.com/ Frame 12EC 		0
0
YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 12EC 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.2.67 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=724ad25c-b77c-bc1a-f8b9f5f4
0
0
rum
dsum-sec.casalemedia.com/ Frame 12EC
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4107310575917729857
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4107310575917729857
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
751462558a83aaea-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUDICvFif5vkZWRNjzvS7yFYpDKEl7VRolIkCkjwmGrTSbpuZcPdxyqK77aLmE5EtAW%2F7hQL9lkTyr8vMrWNGrl2el7Ytrv%2F0ZaI4LXo2ffS6zvpU1%2B0j0DX7bIuZPqW2bXMI67%2Flwc8Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=4107310575917729857
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ie
match.prod.bidr.io/cookie-sync/ Frame 12EC 		0
0
sync
ads.servenobid.com/ Frame 12EC 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.128.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-128-24.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0BEF
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
13.229.2.67 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
date
Tue, 27 Sep 2022 12:53:46 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 0BEF 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
via
1.1 varnish
server
Varnish
x-timer
S1664283226.379765,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-syd10152-SYD
crum
dsum-sec.casalemedia.com/ Frame 0BEF
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2ba6332-f259-4c00-a2ab-7d6feae29c6e
0
0
rum
dsum-sec.casalemedia.com/ Frame 0BEF
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lJEws8SQNrWPmzOzxJYuuZTDMbePlGewkZLj86xw
43 B
844 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lJEws8SQNrWPmzOzxJYuuZTDMbePlGewkZLj86xw
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
75146254e9a0aaea-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IDiBc0Rc1Wc%2FvQClDia38buvDdWmSxX7yZPG%2BcQMnDjgP106DJSF8%2B2joiOg35QE284J%2FMVUXw8IMiXDXtXugCmc%2F2dwEcuXPkn4wK7n5s9OB9MaHnuFrdP0qa2nSsAPCTttrNIbwuVTrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=0&external_user_id=lJEws8SQNrWPmzOzxJYuuZTDMbePlGewkZLj86xw
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 0BEF 		0
0
YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame 0BEF 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.2.67 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame 0BEF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OD3PA5z41ODa5N5
43 B
843 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OD3PA5z41ODa5N5
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
75146254e99faaea-SYD
pragma
no-cache
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8EmC6f54SZHmrUd8ci4aLwnFcG%2B%2BSdx6c3Y96kpIOLP74QPac%2BltePDOM1hX4Y1aiVW7FK4jgx0lU0iRhDe5aB3QTlBefSdJ9g5s8BzSrzhV0SB3rbMERE7UyquV6LdOEF%2F%2Bhdzjulq0g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 27 Sep 2022 12:53:45 GMT
Server
PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-05e9653613838233f@ap-southeast-1b@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=OD3PA5z41ODa5N5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame 0BEF
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9CD9D5E126244C9884D0E9EF5D0D91F0
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame 0BEF 		43 B
352 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YzLyVvF-2FR72Eq3gQssUgAA%264766
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
75146254fe25a8c2-SYD
date
Tue, 27 Sep 2022 12:53:46 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
145
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
accept-ranges
bytes
content-type
image/gif
content-length
43
expires
Tue, 27 Sep 2022 16:53:46 GMT
usync.js
eus.rubiconproject.com/ Frame BFED 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a990c1548dfa09adfa38710df97525b6952b8146dd58b0f2793eb339fa29a901

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59343
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Wed, 28 Sep 2022 05:22:49 GMT
usync.js
eus.rubiconproject.com/ Frame 0E13 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
a990c1548dfa09adfa38710df97525b6952b8146dd58b0f2793eb339fa29a901

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 27 Sep 2022 12:53:46 GMT
Content-Encoding
gzip
Last-Modified
Thu, 15 Sep 2022 22:38:47 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=59343
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9422
Expires
Wed, 28 Sep 2022 05:22:49 GMT
match
c1.adform.net/serving/cookie/ Frame 1996 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 1F8A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2ba6332-f259-4c00-a2ab-7d6feae29c6e&gdpr=0&gdpr_consent=
0
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame A967 		0
60 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dpba%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Sep 2022 12:53:46 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10152-SYD
x-timer
S1664283226.455154,VS0,VE0
pubmatic
gocm.c.appier.net/ Frame 50B0 		0
0
send
cm.ambientdsp.com/cm/ Frame 7A9F 		0
0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame A1BA 		0
0
usersync.aspx
dis.criteo.com/dis/ Frame 0AAA 		43 B
362 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dpba%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Tue, 27 Sep 2022 12:53:46 GMT
expires
Tue, 27 Sep 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
473859
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
cm
ipac.ctnsnet.com/int/ Frame 3315 		0
0
pxd
dps.jp.cinarra.com/ Frame 727E 		0
0
sync
x.bidswitch.net/ Frame 649B
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004&rndcb=3976548942
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 9B25
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OD3PA5z41ODa5N5&gdpr=0&gdpr_consent=
0
0
bridge
cm.adgrx.com/ Frame CC3C 		0
0
rtb-h
trc.taboola.com/sg/pubmatic-ssp-network/1/ Frame FD51 		0
0
cookiesync
core.iprom.net/ Frame A897 		0
0
/
csync.loopme.me/ Frame E987 		0
0
141
match.deepintent.com/usersync/ Frame 322A 		0
0
Pug
simage2.pubmatic.com/AdServer/ Frame A8ED
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9CD9D5E126244C9884D0E9EF5D0D91F0
0
0
i.match
a.tribalfusion.com/ Frame 6F22 		0
0
cksync.php
contextual.media.net/ Frame F500 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FB71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=_pO9ZAW3Srib4OwK5d-65w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
0
0
420486.gif
idsync.rlcdn.com/ Frame FB71 		0
0
img
sync.mathtag.com/sync/ Frame FB71 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame FB71
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTyKGm7_dO01divDNWSkCk&google_cver=1
0
0
pubmatic
um.simpli.fi/ Frame FB71 		0
0
FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame FB71 		43 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Dpba%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.229.2.67 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 27 Sep 2022 12:53:46 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
strict-transport-security
max-age=31536000
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame FB71
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7b7f15-67bd-407f-a491-9253efff8d18
0
0
sync
x.bidswitch.net/ Frame FB71 		0
0
Pug
image2.pubmatic.com/AdServer/ Frame FB71
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LfzP8H39yfY29szwffvR-i2uzvQ2-ZjzKP-YSmLs
0
0
SPug
image4.pubmatic.com/AdServer/ Frame FB71
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4DTRXOdE2uUfgrj7SYnGZ7rRPr4qjhQ-~A&gdpr=0&gdpr_consent=
0
0
getuid
ib.adnxs.com/ Frame FB71 		0
0
match
c1.adform.net/serving/cookie/ Frame FB71 		0
0
cs
ad.turn.com/r/ Frame FB71 		0
0
apn
ads.playground.xyz/usersync/ Frame FB71 		0
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame FB71 		0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame FB71 		0
0
sync.php
pixel.rubiconproject.com/exchange/ Frame BFED 		0
0
getuid
secure.adnxs.com/ Frame 346F 		0
0
sync
x.bidswitch.net/ Frame 346F 		0
0
redirectObuid
sync.outbrain.com/ Frame 346F 		0
0
cm
us-u.openx.net/w/1.0/ Frame 346F 		0
0
sync
sync.srv.stackadapt.com/ Frame 346F 		0
0
gumgum
pr-bh.ybp.yahoo.com/sync/ Frame 346F 		0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame 346F 		0
0
services
sync.technoratimedia.com/ Frame 346F 		0
0
142
match.deepintent.com/usersync/ Frame 346F 		0
0
/
b1sync.zemanta.com/usersync/gumgum/ Frame 346F 		0
0
server_match
ad.360yield.com/ Frame 346F 		0
0
floor6
sync.1rx.io/usersync2/ Frame 346F 		0
0
rtset
bh.contextweb.com/bh/ Frame 346F 		0
0
sync
ssbsync.smartadserver.com/api/ Frame 346F 		0
0
sync
ads.servenobid.com/ Frame 346F 		0
0
img
sync.mathtag.com/sync/ Frame 19D1 		0
0
URnmbSKM
sync-tm.everesttech.net/upi/pid/ Frame BF78 		0
59 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.49 -, , ASN (),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 27 Sep 2022 12:53:46 GMT
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-syd10152-SYD
x-timer
S1664283227.549144,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 9251 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 3331 		0
0
usersync
usersync.gumgum.com/ Frame 7835
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=1e7b7f15-67bd-407f-a491-9253efff8d18
0
0
um
cs.emxdgt.com/ Frame 2CA5 		0
0
idsync
tg.socdm.com/aux/ Frame 5D02 		0
0
usermatchredir
ssum-sec.casalemedia.com/ Frame E0A6 		0
0
cm-notify
creativecdn.com/ Frame 0CA0 		0
0
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame EF53 		0
0
sync
ads.servenobid.com/ Frame 305E 		0
0
smart
sync.adotmob.com/cookie/ Frame 305E 		0
0
/
rtb-csync.smartadserver.com/redir/ Frame 305E 		0
0
get_user_agent_id
cookie-matching.mediarithmics.com/v1/ Frame 305E 		0
0
711890.gif
id.rlcdn.com/ Frame 305E 		0
0
collect
www.google-analytics.com/g/ 		0
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 0E13 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DAZmPxg_gdnIc2hJBjQOaldDY-lka8J1L8hZ0dz5_iO94fGBnNmN-9teh-R9G549rOmDw2GHfxaDS-OKoiOYP-OBBIjMYIeBB-Yfr%26google_hm%3D%5BUID%5D&google_gid=CAESEBODZT53TTaMHoCtoWDcxIE&google_cver=1
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3072848216820024000V10%26type%3Drkt%26refUrl%3D%26vid%3D42832249943072848216820024000V10%26ovsid%3D%7Buserid%7D
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=07179716-cb08-4d2a-8765-23c19061b62a&gdpr=0&gdpr_consent=&gdpr_pd=
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=DLedyQr_5WhQjAZx4geI&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPKEJRSWI6KROJPTKV3IKFVECWTYGRTWKSJGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHU2DEOBTGIZDIOJZGQZTANZSHA2DQMRRGY4DEMBQGI2DAMBQKYYTAJTWONUWIPJTGA3TEOBUHAZDCNRYGIYDAMRUGAYDAVRRGA
Domain
rtb.mfadsrvr.com
URL
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3072848216820024000V10
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10522801271404239827&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dadaptmx%26gdpr_consent%3D%26gdpr%3D0
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=smartadserver&uid=7950373988733814251
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Domain
prebid.a-mo.net
URL
https://prebid.a-mo.net/setuid?A=907bed1b-a7d2-4b75-b159-8288ea3f9b92&bidder=sovrn&uid=FYuFELZHu62G6_KdRGGNUIko
Domain
c.deployads.com
URL
https://c.deployads.com/cs/ADMX?b=907bed1b-a7d2-4b75-b159-8288ea3f9b92
Domain
ow.pubmatic.com
URL
https://ow.pubmatic.com/setuid?bidder=amx&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92
Domain
pbs.aniview.com
URL
https://pbs.aniview.com/setuid?bidder=amx&uid=907bed1b-a7d2-4b75-b159-8288ea3f9b92
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match/?party=24&bidswitch_ssp_id=triplelift
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=3642401320836218881340&dcc=t
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=DKfJcvSiuFZ24wkyTxdf&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5IRFWMSTDOZJWS5KGLIZDI53LPFKHQZDG&gdpr=0
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/rubicon/_i4cd9RtzPuVDDbmyg-EmMn5EUdSAgOZEtemQ7w0kco?csrc=
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhLNzlCODAtMTktRDFYSg==
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=1e7b7f15-67bd-407f-a491-9253efff8d18&gdpr=0&gdpr_consent=&expires=30
Domain
px.ads.linkedin.com
URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L8K79B80-19-D1XJ
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFQkUKBz246bbfha-vuknZ4&google_cver=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OTUyNjU3NTU3YTIxOGM4YzkzZmEzNTBjZTc2NGY1ZmUxNDhkYzFmOA
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=312&uid=3288935868696266179
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
Domain
ap.lijit.com
URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEBEYLjx4Buek3-1TrgHazyY&google_cver=1&ssp=adconductor&bsw_param=07179716-cb08-4d2a-8765-23c19061b62a
Domain
p.rfihub.com
URL
https://p.rfihub.com/cm?pub=44007&in=1
Domain
sync.go.sonobi.com
URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Domain
ce.lijit.com
URL
https://ce.lijit.com/merge?pid=279534&3pid=ua-341c5082-1018-3d18-ac64-c1b2cd9121bd&gdpr=0&gdpr_consent=&us_privacy=&location=https%3A%2F%2Fssp.disqus.com%2Fmatch%3Fbidder%3D12%26buyeruid%3D%5BSOVRNID%5D%26r%3DCid1YS0zNDFjNTA4Mi0xMDE4LTNkMTgtYWM2NC1jMWIyY2Q5MTIxYmQqU2h0dHBzOi8vYWRzLnNlcnZlbm9iaWQuY29tL3N5bmM_cGlkPTM0NiZ1aWQ9dWEtMzQxYzUwODItMTAxOC0zZDE4LWFjNjQtYzFiMmNkOTEyMWJkMgIMBjgB
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
Domain
dsum.casalemedia.com
URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=724ad25c-b77c-bc1a-f8b9f5f4
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/ie
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=c2ba6332-f259-4c00-a2ab-7d6feae29c6e
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YzLyVvF_2FR72Eq3gQssUgAAEp4AAAIB
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=9CD9D5E126244C9884D0E9EF5D0D91F0
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&cid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:c2ba6332-f259-4c00-a2ab-7d6feae29c6e&gdpr=0&gdpr_consent=
Domain
gocm.c.appier.net
URL
https://gocm.c.appier.net/pubmatic
Domain
cm.ambientdsp.com
URL
https://cm.ambientdsp.com/cm/send?vc=pmj
Domain
sync-dsp.ad-m.asia
URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Domain
ipac.ctnsnet.com
URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
Domain
dps.jp.cinarra.com
URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004&rndcb=3976548942
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:OD3PA5z41ODa5N5&gdpr=0&gdpr_consent=
Domain
cm.adgrx.com
URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Domain
trc.taboola.com
URL
https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
csync.loopme.me
URL
https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:9CD9D5E126244C9884D0E9EF5D0D91F0
Domain
a.tribalfusion.com
URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Domain
contextual.media.net
URL
https://contextual.media.net/cksync.php?cs=8&vsid=3072848216820024000V10&type=pba&refUrl=&vid=42832249943072848216820024000V10&ovsid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Domain
idsync.rlcdn.com
URL
https://idsync.rlcdn.com/420486.gif?partner_uid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESECTyKGm7_dO01divDNWSkCk&google_cver=1
Domain
um.simpli.fi
URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=1e7b7f15-67bd-407f-a491-9253efff8d18
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
Domain
image2.pubmatic.com
URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=LfzP8H39yfY29szwffvR-i2uzvQ2-ZjzKP-YSmLs
Domain
image4.pubmatic.com
URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-4DTRXOdE2uUfgrj7SYnGZ7rRPr4qjhQ-~A&gdpr=0&gdpr_consent=
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
Domain
c1.adform.net
URL
https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent=
Domain
ad.turn.com
URL
https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
Domain
ads.playground.xyz
URL
https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
Domain
pubmatic-match.dotomi.com
URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7&gdpr=0&gdpr_consent=
Domain
rtb.gumgum.com
URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L8K79B80-19-D1XJ
Domain
secure.adnxs.com
URL
https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_ac6e6742-d925-4353-b50a-66735be7b97d&gdpr=0&gdpr_consent=&us_privacy=1---
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
Domain
pr-bh.ybp.yahoo.com
URL
https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/gumgum/?puid=a_ac6e6742-d925-4353-b50a-66735be7b97d&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
Domain
ad.360yield.com
URL
https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=309&uid=a_ac6e6742-d925-4353-b50a-66735be7b97d
Domain
sync.mathtag.com
URL
https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV9hYzZlNjc0Mi1kOTI1LTQzNTMtYjUwYS02NjczNWJlN2I5N2Q=&gdpr=0&gdpr_consent=
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=1e7b7f15-67bd-407f-a491-9253efff8d18
Domain
cs.emxdgt.com
URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Domain
tg.socdm.com
URL
https://tg.socdm.com/aux/idsync?proto=gumgum
Domain
ssum-sec.casalemedia.com
URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=317&uid=4382920005125531&gdpr=0&gdpr_consent=
Domain
sync.adotmob.com
URL
https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=139&partneruserid=0&redirurl=https%3A%2F%2Fmatch.sharethrough.com%2Fsync%2Fv1%3Fsource_id%3D98KUz37ype9D3X2sf9ovgeTt%26source_user_id%3DSMART_USER_ID&gdpr=0&gdpr_consent=
Domain
cookie-matching.mediarithmics.com
URL
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=smart17&gdpr=0&gdpr_consent=
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe9l0&_p=5360&cid=37347630.1664283222&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664283221&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fqi-cai-yun-nan-zou-jin-meng-jia-la-guo-zhuan-chang-huo-dong-zai-meng-ju-xing.html&dt=%E4%B8%83%E5%BD%A9%E9%9B%B2%E5%8D%97%E8%B5%B0%E9%80%B2%E5%AD%9F%E5%8A%A0%E6%8B%89%E5%9C%8B%E5%B0%88%E5%A0%B4%E6%B4%BB%E5%8B%95%E5%9C%A8%E5%AD%9F%E8%88%89%E8%A1%8C%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=4
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L8K79B80-19-D1XJ

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP object| AMP_CONFIG object| AMP_EXP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS function| setImmediate function| clearImmediate object| ucf object| request string| paramsString object| adRecover number| ampAdSlotIdCounter undefined| $ undefined| jQuery string| currentState object| googletag object| _apPbJs object| hbAnalytics object| adpTags function| jqAlias object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter object| gaGlobal number| ampAdPageCorrelator object| google_reactive_ads_global_state object| listeningFors number| 3pla object| ggeac object| google_tag_data object| google_js_reporting_queue object| _qevents object| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| google_ad_modifications number| google_global_correlator object| google_prev_clients undefined| google_measure_js_timing function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| noPreviewPage object| dataLayer function| gtag object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| google_tag_manager function| onYouTubeIframeAPIReady object| criteo_pubtag object| criteo_pubtag_prebid_117 object| Criteo_prebid_117

106 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQidiK-LcwCgoIgQIQidiK-LcwCgoI4gEQidiK-LcwCgoI5gEQidiK-LcwCgoIhwIQidiK-LcwCgkICRCJ2Ir4tzAKCQg6EInYivi3MAoJCAsQidiK-LcwCgoIjAIQidiK-LcwCgkIXxCJ2Ir4tzA=
.aralego.com/ Name: sspid
Value: 61cc6f44-0523-38a8-8c34-15d436ed4cac
www.bg3.co/ Name: __AP_SESSION__
Value: 40656480-928c-4d94-8660-42beefaa917e
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
.adpushup.com/ Name: ap_uid
Value: 680536d0-3e63-11ed-a1f9-000d3aa3c7d4
.adpushup.com/ Name: ap_usid
Value: 680536d1-3e63-11ed-a1f9-000d3aa3c7d4
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 394eb468-c527-4e02-b345-5ac95f8851ec
.openx.net/ Name: i
Value: 394eb468-c527-4e02-b345-5ac95f8851ec|1664283219
.bg3.co/ Name: __gpi
Value: UID=000009e4cfbfe4a9:T=1664283219:RT=1664283219:S=ALNI_MYQbgk03bQdiWD_VzdZdymIVAU4tQ
.omnitagjs.com/ Name: ayl_visitor
Value: 41a89daeea3e32825a695d2b2109e552
.rubiconproject.com/ Name: khaos
Value: L8K79B80-19-D1XJ
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMIgRZs+Zm1soLUyebV3a1st6Z4OdihMPKaxxEe2PeuwZC5zFwEio2Ja4HEYI5ehIrUHstlW8EOOMtzpQ7vzkXQ/
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw0-TLmQY4AUABSAEQ0-TLmQYYAA..
.adnxs.com/ Name: uuid2
Value: 3288935868696266179
.prebid.a-mo.net/ Name: __amc
Value: 1_1664283219_1664283219
.a-mo.net/ Name: amuid2
Value: 907bed1b-a7d2-4b75-b159-8288ea3f9b92
.prebid.a-mo.net/ Name: sd_amuid2
Value: 907bed1b-a7d2-4b75-b159-8288ea3f9b92
.teads.tv/ Name: tt_viewer
Value: 689c7d87-6fa9-4925-a5ed-d6765b2a072d
www.bg3.co/ Name: qcSxc
Value: 1664283220488
.quantserve.com/ Name: mc
Value: 6332f254-902f4-86a26-6d130
.bg3.co/ Name: __qca
Value: P0-2035160769-1664283220485
.doubleclick.net/ Name: IDE
Value: AHWqTUkxNnbe1KzZhmmazu4fHgI0XEn5d8iHYPlA0muAh-YbZS-nbJFm84no0mAYW1U
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1664283221.1.0.1664283221.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.37347630.1664283222
.adsrvr.org/ Name: TDID
Value: 1e7b7f15-67bd-407f-a491-9253efff8d18
.media.net/ Name: visitor-id
Value: 3072848216820024000V10
.bg3.co/ Name: __gads
Value: ID=9dfa64b2e39a5463:T=1664283219:S=ALNI_MY0PTwPPL8iyKu7-5NB6Ppik4Vb3Q
.casalemedia.com/ Name: CMPS
Value: 4766
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GVMoVla_!]tbPl1M>e)ZlrFUfJ+tGXxoH^`>mUTD'[j_?7E0?MnrWUA^ebQ<9QLZj@?/3If)y3KL9D3I?+.6BRmB
.media.net/ Name: data-ttd
Value: 1e7b7f15-67bd-407f-a491-9253efff8d18~~1
.media.net/ Name: data-g
Value: CAESEDjuQbZ4_rO1CLywAatpjbs~~3
.casalemedia.com/ Name: CMID
Value: YzLyVvF-2FR72Eq3gQssUgAA
.casalemedia.com/ Name: CMPRO
Value: 4766
.w55c.net/ Name: wfivefivec
Value: OD3PA5z41ODa5N5
.mxptint.net/ Name: mxpim
Value: R1D531_F6DDBCC2_E60ED28.1.6332F257
.tremorhub.com/ Name: tvid
Value: 9b3e46a019514384a3fe6e6fd95cd438
.tremorhub.com/ Name: tv_UIDF
Value: CAESEImYzZB5AEWHjSjQfLyX7-Y
.tremorhub.com/ Name: tvssa
Value: 1664283223342
fksnk.com/ Name: AWSALBCORS
Value: zZiRAQS3GrYa373Qh6tNHSKchPVhzjsrCngFp09dGHHmPKdrnLXXLxgVV6BIjOe4r6YM3ghwwuxNm4cYT7FRyoGCF6vJsPlaI+yN0jAh4dZZBnZsWRmXlu2IrEBV
.fksnk.com/ Name: f_001
Value: 8F760479167B0C89
.fksnk.com/ Name: g_001
Value: 1
.ladsp.com/ Name: cr
Value: 1
.simpli.fi/ Name: suid
Value: 9CD9D5E126244C9884D0E9EF5D0D91F0
.w55c.net/ Name: matchgoogle
Value: 5
.inmobi.com/ Name: idsp_c
Value: bd14ae55-4633-43bb-9229-848e0ad97755
.pubmatic.com/ Name: KTPCACOOKIE
Value: YES
.ladsp.com/ Name: smn_uid
Value: XBJTRLsQFX2UCzBN5CGyQQ7FriOx4SE
.uuidksinc.net/ Name: jcsuuid
Value: hDWjfEp6Q5lgQwjBtEN4
.smaato.net/ Name: SCM
Value: 279a924
.smaato.net/ Name: SCMg
Value: 279a924
.spotxchange.com/ Name: audience
Value: 6b1bb4b1-3e63-11ed-8742-1547970c0407
.pubmatic.com/ Name: KADUSERCOOKIE
Value: FE93BD64-05B7-4AB8-9BE0-EC0AE5DFBAE7
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-44388dec-e7fa-45b4-5f0e-ad2bf5b10bf1.Dr8y0%2BrCXC3tyO4XfUAvZ4u2z5CFoulERRp2HAP1zAs
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ARDiN7Of6RbRfDq0r9bEL8a310Qg.aPBHWS%2B4n%2FIerb5HJ1Kz9WV6oVtmsYFUDTSvFIy34kc
.sharethrough.com/ Name: stx_user_id
Value: 2167f9a2-cc9f-45ca-8c04-42aebb203a36
.socdm.com/ Name: SOC
Value: YzLyWMCo8YAAAI9nd3AAAAAA
.bidswitch.net/ Name: tuuid
Value: 07179716-cb08-4d2a-8765-23c19061b62a
.bidswitch.net/ Name: c
Value: 1664283224
.bidswitch.net/ Name: tuuid_lu
Value: 1664283224
.adkernel.com/ Name: ADK_EX_11
Value: 1
.adkernel.com/ Name: ADKUID
Value: A5993991167863545809
.r-ad.ne.jp/ Name: r_ad_token
Value: 50gCri00jBDGa007YvPO
.ad-m.asia/ Name: uid
Value: Hprq2C22gO
.turn.com/ Name: uid
Value: 4107310575917729857
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%221e7b7f15-67bd-407f-a491-9253efff8d18%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-08-27T12%3A53%3A44%22%7D
.bidswitch.net/ Name: google_push
Value: AZmPxg8yQ-UCbuC8hANK8UqtGVpQsWjjuaznFQajePWVb0CIRl0PnS8TyPQG0i3XUhxfwTESkKTXxgihWC8EjRy6YoHY4eLw3kVZ3FBXhuJ5PXrD6_drwmhMDyzaPWMc37IBrls_7-8cokjsNOzfPuffCgM
.openx.net/ Name: pd
Value: v2|1664283224|jElYiuvOiahI
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004%22%7D
.3lift.com/ Name: tluid
Value: 3642401320836218881340
.openx.net/ Name: univ_id
Value: 537072971|1e7b7f15-67bd-407f-a491-9253efff8d18|1664283224938497
.ladsp.com/ Name: lum
Value: CMzWivi3MBIFCAEQqAESBQgDEKgE
.socdm.com/ Name: SOSYNC
Value: anNvbjp7ImdkbiI6MTY2NDI4MzIyNX0
.w55c.net/ Name: matchmedianet
Value: 5
.e-volution.ai/ Name: ADK_EX_193
Value: 1
.e-volution.ai/ Name: ADKUID
Value: A5993991167863545809
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.prebid-server.rubiconproject.com/ Name: uids
Value: eyJ1aWRzIjp7fSwidGVtcFVJRHMiOnsiYW14Ijp7InVpZCI6IjkwN2JlZDFiLWE3ZDItNGI3NS1iMTU5LTgyODhlYTNmOWI5MiIsImV4cGlyZXMiOiIyMDIyLTEwLTExVDEyOjUzOjQ1LjMzNDc5NTAwNloifSwicnViaWNvbiI6eyJ1aWQiOiJMOEs3OUI4MC0xOS1EMVhKIiwiZXhwaXJlcyI6IjIwMjItMTAtMTFUMTI6NTM6NDUuMzMzNzc3NzE0WiJ9fSwiYmRheSI6IjIwMjItMDktMjdUMTI6NTM6NDUuMzMzNzc2NTMxWiJ9
.media.net/ Name: data-xu
Value: OD3PA5z41ODa5N5~~8
.a-mx.com/ Name: amuid2
Value: 907bed1b-a7d2-4b75-b159-8288ea3f9b92
.media.net/ Name: data-o
Value: 22cee2ae-c7a0-4b15-8adc-ec4f8940f0cd~~8
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-762d6ba4-ed96-4e9d-8b06-ff83a4cc33dc-004%22%7D
.media.net/ Name: data-a
Value: 3288935868696266179~~8
.bg3.co/ Name: cto_bundle
Value: 8h0IzF9nQlVmSEg0YVJIT1pVSG5pRTRmT2xqTGNCanklMkZZMGR5dlB3JTJGcU45cjFFcGIlMkJNTjR6SFZzaEFVamdDVVBRUVFEc1lOYlhaeUc2dTQwJTJCYXNYY0oycldBeWZuUkVzZ1JSZ1lHdXh3Rnhad25vJTNE
.bg3.co/ Name: cto_bidid
Value: pe-BoF9aelAxM0kyUTh3QW5zVzhBeUl4enRNQU1vWDQ0QjBqenFSdzdqa2pLSkNWak5ueml6bzQlMkZ2d1c2MXM4UGNCY0k1SVJBJTJCRVJjWUUlMkJxU1RPMyUyRnA3UTN3JTNEJTNE
.casalemedia.com/ Name: CMTS
Value: 4686
.id5-sync.com/ Name: id5
Value: f6aa78dd-25b8-4572-9043-1ef3e65689bc#1664283225056#2
.id5-sync.com/ Name: 3pi
Value:
.id5-sync.com/ Name: callback
Value:
.bing.com/ Name: MUID
Value: 0D219150A73463363795837CA60662D5
.c.bing.com/ Name: MR
Value: 0
.linkedin.com/ Name: li_sugr
Value: 25dbbce6-9004-4dd4-a0c6-3d0cdf7245ec
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&1b280b0a-24ae-4688-8b40-09fa37b3d1ef"
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2923:u=1:x=1:i=1664283225:t=1664369625:v=2:sig=AQFZg8EQI6na7nU_84wxJvZZmDvVXxhA"
.adsrvr.org/ Name: TDCPM
Value: CAESFgoHcnViaWNvbhILCNLb-o-rpJA7EAUYASACKAIyCwi6uby4waSQOxAFOAFaC2FkY29uZHVjdG9yYAI.
.pubmatic.com/ Name: SyncRTB3
Value: 1665446400%3A220
.pubmatic.com/ Name: ipc
Value: 158355^https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D158355%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D907bed1b-a7d2-4b75-b159-8288ea3f9b92%2526bidder%253Dpubmatic%2526uid%253D%2523PMUID^2^0
.pubmatic.com/ Name: pi
Value: 158355:3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.yahoo.com/ Name: A3
Value: d=AQABBFnyMmMCEO4nFA8zvqLofhbvsyAsLcwFEgEBAQFDNGM8YwAAAAAA_eMAAA&S=AQAAAjI78RLRsIIRZ9aBK_vhHHM

8 Console Messages

Source Level URL
Text
network error URL: https://cdn.adpushup.com/42753/L2EvcWktY2FpLXl1bi1uYW4tem91LWppbi1tZW5nLWppYS1sYS1ndW8temh1YW4tY2hhbmctaHVvLWRvbmctemFpLW1lbmctanUteGluZy5odG1s.json
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html(Line 11)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://s0.2mdn.net/sadbundle/13908002842451597805/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://s0.2mdn.net/sadbundle/8748151230531897985/null
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://ssp.disqus.com/partner=adaptmx?gdpr=0&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D907bed1b-a7d2-4b75-b159-8288ea3f9b92%26bidder%3Dzeta%26uid%3D%24UID
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 503 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1d255f6268bf182442137538c1a2bb0f.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.as.criteo.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
aep.mxptint.net
ap.lijit.com
aplogger.adpushup.com
assets.a-mo.net
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.deployads.com
c1.adform.net
cat.sg1.as.criteo.com
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
cookie-matching.mediarithmics.com
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csm.as.criteo.net
csync.loopme.me
d-3871203774624694055.ampproject.net
dc83f4b377ba413f49d36b3f2fba2aa3.safeframe.googlesyndication.com
delivery.adrecover.com
dis.criteo.com
dps.jp.cinarra.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e3.adpushup.com
e358711ac5a5c9490b23b74f97e21ac0.safeframe.googlesyndication.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
g2.gumgum.com
gdn.socdm.com
gocm.c.appier.net
google.partners.tremorhub.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
grid.bidswitch.net
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.a-mx.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
im.bluevoox.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
mweb.ck.inmobi.com
onetag-sys.com
ow.pubmatic.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
partners.tremorhub.com
pbs.aniview.com
pix.as.criteo.net
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
pxl.qccerttest.com
qsearch-a.akamaihd.net
r.turn.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.jp2.as.criteo.com
rtb.mfadsrvr.com
rtb2-useast.e-volution.ai
rules.quantcount.com
s.ad.smaato.net
s.amazon-adsystem.com
s.uuidksinc.net
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.adotmob.com
sync.aralego.com
sync.go.sonobi.com
sync.inmobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.mathtag.com
tg.socdm.com
tlx.3lift.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
v9999.adv.admeme.net
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
x.yieldlift.com
y.one.impact-ad.jp
a.tribalfusion.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ap.lijit.com
b1sync.zemanta.com
bh.contextweb.com
c.deployads.com
c1.adform.net
ce.lijit.com
cm.adgrx.com
cm.ambientdsp.com
cm.g.doubleclick.net
contextual.media.net
cookie-matching.mediarithmics.com
core.iprom.net
creativecdn.com
cs.emxdgt.com
csync.loopme.me
dps.jp.cinarra.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
gocm.c.appier.net
ib.adnxs.com
id.rlcdn.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
ipac.ctnsnet.com
match.deepintent.com
match.prod.bidr.io
ow.pubmatic.com
p.rfihub.com
pbs.aniview.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
pubmatic-match.dotomi.com
px.ads.linkedin.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.mfadsrvr.com
s.amazon-adsystem.com
secure-assets.rubiconproject.com
secure.adnxs.com
simage2.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
sync-dsp.ad-m.asia
sync.1rx.io
sync.adotmob.com
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.technoratimedia.com
tg.socdm.com
trc.taboola.com
um.simpli.fi
us-u.openx.net
usersync.gumgum.com
www.google-analytics.com
x.bidswitch.net
x.yieldlift.com
103.229.10.171
103.229.206.241
103.231.98.196
103.254.153.160
103.71.26.126
104.16.85.20
104.17.24.14
104.18.101.194
104.18.12.76
104.18.18.126
104.18.19.126
104.19.159.19
104.211.156.162
104.254.148.252
104.26.4.103
104.45.178.220
104.71.48.26
104.71.49.155
124.146.215.44
13.107.42.14
13.115.72.183
13.213.209.254
13.227.254.100
13.227.254.119
13.227.254.36
13.227.254.67
13.227.254.99
13.229.2.67
13.76.45.37
142.250.4.106
142.251.10.132
142.251.10.156
142.251.12.132
142.251.12.138
142.251.12.149
142.251.12.154
142.251.12.155
145.40.89.200
151.101.2.49
151.101.65.108
162.19.138.83
172.217.194.156
172.67.154.71
172.67.72.16
174.137.133.49
18.177.11.95
182.161.73.129
182.161.73.132
182.161.73.135
182.161.73.136
182.161.73.142
182.161.73.145
182.161.73.146
182.161.73.148
182.161.74.19
184.51.240.25
20.127.253.7
202.131.200.84
202.241.208.4
204.79.197.200
209.58.188.181
23.106.127.53
23.41.65.80
23.74.242.157
23.75.85.227
23.78.217.19
23.78.217.74
3.33.220.150
31.220.27.134
34.107.148.139
34.193.201.64
34.98.64.218
35.213.109.249
35.213.117.18
35.213.12.39
35.230.38.116
35.244.159.8
35.71.178.8
37.157.6.247
38.67.14.224
42.99.128.160
42.99.140.200
42.99.140.216
44.205.31.153
50.116.239.135
51.79.234.100
52.192.218.173
52.193.233.134
52.203.140.205
52.210.128.24
52.221.119.8
52.35.127.185
52.45.175.185
52.74.162.2
52.77.174.116
52.84.45.81
54.147.206.141
54.156.87.203
69.16.175.10
69.173.158.65
74.118.186.44
74.125.130.156
74.125.130.157
74.125.24.155
74.125.24.157
74.125.24.94
74.125.24.97
84.17.37.44
00cc9f6c863cfc75693f62b0e2fc0762ae0faaf8db35a9b62e996be3e248afb7
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
068fc24eba7d06f7991b4b97da0a20abcb585b8a9e3947b1ef55de06566b93b3
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a04b8e087b62bdabe0608de1be4f8f41520f39da75b3fc137e8b12eb270dc2
09af6caefeb671f4527e8bf54659bb482eea031fe6899bafc12f149bb14155d0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
122285db9f84c3c42757d585b75701d549325f150e0d65701389a6a6bfa3a25a
1245ab3505f1844a568ca582a3df3484fdfe7a95a16595f59dae20adb44d3733
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
139a15a804633e7af452494ba33f3cdd1828dbe7f9ef93baea072e9c6289604b
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
1500be6905b1eefbeed0ccda832b3333e9faa768933fd3ea9fa80cc76eaddc2b
16ec7c5222ffca737c24af4e2498cb3e774b5af6592f103cef3ceb94e7a00494
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c479d0abecadc8d5fde30eeb515508b6148fa3d92dd617b427788d6c792b0a8
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
2536acef89667d5c2ac900a0c0e2b0e4e7746075c2dd01ce9656c3f82b8242b4
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
286efe3235d951358f9e0c5e6683ca287a374a1842eb6d367cfa56ad0df7280b
286f41534d5e452c0803884b8951f9e7cbd79568b1eddea4559d6a3bde2b4763
28bf646c6e799ca96adb3a5b48fe882639d31e27102cad9ed2979555da55944a
28dc46ca7136b4d6089128b4a537e94624c990ee5162d869cbd53b4b81faaea5
2a6384683981270666be2d013760606db6f5c4df5fbec25b059b00339bdb23fd
2aaded58dac73e34620e86b5cfdd6e7e20bb38e2ebe5af7d777bc82822bfdb5c
2d09e39a96c3c742b5f7f2f54e40699adf108069ad58b436d07865ee0bcd741d
2e8c386b84ca9d69e512c2fdf44c6900d6a734d543c28eb6293e9fb250e30275
3086826524750d38ec8807f9d8ceceb737731239a0de2e737c885834e89078f6
31d439d16ef01195f644f8022157d60b7744af92a784fc3f40cada6759c994ec
31fb8dc7edd44f99d97af5a0e6998dbc2787ff3e9cf88d6278f818647752ab50
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
3288212b66509bcca02524204f3d2c8cc0b6a6a83cf3a7ff0a2e28e773d9c5dd
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
34686cba28b7d374710a0b8204ae2cbce77ced594bcac71bef4f5260a8d99745
357264af68c8e1d6843f737a9feebe450cb1c9646ef2bd67662b90ae5bf7523c
3630e7451559f7a49df882cdedd63e32952b842036d7ccb54065ab422daaecce
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
37517e5f3dc66819f61f5a7bb8ace1921282415f10551d2defa5c3eb0985b570
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
3884e93f5f502cbcb8450d070a78f9225029390b9fb3d0b7c0f675f69bf0b195
399193e51094974aab4f7cecd1e10475551d02d66f052aa203b2d90dbeebd261
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e355ea14962cbde5493194f7eec3576b7bff533f2c66c2e738d600aa1d47b11
3f85743f84f614812dd884868d5a18b17f5b25b54abebc33065f4b9834b5a81b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4023a78b9351ed5d77b40518ea19b956e22f12456a081a57381e348765697db3
421ee0579432a67a0dfa8b86098fff22e71a841d241323667303e53b98975b88
422527cac3a98c4bdc6dbfed84102e0456b62a1a89fb0fdd04c409a4615cae2a
467243afc5f6a7dea7c8de041fa54c14aef5850109905204f851631b247d3aa8
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
47395347833919b1b83bb90b7487da0d9213502fb8f18af28230b9c4a199affa
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a7d4e90449311d990c5d7ad6669211dd384f7d1884494702413e07efd494d8
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c755724be5055fb0472428b4fed64b3fdfe05d8af86bc81f5dcfaa5c378df5d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50f7a56a78e29dc94dfdd9287c30c9bc5a3db5cb51d7639293972c2c930da5cf
51d3be39742a8efd4897da5afeaac73ce0be3f4c719b23f8650a9a16915e6226
530fe2ab535433c7efb846372589616e2f71735a452165f2d0b9f63987d4cdd0
5504c31d84fb15d87bb4e68ff4abfdcfe646702041f42b44d08ffa254f1b2062
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5620eb9ec18a2f7a0d61a1cf930dfe9619d3b62f72b1abd4b9fe543f6405601b
564abcd1aaa1e99681f765597209e1ee0d6c73fd31bbea71cf26ab4825d8058e
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5925112dc522327660fd2acb9e6535bed62be7232d4fc14cbb1b64e6d656e74b
5bb82450e26c429df757bb93fc52581c6ae4a98b381fa364d150946289ac2218
5cc3f8a90249f354cb54d5d1e256b2d9c65f57e42f7b89a1d23b172e16fdd24f
5eba698295cca526df630447071d891316984955afe93d393fc31ab862071218
5f9ee71aeca80f0fe720f7f94fd7aff21a755a01c4f5da9d37c27dfe0a9017d9
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
668ff9f11fa6f278b264f559017fc21d46165b19098f3e23b48ddc22ae326b1b
68ac1f4395952c35baaffb4d95234b15fb64d6157b61895a2483108ca092bb62
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c2ffbe972d83f233c2a5d4bc95de654d36e31fa50e6888f4d0faff628bbf3c5
6cfb3e64ce6fd03c4d10ebae71f79da0c2c45fc2105c93ea0d106d91d4b7cc3a
6d2b466469b575bdfc367ac4129a792adc3ecf5f4f7575245be1a4fab09bdc66
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
728dbf19c0637e3ea1b251d78c29dcc86051044bd9fd7600bcacac8d1457e857
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
7537e99ef204fec8326566ca4ac1cb202864f308e9b87ede899b20b52d8c31fb
7545cbfdbed4ca83770c6eb997a068f2d7c676f39584a67c8701fa2c94e496be
7599e0a5ce1ba2a12f036e998e19e60b6e982178e4363d4630ab3a91ca73bf62
7655785fb0196f757e239eba870010bfb94ea3733862544d8ade08e5ff14e071
77ed16f62631c03cbb86215503c50d38db3c6e00866dd6f3c8e301847fd06d3d
77fb302b27dd77f8dea2f6bcd221c0fb7689a5e8bc138f03c2ecbd01d9f79b9a
78c5086395f0bcd568ef8b38bc409da95090ba20b2d338a96cfae1feef7036b6
79ff73bf3d0e0b9d742b3ff723121cbb30d64dca35e9330ad3407200d0ab8bb0
7ab3006709be0699a0f8b25db7eb5b0b48bd6d7b14b80abc67eeb2064bfc6353
7d45ce77d7421d68ba9fd24a93349c3bd7013a452c53d3c279540b9fe5e738f9
7eaeb13dff9b342957d9fce0f6724ee30cc2b41b7fb1469f5ec51b8fb1f9ebb3
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
7f3bccceefed6eed14948323678ba36af23cb1baa27e95258bff7c9b84ff9de9
80b234fecd8f5fd67db7b9aee504cbee6893d71598a9fc2fb4385f2d3a0c8c54
81e695a8f6a78b0d287200c58c3b2502e22cd886cb74ea19c56d2922dcfcf275
829c68e59d49588a0847e4a4bdcae1b1e234db4d81a40a7345c34d6392a1f5b1
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
88b9dba27157f5c56ac539bad88dac0b11f98bcff4e40bc0c6b24dc5a59ade35
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e25dde8106762351943bd5779a5ead144989cd5f59851a79b3b2dc19b73fafc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a6c995c3f36c0cf7d1fb8c328ad8ba97f12e8fb607f6ba6225cb30d48be5c2d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cb93fc023cca355260310e41056be397ecad26f94a578c5b147762b40fc6d3b
9fe91c9a5c9470d7a0d19416fbf8356eaaaebc1ad8872fc7a7cd257123a94cb6
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a26695adab8d7538059dd2a25948c481f5a8fffefee171985a305f9fea9dd628
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a45df1dbc260a7778756594a4367e4bbfa8bac5112dfe42ab559cf98ed6d5846
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6faa7a4ade52284a01efed1ddd4d50f5faf33b61837b43ed9b34d5c5a4a7a39
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
a990c1548dfa09adfa38710df97525b6952b8146dd58b0f2793eb339fa29a901
aa446b1f105b20f07c49f55c8ea00ef9bc42d7f0c5f747319823f00a480ff7f6
abbf89f6976857105dad6d6d56fe1a6b5a956758ce3565ff5f4fbdd6b62ca2ad
ad3b6044c44297d3a854168c0e1b239b8f33a8378aa7a6b587bca24570507b94
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b052a4648ee4c67a6905f834f6eacdc59eaefff57eb066f4f1c1e82e79a6bdcb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1527e4267cd4018efd146f434a583c801fa948d20b34f729f6da42f7ef10e2c
b2aea5ba0178061f83601430402d012a88a5db02d0bc4a0155f9a1a069a93a6b
b2d6f1f43b99443ba2c094451f961606510727eaf534f406c58e0449069b446f
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b40ed885c6eabc68309c7e3377008ec3aaba2add66e43fcf6fc2851cdc6a2f98
b44f35db0665a120f83b4ecc76a01ce7795eee33599094b61708196892aef4f9
b4b5656844966a3122372317ccccd0c50d77e02788029de460b25458d0067d4f
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b6236bb32b44bfb3f2450b7d57529cb20f0fc94195a8fb5906909a606f70cbb6
b824581f5051ea1da1a633474bd121f0fec264f27613ae459d098fda36dbf58f
b8495f96bf23b93cee2ad9dd1ebe81e84cac8fc9e8d247546ae2b5d64e6d0b40
b8da26c4e6b3457b3d4e61aaefd5ac48ea9924591e26f0987173689fb129715c
b9ee8da3c92ebe0984c6511146aaba266323f749fb3130d5473e14b745a22be0
bade9bd0d6a612ab26034b5da9aed184a9a7480854d9bd1ea82c482fbbdde48d
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc12347103da4da2ac30f8b4defd567679284e0bad691a54fad78ad804fc9c27
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c5cdb4a26e914e1ff159f52f5d3520b40394d7b3d3ec7b70b2f7bf311502dc3c
c6865c7c17735f12fd9c9fd7dee44970c1603c4d85ea86102de3414a7126e212
c6e27b6ca121715c65b37282e3c2177b8539a7632afb9d49e23e1945d209453c
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
cbd23ecf8a019a238192118da2cd5ae43d9aa1de9e1d84e3b719eda793ddbf5a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa8f47125a56d077a4099df80368e006faf9384a1c7d610838b6b32e8448c1a
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d61a19b40876ff27c3d5af7857b9cf0ff937d0d978512ed80b14bcf32900a014
d6f7f1af393c534a521f2061445f89219cba91e55120ad9fed345c5cbdfb5eda
d8fb86d7f4bef880354d6c02af11fd7e6b7ceb261aad0d73ae7d429668b25148
d9ac1637bfdb59b90e677a399bd946dac9c7f83a5bc16a9e69b0bcd17206b3ee
db302d6b42a95ecd629a0bd1b191fd371c02f5ab858832b219d6663e7dd08fd3
dc3519f8490f4b660e2826e118562ea1a134570ce757b1a305f628d55ea36388
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0e06bf9474271817dc8e27f36b65bcc1e96f8115b1e641311f7a262a541c94b
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e18a925e8c359e3f9fa508c0e91c908e01c6214a3a4eb4982e42e3bbeeb9e726
e3481e3ad9c4d4fe99f4547a9683a78f753d2d4115d1d141fd739fb1b32e8220
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc473e00b4a1f654cddc41536d01737633b9416e6e9165f9c70e3c75539c9c
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4ea762031bf16e0a19c6c0d2f9e8661f6c9178d2fae3551a71bb8158243c30d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e8c3c3270c2619447417283abfc80eb697a9ceb8680f90132a6131c52c59af18
e96ad1f3048de3076f4d19860c329506d3cd75b856ea435b3fd605c84bca18bb
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edce1a300144b585f0f38f8445a774023a91705519e27f0f2bc9a8b9701ef99c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0b6467ff1ee5df11996fd85932f0e8f952e4b8f5e9cf50c9a6478ee9dbdc153
f0bb2a4f2be3d99e10af375f305a126120028c4784fbdfd85653876e27c07b19
f1abf57c49607ef8b1dd4d790f06e1fd18567ba485d2ca0403714279fc50b4aa
f6bf149795ded856f14f9f46f675fe247b090f6290938327d46fd565a66b5a63
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f9a8764f7e7de7faa769c6420e94c8db843dc8a593c0c6261413720c113a6389
fa6a88f263785173fe79401c4a49c6e137916359fa7e3dd8e747ef9a45dff385
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e