urlscan.io logo urlscan.io
SecurityTrails logo

www.bg3.co Open in urlscan Pro
84.17.37.44  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Submission: On August 23 via manual from US — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 83 IPs in 10 countries across 98 domains to perform 509 HTTP transactions. The main IP is 84.17.37.44, located in Central, Hong Kong and belongs to CDN77 ^_^, GB. The main domain is www.bg3.co. The Cisco Umbrella rank of the primary domain is 590013.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 20th 2022. Valid for: a year.
This is the only time www.bg3.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 84.17.37.44 60068 (CDN77 ^_^)
16 74.125.24.132 15169 (GOOGLE)
1 3 103.254.153.160 59253 (LEASEWEB-...)
4 104.26.5.103 13335 (CLOUDFLAR...)
2 23.44.5.232 20940 (AKAMAI-ASN1)
5 23.44.4.232 20940 (AKAMAI-ASN1)
20 172.67.72.16 13335 (CLOUDFLAR...)
53 74.125.68.157 15169 (GOOGLE)
2 69.16.175.10 20446 (STACKPATH...)
3 209.58.188.181 133752 (LEASEWEB-...)
13 142.251.10.155 15169 (GOOGLE)
2 27 74.125.24.156 15169 (GOOGLE)
1 142.250.4.94 15169 (GOOGLE)
2 142.251.12.97 15169 (GOOGLE)
3 74.125.24.138 15169 (GOOGLE)
6 13.76.45.37 8075 (MICROSOFT...)
2 142.251.12.154 15169 (GOOGLE)
2 52.84.251.114 16509 (AMAZON-02)
3 182.161.73.136 55569 (CRITEO-AS...)
1 104.16.88.20 13335 (CLOUDFLAR...)
10 52.48.53.23 16509 (AMAZON-02)
2 12 104.18.19.126 13335 (CLOUDFLAR...)
3 52.193.82.11 16509 (AMAZON-02)
1 69.173.158.65 26667 (RUBICONPR...)
2 5 145.40.88.5 54825 (PACKET)
2 11 139.99.49.250 16276 (OVH)
2 13 35.244.159.8 15169 (GOOGLE)
5 9 104.254.148.252 29990 (ASN-APPNEX)
1 182.161.73.145 55569 (CRITEO-AS...)
1 148.251.121.152 24940 (HETZNER-AS)
1 18.140.14.88 16509 (AMAZON-02)
1 34.107.148.139 15169 (GOOGLE)
1 23.195.153.54 16625 (AKAMAI-AS)
1 3 103.229.10.171 16509 (AMAZON-02)
1 13.227.254.2 16509 (AMAZON-02)
2 104.211.156.162 8075 (MICROSOFT...)
34 142.250.4.132 15169 (GOOGLE)
9 23.36.252.26 16625 (AKAMAI-AS)
1 42.99.128.160 4637 (ASN-TELST...)
14 23.195.152.23 16625 (AKAMAI-AS)
10 142.251.12.106 15169 (GOOGLE)
2 182.161.73.129 55569 (CRITEO-AS...)
4 4 54.169.94.38 16509 (AMAZON-02)
17 56 142.251.12.157 15169 (GOOGLE)
13 14 52.223.40.198 16509 (AMAZON-02)
1 1 35.186.253.211 15169 (GOOGLE)
11 11 74.118.186.45 26120 (RHYTHMONE)
1 1 13.113.225.250 16509 (AMAZON-02)
1 172.217.194.95 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
1 2 23.53.160.138 16625 (AKAMAI-AS)
6 6 103.229.206.240 30419 (MEDIAMATH...)
3 3 13.107.42.14 8068 (MICROSOFT...)
5 5 13.227.254.129 16509 (AMAZON-02)
1 1 52.2.211.96 14618 (AMAZON-AES)
4 5 35.213.12.39 15169 (GOOGLE)
1 1 18.178.238.48 16509 (AMAZON-02)
21 74.125.24.149 15169 (GOOGLE)
3 74.125.24.94 15169 (GOOGLE)
3 4 50.116.239.135 6336 (TURN-US-ASN)
1 3 104.18.35.11 13335 (CLOUDFLAR...)
4 4 151.101.2.49 54113 (FASTLY)
1 1 18.176.234.133 16509 (AMAZON-02)
1 1 3.228.99.19 14618 (AMAZON-AES)
2 2 35.186.193.173 15169 (GOOGLE)
2 2 162.19.80.91 16276 (OVH)
2 103.229.205.242 30419 (MEDIAMATH...)
1 18.161.111.41 16509 (AMAZON-02)
1 151.101.1.108 54113 (FASTLY)
3 8 52.223.2.229 16509 (AMAZON-02)
1 23.72.44.239 16625 (AKAMAI-AS)
7 23.75.85.227 16625 (AKAMAI-AS)
5 11 69.173.158.64 26667 (RUBICONPR...)
6 7 52.74.13.196 16509 (AMAZON-02)
1 37.157.3.29 198622 (ADFORM)
1 1 124.146.215.50 2514 (INFOSPHER...)
1 1 13.224.250.50 16509 (AMAZON-02)
3 3 23.41.65.80 16625 (AKAMAI-AS)
1 1 198.8.71.128 54312 (ROCKETFUEL)
4 23.72.44.196 16625 (AKAMAI-AS)
2 2 182.161.73.146 55569 (CRITEO-AS...)
2 2 18.159.205.245 16509 (AMAZON-02)
2 52.203.75.132 14618 (AMAZON-AES)
1 69.173.144.138 ()
2 23.106.127.39 59253 (LEASEWEB-...)
3 3 35.190.60.146 15169 (GOOGLE)
2 5 52.46.155.104 ()
1 67.199.150.82 62713 (AS-PUBMATIC)
1 2 104.18.101.194 13335 (CLOUDFLAR...)
1 204.79.197.200 8068 (MICROSOFT...)
2 5 54.179.19.43 16509 (AMAZON-02)
3 104.18.18.126 13335 (CLOUDFLAR...)
1 67.199.150.81 62713 (AS-PUBMATIC)
1 35.79.50.48 ()
2 2 209.191.163.209 ()
1 209.191.163.208 ()
1 1 34.236.59.179 ()
1 104.18.13.76 13335 (CLOUDFLAR...)
1 2 185.84.60.20 ()
12 103.231.98.194 ()
1 202.131.200.84 ()
1 3.113.231.86 ()
2 2 104.19.173.108 ()
1 2 151.101.1.44 ()
2 67.199.150.85 ()
1 35.74.137.60 ()
1 1 104.254.150.228 ()
2 2 3.1.14.27 ()
509 83
1    84.17.37.44 (Central, Hong Kong)

ASN60068 (CDN77 ^_^, GB)
PTR: unn-84-17-37-44.cdn77.com
www.bg3.co
16    74.125.24.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f132.1e100.net
cdn.ampproject.org
aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com
419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
3    103.254.153.160 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ads.aralego.com
4    104.26.5.103 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
2    23.44.5.232 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-5-232.deploy.static.akamaitechnologies.com
delivery.adrecover.com
5    23.44.4.232 (Singapore, Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-4-232.deploy.static.akamaitechnologies.com
cdn.adpushup.com
20    172.67.72.16 (United States)

ASN13335 (CLOUDFLARENET, US)
static.bg3.co
53    74.125.68.157 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f157.1e100.net
pagead2.googlesyndication.com
2    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
code.jquery.com
3    209.58.188.181 (Central, Hong Kong)

ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK)
sync.aralego.com
13    142.251.10.155 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f155.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
27    74.125.24.156 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f156.1e100.net
adservice.google.com
googleads.g.doubleclick.net
adservice.google.com.au
www.googletagservices.com
1    142.250.4.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f94.1e100.net
d-40317529472723931178.ampproject.net
2    142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net
www.googletagmanager.com
3    74.125.24.138 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f138.1e100.net
www.google-analytics.com
6    13.76.45.37 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
e3.adpushup.com
2    142.251.12.154 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f154.1e100.net
adservice.google.com.au
2    52.84.251.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-251-114.sin5.r.cloudfront.net
adx.holmesmind.com
3    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    104.16.88.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
10    52.48.53.23 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
ads.servenobid.com
12    104.18.19.126 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
dsum-sec.casalemedia.com
3    52.193.82.11 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    69.173.158.65 (Ashburn, United States)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    145.40.88.5 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
11    139.99.49.250 (Singapore, Singapore)

ASN16276 (OVH, FR)
PTR: ip250.ip-139-99-49.net
onetag-sys.com
13    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
adpushup-d.openx.net
us-u.openx.net
u.openx.net
jp-u.openx.net
9    104.254.148.252 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
1    182.161.73.145 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
bidder.criteo.com
1    148.251.121.152 (Braunlage, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: egon
rtb.adxpremium.services
1    18.140.14.88 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-140-14-88.ap-southeast-1.compute.amazonaws.com
tlx.3lift.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    23.195.153.54 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-153-54.deploy.static.akamaitechnologies.com
a.teads.tv
3    103.229.10.171 (Singapore)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    13.227.254.2 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-2.sin52.r.cloudfront.net
rules.quantcount.com
2    104.211.156.162 (Mumbai, India)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
aplogger.adpushup.com
34    142.250.4.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f132.1e100.net
tpc.googlesyndication.com
9    23.36.252.26 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-252-26.deploy.static.akamaitechnologies.com
hblg.media.net
warp.media.net
lg3.media.net
cs.media.net
1    42.99.128.160 (Japan)

ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK)
PTR: ip-42-99-128-160.pacnet.net
qsearch-a.akamaihd.net
14    23.195.152.23 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-195-152-23.deploy.static.akamaitechnologies.com
contextual.media.net
10    142.251.12.106 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f106.1e100.net
www.google.com
2    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
4    54.169.94.38 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-94-38.ap-southeast-1.compute.amazonaws.com
pm.w55c.net
56    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
cm.g.doubleclick.net
googleads4.g.doubleclick.net
14    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
11    74.118.186.45 (Serangoon, Singapore)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
1    13.113.225.250 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-113-225-250.ap-northeast-1.compute.amazonaws.com
cc.adingo.jp
1    172.217.194.95 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f95.1e100.net
fonts.googleapis.com
1    74.125.68.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sc-in-f94.1e100.net
www.gstatic.com
2    23.53.160.138 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-53-160-138.deploy.static.akamaitechnologies.com
sync.teads.tv
6    103.229.206.240 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
3    13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
5    13.227.254.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-254-129.sin52.r.cloudfront.net
cr-p1.ladsp.com
cr-pall.ladsp.com
1    52.2.211.96 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-211-96.compute-1.amazonaws.com
fksnk.com
5    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
1    18.178.238.48 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-238-48.ap-northeast-1.compute.amazonaws.com
ds.uncn.jp
21    74.125.24.149 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f149.1e100.net
s0.2mdn.net
3    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
fonts.gstatic.com
4    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
r.turn.com
3    104.18.35.11 (None, )

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
4    151.101.2.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    18.176.234.133 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-176-234-133.ap-northeast-1.compute.amazonaws.com
cs.r-ad.ne.jp
1    3.228.99.19 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-99-19.compute-1.amazonaws.com
sync.srv.stackadapt.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    162.19.80.91 (France)

ASN16276 (OVH, FR)
PTR: ns3011793.ip-162-19-80.eu
c.eu1.dyntrk.com
2    103.229.205.242 (Singapore)

ASN30419 (MEDIAMATH-INC, US)
tags.mathtag.com
1    18.161.111.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-161-111-41.mrs52.r.cloudfront.net
public.servenobid.com
1    151.101.1.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
8    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    23.72.44.239 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-239.deploy.static.akamaitechnologies.com
js-sec.indexww.com
7    23.75.85.227 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-85-227.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
11    69.173.158.64 (Singapore, Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
token.rubiconproject.com
7    52.74.13.196 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    124.146.215.50 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
1    13.224.250.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-250-50.sin52.r.cloudfront.net
cr-p3.ladsp.jp
3    23.41.65.80 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a23-41-65-80.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
1    198.8.71.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
4    23.72.44.196 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-72-44-196.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    18.159.205.245 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-205-245.eu-central-1.compute.amazonaws.com
rtb.mfadsrvr.com
2    52.203.75.132 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-75-132.compute-1.amazonaws.com
cs.emxdgt.com
1    69.173.144.138 (None, )

ASN- ()
pixel-eu.rubiconproject.com
2    23.106.127.39 (Singapore, Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
3    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
id.rlcdn.com
5    52.46.155.104 (None, )

ASN- ()
s.amazon-adsystem.com
1    67.199.150.82 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
2    104.18.101.194 (None, )

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
5    54.179.19.43 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-179-19-43.ap-southeast-1.compute.amazonaws.com
pr-bh.ybp.yahoo.com
3    104.18.18.126 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    67.199.150.81 (Los Angeles, United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    35.79.50.48 (None, )

ASN- ()
g2.gumgum.com
2    209.191.163.209 (None, )

ASN- ()
ce.lijit.com
1    209.191.163.208 (None, )

ASN- ()
ap.lijit.com
1    34.236.59.179 (None, )

ASN- ()
ssp.disqus.com
1    104.18.13.76 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.indexww.com
2    185.84.60.20 (None, )

ASN- ()
c1.adform.net
12    103.231.98.194 (None, )

ASN- ()
simage2.pubmatic.com
image2.pubmatic.com
1    202.131.200.84 (None, )

ASN- ()
sync-dsp.ad-m.asia
1    3.113.231.86 (None, )

ASN- ()
dps.jp.cinarra.com
2    104.19.173.108 (None, )

ASN- ()
csync.loopme.me
2    151.101.1.44 (None, )

ASN- ()
trc.taboola.com
match.taboola.com
2    67.199.150.85 (None, )

ASN- ()
image4.pubmatic.com
1    35.74.137.60 (None, )

ASN- ()
rtb.gumgum.com
1    104.254.150.228 (None, )

ASN- ()
secure.adnxs.com
2    3.1.14.27 (None, )

ASN- ()
cm.adgrx.com
Apex Domain
Subdomains		 Transfer
93 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 123
aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com
419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 159
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
1 MB
79 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 218
googleads.g.doubleclick.net — Cisco Umbrella Rank: 52
cm.g.doubleclick.net — Cisco Umbrella Rank: 214
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 303
617 KB
26 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1064
fastlane.rubiconproject.com — Cisco Umbrella Rank: 519
eus.rubiconproject.com — Cisco Umbrella Rank: 582
pixel.rubiconproject.com — Cisco Umbrella Rank: 327
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1015
pixel-eu.rubiconproject.com
token.rubiconproject.com — Cisco Umbrella Rank: 711
pixel-us-east.rubiconproject.com Failed
42 KB
24 media.net
prebid.media.net — Cisco Umbrella Rank: 1269
hblg.media.net — Cisco Umbrella Rank: 1470
contextual.media.net — Cisco Umbrella Rank: 537
warp.media.net — Cisco Umbrella Rank: 2128
lg3.media.net — Cisco Umbrella Rank: 3677
cs.media.net — Cisco Umbrella Rank: 1357
180 KB
21 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 280
436 KB
21 bg3.co
www.bg3.co — Cisco Umbrella Rank: 590013
static.bg3.co
173 KB
20 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 492
image8.pubmatic.com — Cisco Umbrella Rank: 603
image6.pubmatic.com — Cisco Umbrella Rank: 634
simage2.pubmatic.com
image4.pubmatic.com
image2.pubmatic.com
36 KB
17 google.com
adservice.google.com — Cisco Umbrella Rank: 88
www.google.com — Cisco Umbrella Rank: 9
5 KB
15 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 539
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 456
14 KB
14 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 371
8 KB
14 openx.net
adpushup-d.openx.net — Cisco Umbrella Rank: 13451
rtb.openx.net — Cisco Umbrella Rank: 1517
us-u.openx.net — Cisco Umbrella Rank: 399
u.openx.net — Cisco Umbrella Rank: 705
jp-u.openx.net — Cisco Umbrella Rank: 9434
3 KB
13 adpushup.com
cdn.adpushup.com — Cisco Umbrella Rank: 13362
e3.adpushup.com — Cisco Umbrella Rank: 17352
aplogger.adpushup.com — Cisco Umbrella Rank: 15364
231 KB
12 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 278
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 488
6 KB
11 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
acdn.adnxs.com — Cisco Umbrella Rank: 604
secure.adnxs.com
38 KB
11 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 746
7 KB
11 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 1767
public.servenobid.com — Cisco Umbrella Rank: 3759
8 KB
10 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 361
218 KB
9 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 617
eb2.3lift.com — Cisco Umbrella Rank: 418
11 KB
8 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 476
tags.mathtag.com — Cisco Umbrella Rank: 3512
4 KB
7 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 570
5 KB
6 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 407
bidder.criteo.com — Cisco Umbrella Rank: 759
dis.criteo.com — Cisco Umbrella Rank: 712
2 KB
6 google.com.au
adservice.google.com.au — Cisco Umbrella Rank: 91302
1 KB
6 aralego.com
ads.aralego.com — Cisco Umbrella Rank: 28872
sync.aralego.com — Cisco Umbrella Rank: 2851
4 KB
5 amazon-adsystem.com
s.amazon-adsystem.com
aax-eu.amazon-adsystem.com Failed
3 KB
5 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 292
3 KB
5 ladsp.com
cr-p1.ladsp.com — Cisco Umbrella Rank: 16846
cr-pall.ladsp.com — Cisco Umbrella Rank: 3699
3 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1232
13 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 590
1 KB
4 turn.com
ad.turn.com — Cisco Umbrella Rank: 792
r.turn.com — Cisco Umbrella Rank: 3005
2 KB
4 gstatic.com
www.gstatic.com
fonts.gstatic.com
61 KB
4 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1049
2 KB
4 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 783
3 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 194
173 KB
4 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 8473
45 KB
3 lijit.com
ce.lijit.com
ap.lijit.com
2 KB
3 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 592
740 B
3 adform.net
cm.adform.net — Cisco Umbrella Rank: 1550
c1.adform.net
1 KB
3 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 816
s.tribalfusion.com — Cisco Umbrella Rank: 2148
2 KB
3 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
1 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 976
pixel.quantserve.com — Cisco Umbrella Rank: 458
10 KB
3 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1278
sync.teads.tv — Cisco Umbrella Rank: 1030
767 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 45
519 B
2 adgrx.com
cm.adgrx.com
1 KB
2 taboola.com
trc.taboola.com
match.taboola.com
584 B
2 loopme.me
csync.loopme.me
664 B
2 gumgum.com
g2.gumgum.com
rtb.gumgum.com
usersync.gumgum.com Failed
2 KB
2 adsymptotic.com
p.adsymptotic.com — Cisco Umbrella Rank: 457
550 B
2 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1937
ssbsync.smartadserver.com — Cisco Umbrella Rank: 939
rtb-csync.smartadserver.com Failed
1 KB
2 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 952
133 B
2 mfadsrvr.com
rtb.mfadsrvr.com — Cisco Umbrella Rank: 958
1 KB
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 594
cdn.indexww.com — Cisco Umbrella Rank: 1405
2 KB
2 dyntrk.com
c.eu1.dyntrk.com — Cisco Umbrella Rank: 5005
gu.dyntrk.com Failed
2 KB
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 21847
664 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 655
57 KB
2 holmesmind.com
adx.holmesmind.com — Cisco Umbrella Rank: 369022
2 KB
2 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 882
517 B
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 78
72 KB
2 jquery.com
code.jquery.com — Cisco Umbrella Rank: 615
60 KB
2 adrecover.com
delivery.adrecover.com — Cisco Umbrella Rank: 12529
10 KB
1 cinarra.com
dps.jp.cinarra.com
220 B
1 ad-m.asia
sync-dsp.ad-m.asia
243 B
1 disqus.com
ssp.disqus.com
287 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 204
668 B
1 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 743
669 B
1 ladsp.jp
cr-p3.ladsp.jp — Cisco Umbrella Rank: 22525
224 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1000
857 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 754
698 B
1 r-ad.ne.jp
cs.r-ad.ne.jp — Cisco Umbrella Rank: 133282
683 B
1 uncn.jp
ds.uncn.jp — Cisco Umbrella Rank: 17820
512 B
1 fksnk.com
fksnk.com — Cisco Umbrella Rank: 4753
613 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 54
1 KB
1 adingo.jp
cc.adingo.jp — Cisco Umbrella Rank: 3586
414 B
1 akamaihd.net
qsearch-a.akamaihd.net — Cisco Umbrella Rank: 1614
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 933
633 B
1 adxpremium.services
rtb.adxpremium.services — Cisco Umbrella Rank: 7555
396 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 422
2 KB
1 ampproject.net
d-40317529472723931178.ampproject.net
0 creativecdn.com Failed
creativecdn.com Failed
0 360yield.com Failed
ad.360yield.com Failed
0 bluekai.com Failed
stags.bluekai.com Failed
0 technoratimedia.com Failed
sync.technoratimedia.com Failed
0 ipredictive.com Failed
sync.ipredictive.com Failed
0 outbrain.com Failed
sync.outbrain.com Failed
0 admedo.com Failed
pool.admedo.com Failed
0 tapad.com Failed
pixel.tapad.com Failed
0 contextweb.com Failed
bh.contextweb.com Failed
0 dotomi.com Failed
casale-match.dotomi.com Failed
0 pippio.com Failed
pippio.com Failed
0 deepintent.com Failed
match.deepintent.com Failed
0 iprom.net Failed
core.iprom.net Failed
0 nrich.ai Failed
dsp.nrich.ai Failed
0 demdex.net Failed
dpm.demdex.net Failed
0 yieldlift.com Failed
x.yieldlift.com Failed
0 mookie1.com Failed
odr.mookie1.com — Cisco Umbrella Rank: 929 Failed
0 zemanta.com Failed
b1sync.zemanta.com — Cisco Umbrella Rank: 572 Failed
0 impdesk.com Failed
pix.impdesk.com Failed
0 netmng.com Failed
google2waycm.netmng.com Failed
0 omnitagjs.com Failed
hb-api.omnitagjs.com Failed
509 98
Domain Requested by
53 pagead2.googlesyndication.com cdn.ampproject.org
ads.aralego.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
adx.holmesmind.com
www.bg3.co
googleads.g.doubleclick.net
tpc.googlesyndication.com
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
www.googletagservices.com
52 cm.g.doubleclick.net 17 redirects www.bg3.co
googleads.g.doubleclick.net
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
u.openx.net
onetag-sys.com
eb2.3lift.com
g2.gumgum.com
34 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
pagead2.googlesyndication.com
www.bg3.co
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
21 s0.2mdn.net www.bg3.co
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
s0.2mdn.net
20 static.bg3.co www.bg3.co
14 match.adsrvr.org 13 redirects cdn.adpushup.com
14 contextual.media.net googleads.g.doubleclick.net
contextual.media.net
cdn.adpushup.com
eus.rubiconproject.com
ads.pubmatic.com
12 googleads.g.doubleclick.net 2 redirects cdn.ampproject.org
pagead2.googlesyndication.com
www.bg3.co
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
11 onetag-sys.com 2 redirects cdn.adpushup.com
www.bg3.co
onetag-sys.com
public.servenobid.com
ads.pubmatic.com
11 securepubads.g.doubleclick.net cdn.aralego.net
securepubads.g.doubleclick.net
cdn.adpushup.com
www.bg3.co
10 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
ssum-sec.casalemedia.com
10 www.google.com googleads.g.doubleclick.net
tpc.googlesyndication.com
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
10 ads.servenobid.com cdn.adpushup.com
public.servenobid.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
onetag-sys.com
g2.gumgum.com
10 cdn.ampproject.org www.bg3.co
cdn.ampproject.org
9 ib.adnxs.com 5 redirects cdn.adpushup.com
googleads.g.doubleclick.net
acdn.adnxs.com
8 simage2.pubmatic.com ads.pubmatic.com
8 eb2.3lift.com 3 redirects cdn.adpushup.com
eb2.3lift.com
7 ups.analytics.yahoo.com 6 redirects onetag-sys.com
7 pixel.rubiconproject.com 2 redirects onetag-sys.com
www.bg3.co
7 eus.rubiconproject.com cdn.adpushup.com
contextual.media.net
eus.rubiconproject.com
public.servenobid.com
g2.gumgum.com
7 sync.1rx.io 7 redirects public.servenobid.com
7 adservice.google.com cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 sync.mathtag.com 6 redirects
6 us-u.openx.net 2 redirects googleads.g.doubleclick.net
u.openx.net
6 adservice.google.com.au pagead2.googlesyndication.com
securepubads.g.doubleclick.net
6 e3.adpushup.com www.bg3.co
5 pr-bh.ybp.yahoo.com 2 redirects ssum-sec.casalemedia.com
ads.pubmatic.com
5 s.amazon-adsystem.com 2 redirects onetag-sys.com
eb2.3lift.com
ssum-sec.casalemedia.com
5 x.bidswitch.net 4 redirects onetag-sys.com
ads.pubmatic.com
ssbsync.smartadserver.com
g2.gumgum.com
5 prebid.a-mo.net 2 redirects cdn.adpushup.com
www.bg3.co
5 cdn.adpushup.com www.bg3.co
cdn.adpushup.com
4 image2.pubmatic.com ads.pubmatic.com
4 token.rubiconproject.com 3 redirects www.bg3.co
4 ads.pubmatic.com contextual.media.net
public.servenobid.com
ads.pubmatic.com
g2.gumgum.com
4 googleads4.g.doubleclick.net www.bg3.co
4 sync-tm.everesttech.net 4 redirects
4 cr-p1.ladsp.com 4 redirects
4 sync.targeting.unrulymedia.com 4 redirects
4 pm.w55c.net 4 redirects
4 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.googletagservices.com googleads.g.doubleclick.net
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
4 adpushup-d.openx.net cdn.adpushup.com
4 cdn.aralego.net www.bg3.co
ads.aralego.com
3 ssum-sec.casalemedia.com js-sec.indexww.com
public.servenobid.com
ssum-sec.casalemedia.com
3 id.rlcdn.com 3 redirects
3 secure-assets.rubiconproject.com 3 redirects
3 ad.turn.com 3 redirects
3 fonts.gstatic.com fonts.googleapis.com
3 px.ads.linkedin.com 3 redirects
3 lg3.media.net googleads.g.doubleclick.net
www.bg3.co
3 hblg.media.net www.bg3.co
googleads.g.doubleclick.net
3 prebid-server.rubiconproject.com cdn.adpushup.com
3 gum.criteo.com cdn.adpushup.com
contextual.media.net
3 www.google-analytics.com www.bg3.co
www.googletagmanager.com
3 sync.aralego.com ads.aralego.com
www.bg3.co
3 ads.aralego.com 1 redirects ads.aralego.com
2 cm.adgrx.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
2 csync.loopme.me 2 redirects
2 c1.adform.net 1 redirects ads.pubmatic.com
2 ce.lijit.com 2 redirects
2 p.adsymptotic.com 1 redirects eb2.3lift.com
2 cs.emxdgt.com contextual.media.net
g2.gumgum.com
2 rtb.mfadsrvr.com 2 redirects
2 dis.criteo.com 2 redirects
2 jp-u.openx.net u.openx.net
2 tags.mathtag.com 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
www.bg3.co
2 c.eu1.dyntrk.com 2 redirects
2 ipac.ctnsnet.com 2 redirects
2 a.tribalfusion.com 1 redirects ads.pubmatic.com
2 sync.teads.tv 1 redirects googleads.g.doubleclick.net
2 cs.media.net contextual.media.net
2 static.criteo.net cdn.adpushup.com
static.criteo.net
2 pixel.quantserve.com 1 redirects www.bg3.co
2 aplogger.adpushup.com cdn.adpushup.com
2 htlb.casalemedia.com cdn.adpushup.com
2 adx.holmesmind.com pagead2.googlesyndication.com
2 partner.googleadservices.com pagead2.googlesyndication.com
2 www.googletagmanager.com cdn.ampproject.org
cdn.adpushup.com
2 code.jquery.com delivery.adrecover.com
cdn.adpushup.com
2 delivery.adrecover.com www.bg3.co
1 secure.adnxs.com 1 redirects
1 rtb.gumgum.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 dps.jp.cinarra.com ads.pubmatic.com
1 sync-dsp.ad-m.asia ads.pubmatic.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 ssp.disqus.com 1 redirects
1 ap.lijit.com public.servenobid.com
1 ssbsync.smartadserver.com public.servenobid.com
g2.gumgum.com
1 g2.gumgum.com public.servenobid.com
1 image6.pubmatic.com ads.pubmatic.com
1 c.bing.com eb2.3lift.com
1 image8.pubmatic.com onetag-sys.com
ads.pubmatic.com
1 ssbsync-global.smartadserver.com onetag-sys.com
1 pixel-eu.rubiconproject.com onetag-sys.com
1 p.rfihub.com 1 redirects
1 cr-pall.ladsp.com 1 redirects
1 cr-p3.ladsp.jp 1 redirects
1 tg.socdm.com 1 redirects
1 cm.adform.net www.bg3.co
1 js-sec.indexww.com cdn.adpushup.com
1 acdn.adnxs.com cdn.adpushup.com
1 public.servenobid.com cdn.adpushup.com
1 u.openx.net cdn.adpushup.com
1 sync.srv.stackadapt.com 1 redirects
1 cs.r-ad.ne.jp 1 redirects
1 s.tribalfusion.com 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
1 r.turn.com 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
1 ds.uncn.jp 1 redirects
1 fksnk.com 1 redirects
1 www.gstatic.com 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
1 fonts.googleapis.com 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
1 cc.adingo.jp 1 redirects
1 rtb.openx.net 1 redirects
1 warp.media.net googleads.g.doubleclick.net
1 qsearch-a.akamaihd.net www.bg3.co
1 rules.quantcount.com secure.quantserve.com
1 419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 secure.quantserve.com cdn.adpushup.com
1 a.teads.tv cdn.adpushup.com
1 prebid.media.net cdn.adpushup.com
1 tlx.3lift.com cdn.adpushup.com
1 rtb.adxpremium.services cdn.adpushup.com
1 bidder.criteo.com cdn.adpushup.com
1 fastlane.rubiconproject.com cdn.adpushup.com
1 cdn.jsdelivr.net cdn.adpushup.com
1 d-40317529472723931178.ampproject.net cdn.ampproject.org
1 www.bg3.co
0 creativecdn.com Failed g2.gumgum.com
0 ad.360yield.com Failed g2.gumgum.com
0 stags.bluekai.com Failed g2.gumgum.com
0 sync.technoratimedia.com Failed g2.gumgum.com
0 sync.ipredictive.com Failed g2.gumgum.com
0 sync.outbrain.com Failed g2.gumgum.com
0 pool.admedo.com Failed g2.gumgum.com
0 usersync.gumgum.com Failed g2.gumgum.com
0 pixel-us-east.rubiconproject.com Failed eus.rubiconproject.com
0 pixel.tapad.com Failed onetag-sys.com
0 gu.dyntrk.com Failed ssbsync.smartadserver.com
0 bh.contextweb.com Failed ssbsync.smartadserver.com
g2.gumgum.com
0 rtb-csync.smartadserver.com Failed ssbsync.smartadserver.com
0 casale-match.dotomi.com Failed ssum-sec.casalemedia.com
0 pippio.com Failed ads.pubmatic.com
0 match.deepintent.com Failed ads.pubmatic.com
ssum-sec.casalemedia.com
g2.gumgum.com
0 core.iprom.net Failed ads.pubmatic.com
0 dsp.nrich.ai Failed ads.pubmatic.com
0 dpm.demdex.net Failed ssum-sec.casalemedia.com
0 x.yieldlift.com Failed public.servenobid.com
0 aax-eu.amazon-adsystem.com Failed www.bg3.co
0 odr.mookie1.com Failed eb2.3lift.com
0 b1sync.zemanta.com Failed contextual.media.net
eb2.3lift.com
ssum-sec.casalemedia.com
0 pix.impdesk.com Failed googleads.g.doubleclick.net
0 google2waycm.netmng.com Failed googleads.g.doubleclick.net
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
0 hb-api.omnitagjs.com Failed cdn.adpushup.com
509 157

This site contains no links.

Subject Issuer Validity Valid
*.bg3.co
AlphaSSL CA - SHA256 - G2		 2022-05-20 -
2023-06-21		 a year crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
cdn.adpushup.com
R3		 2022-06-29 -
2022-09-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-16 -
2023-04-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.jquery.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-03 -
2023-07-14		 a year crt.sh
*.aralego.com
Sectigo RSA Domain Validation Secure Server CA		 2021-10-21 -
2022-11-20		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.adpushup.com
Sectigo ECC Domain Validation Secure Server CA		 2022-08-02 -
2023-09-02		 a year crt.sh
*.google.com.au
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.holmesmind.com
Go Daddy Secure Certificate Authority - G2		 2022-05-19 -
2023-06-20		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.a-mo.net
R3		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.adxpremium.services
Sectigo RSA Domain Validation Secure Server CA		 2021-08-05 -
2022-09-05		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
teads.tv
R3		 2022-08-17 -
2022-11-15		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-06-28 -
2023-06-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-08-01 -
2022-10-24		 3 months crt.sh
*.mathtag.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-04-18 -
2023-04-25		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.servenobid.com
Amazon		 2022-02-06 -
2023-03-07		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.emxdgt.com
Amazon		 2022-06-03 -
2023-07-02		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-05 -
2023-05-04		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2022-06-10 -
2022-12-10		 6 months crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-14 -
2022-12-07		 6 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
sync-dsp.ad-m.asia
GlobalSign GCC R3 DV TLS CA 2020		 2022-07-21 -
2023-08-22		 a year crt.sh
*.jp.cinarra.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-14 -
2023-06-13		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh

This page contains 90 frames:

Primary Page: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Frame ID: B1C214006C50E93FBA1E6F9D878A76F4
Requests: 102 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3EC6AED5575B3A2576AEFA9F7360270D
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/show_ads.js
Frame ID: 3B05C6BFBC065C257610CB430B42B1ED
Requests: 8 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: 78AB3AD1E847AF332354B8CB306A4FDB
Requests: 9 HTTP requests in this frame

Frame: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Frame ID: A4E5CF27FD817B928D8753EA13596AD6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-8562404511470109277&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3180&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=30401005795&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&ga_hid=5795&dt=1661238885740&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&bdt=2174&dtd=353&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Frame ID: 3E82D90096A81B9E57E44F986AEFA679
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Frame ID: 24D640DA39D8718A24563907F589F154
Requests: 8 HTTP requests in this frame

Frame: https://aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 09FCEAC799D89BBA6EF70B7AA1B78661
Requests: 1 HTTP requests in this frame

Frame: https://419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 8D037B4CE5FFCBF5AFC9590C42915D5D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Frame ID: 03E9B625BDA85FB872518238B622BE69
Requests: 1 HTTP requests in this frame

Frame: https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Frame ID: A872354F25CDFA3515B7C5401052FB19
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=C-nnDaH4EY5PwDZWpngXkgIdQrNf98GS09qiT4gvAjbcBEAEgAGClwKOApAGCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N6ABlfWb3wPIAQmoAwGqBK0CT9CN_CpENhBCK0ugc4ln4eNfCeb4QR3610Noyickh3Px7-Z5Kz4cXShgU1km6Z5T6OT_L72g_K64pdSQMUkjFiQMEkATpqal_6gi6d90G8HenArC-zkW96vJku0Ks2nHlzrGaZWjqn6H2HS-nrMYDZfryfW_yWPgA7Gnsr5G5XEoHRnyQWFFrkip8JV95DzUV9XLZzjn57JknOOft51Sx0cUpF0wMEln5K0y9hKQ-AeOOxY_LC4SZRAeUlRDR3ihG20FZMmCfIFqgb5-GG5eEbWVttdfgItmMyzbZPrcSgN9ugiUVzQ7B8-WlOZ48FmKMze3FsKMPrJJXSZ5LWq2bCs-SUG8jwOBy7-CMnHWk-_4ik2iDXqTtnK2rTdOMU2d8s6tz_azVCEw04domYAGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=eN4CVSPYaAs&uach_m=[UACH]&cid=CAQSPACsnQUxpy53O5nNu_JhCv2l_njUQTQypNMmSEDR33FLT5opF5TZ47Qw093u-BKa5S3msXAnrurKhzo3BhgB
Frame ID: 36FDC5866B8FEF4D56060C0F910C992D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Frame ID: F9B2104101F7B86186D43ACAB1A21E84
Requests: 1 HTTP requests in this frame

Frame: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 005EF3AEF533653A7188652716A7BF40
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8E2A92859BC3FFD2B097BF64F1424CB6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: BAF1CA1729317B82465148FC7B6EB196
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 70AAD585FC609D158D24D587D364ACBB
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3DE3FC85D56FCCACBBC905D06F8B621
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238889104&bpp=3&bdt=379&idt=314&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&nras=1&correlator=8280574251330&frm=8&ife=1&pv=2&ga_vid=175170663.1661238889&ga_sid=1661238889&ga_hid=944145834&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767166%2C31068957%2C31067825&oid=2&pvsid=3031117260853865&tmod=1731377135&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.m96a59vykwd0&fsb=1&dtd=327
Frame ID: 0FED714C1B6B7FF53C52E2727011ECD2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238889107&bpp=2&bdt=382&idt=331&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8280574251330&frm=8&ife=1&pv=1&ga_vid=175170663.1661238889&ga_sid=1661238889&ga_hid=944145834&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767166%2C31068957%2C31067825&oid=2&pvsid=3031117260853865&tmod=1731377135&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.lsridnvki5zn&fsb=1&dtd=336
Frame ID: 90CA77B9EB5B10A1F43AF0C3AE77A022
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Frame ID: 9782551E4E7E9A053AEAD8340D27B36D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BEF395FBB09E91A0D9BE6D51757207ED
Requests: 9 HTTP requests in this frame

Frame: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9EC0497E9054D06C4432C02BFD28B92D
Requests: 16 HTTP requests in this frame

Frame: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 857D7A6C2A27C305117296C7BF4706E4
Requests: 16 HTTP requests in this frame

Frame: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 714A259AA436A48DF0643C0B49634DB5
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 771F9F34FC21AC2D8A25D1811CE81AD9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: AE2610DF3F19AF69A910BA8C97355815
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9E1763B0C74A3F592FFDF59701244BF6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 612CD1F6526562ED10A02AE87DBD1779
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 57B5329B522CBD3CEFF3DD790BF3815E
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F98FB44467940B5EB54B8C24ACBDD724
Requests: 2 HTTP requests in this frame

Frame: data://truncated
Frame ID: B64593466AA0D9D70CCEEC67A14326DA
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNWN5OpPYQfVFur9vEQwZiHGLFhI32tfWmG3YurwKEAF3gfr--hUWNqSw8I9QTWyXCJjTFgN-2XrhegFIvYEW01NCyUQ_A
Frame ID: 198C0914A061D52F05219F92346229C7
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXdh0YVaOcRxkccHWQoDoTrRF4GhA7Xv0CW5oEgujPoBxVFtDhjz1pulxBcl369pKFA4pwOPs30pPuvVl3Y-BPYN79CAA
Frame ID: 729948BCDB715C9F4E96294217F269A7
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9AE4F37705599A7DF5761817EA602D1B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 77632B30A06F9A922968AF988843A5A3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: A364A4D1224FF624A8246CDA1DFB2D04
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Frame ID: 3C65EA43EC7787B0A467CFD6A867C44F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9178D1CED479CA6347A89D73C37640C5
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 932295E45E6C6DD59EC0C175DDD9C15C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 65D2194DB12B052129F8280020D3E410
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6DC98B4A4AF54EF231348A4BC580BE6F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
Frame ID: 894DEF1551C5CDCA529E65D3652E91F4
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
Frame ID: 09850E83D595D0882976F03FFD2B3F4C
Requests: 9 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: AD5B613E4749911DC69FC45FD42B1532
Requests: 7 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 326E2C151100784E91E96C901189090B
Requests: 13 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 661C410B8FEBAF61896543B48A97E2B3
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1661238887863
Frame ID: E79928565513CB40A72BEEF7277C8617
Requests: 14 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?&ld=1
Frame ID: F6E24F001469D920C5279883FC8BF168
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FC7DA80A7BEC45ECBF7DF3D573892E7C
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Frame ID: 0E5BA0F87C40BDA4A562A3F5E363DD84
Requests: 11 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6A6FEEBD688A0484803CBB359DB8CA0B
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 1148BD0B1BB3606923EFA2BCF12E9CE6
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=rkt&refUrl=&vid=12388923893042404891537389000V10&ovsid=1991787313928468380
Frame ID: 30FE4402A04CCC4C048E71631D14DBDE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Frame ID: 382CE3D96FA853D1FC55D7085D92CD13
Requests: 19 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: CF074ECBE8E6A142A8BA612AB36B0CB2
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 1EEC4698368522458DE9331DA1584D89
Requests: 1 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: FEFBF3F36C12D24EDC8CC50C3598B156
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 249B230BFAA6CF2071E3D4139B006661
Requests: 15 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 2E038588115B49F2D167077F0798716E
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: DF0E01E8CD27C105530E8B71192D10ED
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 4F546FA4D932C4270FC18BBFFE1FE8FC
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Frame ID: F304601BF41E72EE5EAFE59F36B4DCD3
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Frame ID: D7056C64C62560DE28A14C05177D3AEF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
Frame ID: BD7620FE64B0EE33586D6590546D7114
Requests: 1 HTTP requests in this frame

Frame: https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Frame ID: 54FA01CC6AFFE52620EC4B8F185396BC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Frame ID: F4D44FF0A32648D4B9D4CCAF51BCDCD9
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Frame ID: 0327174F9DEFBE3C78569F61F442DCB1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1UmzCIQq1Oqo7E5&gdpr=0&gdpr_consent=
Frame ID: BEDF29202B997F5BCD892D13EEB320DD
Requests: 1 HTTP requests in this frame

Frame: https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Frame ID: D2D7808147CDFCF3495B28BF532B5032
Requests: 1 HTTP requests in this frame

Frame: https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Frame ID: 44937977CC65FD3D3DEA08FC47EDA041
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=492aed34-22b3-11ed-8d50-b1ea5d048eea
Frame ID: 89622D5F07E17B6F8A4C2CE1457F552F
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Frame ID: 24C4E0727E55069685987E87D9AEE564
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=165b4480044d47dc965ac2557d877be5
Frame ID: 7DD9C272BF013A29D23C19FC8B3316C6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Frame ID: A2385F12A7496EED13CC1B2A0A10996E
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 1D235B9C554F24679AE0F19A0BB75A20
Requests: 1 HTTP requests in this frame

Frame: https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 964ECEC71574D1222CD57F8B6B56E40C
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 343EB5064208A696AB0A44CED6DB683C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93c687e3-316c-474c-8a4b-a702beb6378b-tuct9fe03ed&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 4961A3D28B267591F7ACEE2E62C32E4E
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=pba&refUrl=&vid=12388923893042404891537389000V10&ovsid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Frame ID: 19E2E682681E59E210D7B4D95AFA9663
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Frame ID: 1FE5A845DC22240537F89E65D1759FFC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
Frame ID: D5584206FB5540A046C76057C78C316E
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NzE3OWE0Zi03ZTYwLTQ2ZTUtYTA1ZC0zZWZmY2RkODU5OTk=&gdpr=0&gdpr_consent=
Frame ID: F0997507978C4205C5C981D7C2829915
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 9E2AD25349729C79662858FD2CF6BC60
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=ttd&i=24de8755-1fd5-4995-84de-10c316ebc90a
Frame ID: D77B5F72B53D4422D51FFB658F8AB4AD
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Frame ID: 97A2BF7DD63BA66359A562A4A2F0B8DB
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=YwR.bsCo8YUAAItRBr4AAAAA
Frame ID: A1EE62AF58201882AE34E3909160C813
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=iex&i=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
Frame ID: A9552B8B7A967BF5017B7DFB36E6DE6A
Requests: 1 HTTP requests in this frame

Frame: https://creativecdn.com/cm-notify?pi=gumgum
Frame ID: ABBA71527EB61563E56575C0E73B6619
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 955FE9AA009A7AAB36B10426C55956C4
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

超市驚見翹臀正妹 好奇跟看「側面比背面殺」:太銷魂 - 天天要聞

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/pagead/show_ads\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

509
Requests

67 %
HTTPS

0 %
IPv6

98
Domains

157
Subdomains

83
IPs

10
Countries

3660 kB
Transfer

9882 kB
Size

128
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ads.aralego.com/sdk HTTP 301
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Request Chain 67
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886050&bpp=16&bdt=1458&idt=502&shv=r20220818&mjsv=m202208170101&ptt=5&saldr=sa&correlator=3936562187921&frm=23&ife=1&pv=2&ga_vid=717044301.1661238887&ga_sid=1661238887&ga_hid=1073898155&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=1030&biw=1600&bih=1200&isw=336&ish=280&ifk=3418870631&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31068487%2C31068855%2C31069029%2C31069063%2C21066430&oid=2&pvsid=2336590716747131&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.j0itf9ajbekh&fsb=1&dtd=519 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Request Chain 124
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F%2Fwww.bg3.co%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238887957&bpp=12&bdt=208&idt=300&shv=r20220818&mjsv=m202208170101&ptt=5&saldr=sa&correlator=8280574251330&frm=8&ife=1&pv=2&ga_vid=1129632555.1661238888&ga_sid=1661238888&ga_hid=262874996&ga_fc=0&nhd=2&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=3719853736&scr_x=-12245933&scr_y=-12245933&eid=44759876%2C44759927%2C44759842%2C31069049&oid=2&pvsid=3030552095383672&uas=0&nvt=1&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=1.l4irzcwu2wmt&fsb=1&dtd=314 HTTP 302
  • https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Request Chain 167
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cver=1&google_push=AehlK4A9KIuvwqynJx_sBxx8wJFI_6A_Yr4-zQECdb4vVVXnI4HEgE_2M01d_PZZANCGCYRnPbpsKPvu5uteijww-EW5blPiN3s HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cver=1&google_push=AehlK4A9KIuvwqynJx_sBxx8wJFI_6A_Yr4-zQECdb4vVVXnI4HEgE_2M01d_PZZANCGCYRnPbpsKPvu5uteijww-EW5blPiN3s HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVVtekNJUXExT3FvN0U1&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cver=1&google_push=AehlK4A9KIuvwqynJx_sBxx8wJFI_6A_Yr4-zQECdb4vVVXnI4HEgE_2M01d_PZZANCGCYRnPbpsKPvu5uteijww-EW5blPiN3s
Request Chain 168
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxGeehB6oUGABex5q7mlBw&google_cver=1&google_push=AehlK4BXu2iaD8vptAiDoMr7APO8a3oy3iwBMXHMjeL8XO2raGXZderuXfOjsURa8Mqv2oZ6f7H8XoTAzzxxFbDqZISRvibD8Iw HTTP 302
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEAxGeehB6oUGABex5q7mlBw&google_cver=1&google_push=AehlK4BXu2iaD8vptAiDoMr7APO8a3oy3iwBMXHMjeL8XO2raGXZderuXfOjsURa8Mqv2oZ6f7H8XoTAzzxxFbDqZISRvibD8Iw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
Request Chain 170
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPOFubS5SmXw6lfxFxQv57s&google_cver=1&google_push=AehlK4AjkD-8Ag6HIBybEk23ndkAy1-58vc4LNnxwLArkPtgLFg1V7Fpi0abzZ4nBIjaufFfSZ3frsF0WtxvVDyvdmQQp5eeCcI HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AjkD-8Ag6HIBybEk23ndkAy1-58vc4LNnxwLArkPtgLFg1V7Fpi0abzZ4nBIjaufFfSZ3frsF0WtxvVDyvdmQQp5eeCcI&google_hm=EIPAKOhUxtgwKAMPFCqzHg==
Request Chain 171
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOqf9sGtiiKQxSlEtd55lNw&google_cver=1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661238890944 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-05f6ca0c-8673-4f4b-bf18-e2bfd6cf1055-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg%26google_hm%3DBAX2ygyGc09Lvxjiv9bPEFU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg&google_hm=BAX2ygyGc09Lvxjiv9bPEFU
Request Chain 172
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEK3BBFolYvVucuI0iF6JweY&google_cver=1&google_push=AehlK4D4P6nt-qSCOx1zgyR4nXri7SVyudBgT9fJuprsoTyXcCJH-Zlia2ac1aMAc4gvk86n03kU_j0GSLpWiIH4kjC5OH8ghQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4D4P6nt-qSCOx1zgyR4nXri7SVyudBgT9fJuprsoTyXcCJH-Zlia2ac1aMAc4gvk86n03kU_j0GSLpWiIH4kjC5OH8ghQ&google_hm=cce47bd3168de2bf8e1a261fc9aab341
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MjQwNDg5MTUzNzMwMTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPYPU5tnQoFeNXrqYOma8Y0&google_cver=1
Request Chain 179
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=24de8755-1fd5-4995-84de-10c316ebc90a
Request Chain 225
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1
Request Chain 226
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwR.ak-wLMs5-uM0uZ1hzwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1&google_hm=2
Request Chain 227
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHi96LdExNyzFqR2hbJ3bf8&google_cver=1
Request Chain 228
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMjgyMDA2ODczMDQ0MjY5Mw%3D%3D
Request Chain 230
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
Request Chain 231
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTNiYTk5ZGUtODhhNS0yMTUyLWMzYmMtMTUwMTBkZDE0N2M0
Request Chain 232
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEBWqZdEhLGXjsn_yxZXuFo8&google_cver=1
Request Chain 233
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDdhOWIwZjAtNjdiYy00MmZiLWE0MzAtMTZkOTQ1NWYxOGE5
Request Chain 242
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGXOgEBDvk8gDslOKwFB3JE&google_cver=1&google_push=AehlK4AkSo_wIKzMVKZnIQam9vIBwKdgPSLWUx2hIKYa_AGJfyNKfaHrmnz5K8SCRj90obtegcNfNLG71Y6FWr0iNMAbMXQ8WrlY HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AkSo_wIKzMVKZnIQam9vIBwKdgPSLWUx2hIKYa_AGJfyNKfaHrmnz5K8SCRj90obtegcNfNLG71Y6FWr0iNMAbMXQ8WrlY
Request Chain 243
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBgFHDU-f1CWvB8H2FkxRAg&google_cver=1&google_push=AehlK4Biox2NGGhKHN0FqrG6SrrK2EREMrCeQacpK4X7hFLCMiJWdvYnOVsfsMuQrZwN2Mt0lPjddUbPnc1ehSb_TBfNpOurrI-6 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4Biox2NGGhKHN0FqrG6SrrK2EREMrCeQacpK4X7hFLCMiJWdvYnOVsfsMuQrZwN2Mt0lPjddUbPnc1ehSb_TBfNpOurrI-6
Request Chain 244
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_gid=CAESEIVGkeu_y2BzP-TMI4ax5f0&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_gid=CAESEIVGkeu_y2BzP-TMI4ax5f0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_hm=AfWs5k5jSpidks8ADsaW3oUR-cA
Request Chain 245
  • https://fksnk.com/cs/google?google_gid=CAESEFJX_DMrjBuLJxkADGx5M5Y&google_cver=1&google_push=AehlK4D6QZslKmcXylaCfuDcsaSsHM7e8wvqbPAvg-O6K-OeZZwRtOIovxx8JQbKOOm9oj8peST4ot09m-5a_J5Xsoufu9kaf2H0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0VFQzlFNDI4RDA0QkEyMw==
Request Chain 246
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKWTUsiu_FgJAsJyH_9Q4Ig&google_cver=1&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKWTUsiu_FgJAsJyH_9Q4Ig&google_cver=1&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw&google_hm=nl_CYA5bQXGn7aDb6R3STA==
Request Chain 247
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEElWnNPZXxngR2fqu2-aTio&google_cver=1&google_push=AehlK4C2iIIpCyjH9D76XCAOCgNQfxwQk1-GFotXwele6lBAF30ORnwsETSnP7Q9rxcq7II2wTXS5od1o-BYzXkThOjM0vzfKjzA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4C2iIIpCyjH9D76XCAOCgNQfxwQk1-GFotXwele6lBAF30ORnwsETSnP7Q9rxcq7II2wTXS5od1o-BYzXkThOjM0vzfKjzA&google_hm=AbbMLkMv1kW6uGNqJieoojE
Request Chain 248
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOqf9sGtiiKQxSlEtd55lNw&google_cver=1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1661238891123 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA%26google_hm%3DBGJSZBS8KUJ2v-_O_58colo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA&google_hm=BGJSZBS8KUJ2v-_O_58colo
Request Chain 277
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPSciNVoi5uw8jwYy0nvU50&google_cver=1&google_push=AehlK4DGotKmnZLBMtW2ueTTgBRWHhr86v3dBjdV_ckjh1U9twWcwREGSOWHevb98VBixDm_70d4_CP_F8JWOPdDyTQ0_0RZVxeK0A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg5OTc1ODc2ODQ5NTY4MjA1Ng==&gdpr=&gdpr_consent= HTTP 302
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSciNVoi5uw8jwYy0nvU50&google_cver=1
Request Chain 278
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGXOgEBDvk8gDslOKwFB3JE&google_cver=1&google_push=AehlK4DcjaPqTyuM9YOkJiW4MPYY6ff1XApqcMyfoYD_8PZqPEBoOLiL9-5fu1PckZW18xRBgMjJ6jsDJxysB5tphy63qQOqYnOv HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DcjaPqTyuM9YOkJiW4MPYY6ff1XApqcMyfoYD_8PZqPEBoOLiL9-5fu1PckZW18xRBgMjJ6jsDJxysB5tphy63qQOqYnOv
Request Chain 279
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJZnfkC9jS4N6ZYZa0qMg20&google_cver=1&google_push=AehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJZnfkC9jS4N6ZYZa0qMg20&google_cver=1&google_push=AehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Request Chain 280
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_cver=1&google_push=AehlK4BkjL8L8rl1NlPuvmlIaMnPWdWjQBHbFz41-3ekV13wkohn4BOTbIO-ODgF4rRMWCe5nZJbgc762PdaOkPTvrcQhGdDsR7Ssg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4BkjL8L8rl1NlPuvmlIaMnPWdWjQBHbFz41-3ekV13wkohn4BOTbIO-ODgF4rRMWCe5nZJbgc762PdaOkPTvrcQhGdDsR7Ssg
Request Chain 281
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxGeehB6oUGABex5q7mlBw&google_cver=1&google_push=AehlK4CdXG_CLhauvssnfT5AHZKlvpruQ_zOJ9mK7pWXIp21871tpEx4sgcfww366GsQo3-3IUKmDX6l_WdF2DhnYAgDF5X4J49_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
Request Chain 282
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEO2k01kQB5wTw4fetZC9dOg&google_cver=1&google_push=AehlK4DjC5nZBV98SwWuVk-0kVFcFCCC9w4m-Zz-yi_h1TCzi1fpeyCe-H1OSOuKOgf5E-8z8Xd7wo-vGU-GwU67blK3v_fyovFVlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DjC5nZBV98SwWuVk-0kVFcFCCC9w4m-Zz-yi_h1TCzi1fpeyCe-H1OSOuKOgf5E-8z8Xd7wo-vGU-GwU67blK3v_fyovFVlQ&google_hm=NTA3N0VxMDBlQkRHYTAwN0F5Q2M
Request Chain 283
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFX0V-b-WBHPMqdjESNFEAY&google_cver=1&google_push=AehlK4A2Jl5CsjxrILJ68U3VpKzoIpPPzYIrTi88RGc6fZnroKrwZ_Q_qOE6UaMJe8MugCJ9kdX7j7XL_ebN1oOgVELh7WQgst4JKA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Fh6Ioex8QBlHokQAI89N2mfR_k0&google_push=AehlK4A2Jl5CsjxrILJ68U3VpKzoIpPPzYIrTi88RGc6fZnroKrwZ_Q_qOE6UaMJe8MugCJ9kdX7j7XL_ebN1oOgVELh7WQgst4JKA
Request Chain 286
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_cver=1&google_push=AehlK4CAJqzRSNI8xsG0yX5htRAu8JASUhPXKbYukym-egAuHHsauFyLTdznG45UqLfR33Dgy30vf0fJjyTOBw7iND1W7yO7HqFvVDeFqkQsnnAiF92ayyOO-x4PMgOGpGvdV9m4EMWkDQU HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4CAJqzRSNI8xsG0yX5htRAu8JASUhPXKbYukym-egAuHHsauFyLTdznG45UqLfR33Dgy30vf0fJjyTOBw7iND1W7yO7HqFvVDeFqkQsnnAiF92ayyOO-x4PMgOGpGvdV9m4EMWkDQU
Request Chain 287
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOB8ErzluWUaj7BdVudUIn0&google_cver=1&google_push=AehlK4B_478u7PPSXKoqzX9Sl900Pthu8T-LsVMW6UaNAHB9tnVnlDS0yRfn-RTgU-4fByt9EJH7WD_t_UlOjn1PIV9SJ9M7j0ccnAzL83qtGMvRtdmG-gHep-G2PKPiE3fDzl6ugqL71A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B_478u7PPSXKoqzX9Sl900Pthu8T-LsVMW6UaNAHB9tnVnlDS0yRfn-RTgU-4fByt9EJH7WD_t_UlOjn1PIV9SJ9M7j0ccnAzL83qtGMvRtdmG-gHep-G2PKPiE3fDzl6ugqL71A&google_hm=FltEgARNR9yWWsJVfYd75U0
Request Chain 288
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQtDHQ&google_gid=CAESEIVGkeu_y2BzP-TMI4ax5f0&google_cver=1 HTTP 302
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQtDHQ&google_gid=CAESEIVGkeu_y2BzP-TMI4ax5f0&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQtDHQ&google_hm=Ab9mphfIXJK_ks8ADsWuCeMFxsA
Request Chain 289
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEK-qccGEr2irjMeSNRNMUTg&google_cver=1&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3vq-YuHX3kt6ZGx7UKV0kSfTfxaa7d-7N2SecrcJ7SjelBMRuZEAMj-SkLKTig HTTP 302
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEK-qccGEr2irjMeSNRNMUTg&google_cver=1&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3vq-YuHX3kt6ZGx7UKV0kSfTfxaa7d-7N2SecrcJ7SjelBMRuZEAMj-SkLKTig&prevuid=03030002_63047e6c43acd&knw= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3vq-YuHX3kt6ZGx7UKV0kSfTfxaa7d-7N2SecrcJ7SjelBMRuZEAMj-SkLKTig&google_hm=MDMwMzAwMDJfNjMwNDdlNmM0M2FjZA%3D%3D
Request Chain 291
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEOqf9sGtiiKQxSlEtd55lNw&google_cver=1&google_push=AehlK4BkPjgRfOTbxcq1d9gNMoHEJzLloCYZsJxZbpVnNrFVYqEVEKHKW-iRjfDbR-fhnRdPBjtOqHF1Mgz3TXsaZGCMV8JFi7iOR1AIbs6VWEhLPzdezIwC-cs4nrw12X15F6MDkwuhBUw HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BkPjgRfOTbxcq1d9gNMoHEJzLloCYZsJxZbpVnNrFVYqEVEKHKW-iRjfDbR-fhnRdPBjtOqHF1Mgz3TXsaZGCMV8JFi7iOR1AIbs6VWEhLPzdezIwC-cs4nrw12X15F6MDkwuhBUw%26google_hm%3DBGJSZBS8KUJ2v-_O_58colo HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BkPjgRfOTbxcq1d9gNMoHEJzLloCYZsJxZbpVnNrFVYqEVEKHKW-iRjfDbR-fhnRdPBjtOqHF1Mgz3TXsaZGCMV8JFi7iOR1AIbs6VWEhLPzdezIwC-cs4nrw12X15F6MDkwuhBUw&google_hm=BGJSZBS8KUJ2v-_O_58colo
Request Chain 312
  • https://eb2.3lift.com/sync HTTP 302
  • https://eb2.3lift.com/sync?&ld=1
Request Chain 316
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://prebid.a-mo.net/setuid/magnite?uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1---
Request Chain 317
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=61d46240-18b0-4449-9aac-69a56f22fd95 HTTP 302
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=61d46240-18b0-4449-9aac-69a56f22fd95&verify=true HTTP 302
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A&gdpr=0&gdpr_consent=
Request Chain 318
  • https://onetag-sys.com/usync/?tag=img HTTP 302
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent= HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=abb6c59d-886a-4e5e-a6b1-9f2e25e02662&ssp=onetag HTTP 302
  • https://onetag-sys.com/match/?int_id=30&uid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&us_privacy=
Request Chain 319
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D61d46240-18b0-4449-9aac-69a56f22fd95&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F646%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D61d46240-18b0-4449-9aac-69a56f22fd95%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD02MWQ0NjI0MC0xOGIwLTQ0NDktOWFhYy02OWE1NmYyMmZkOTU%253D%26uid%3D%24UID
Request Chain 322
  • https://ad.turn.com/r/cs?pid=9&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 323
  • https://match.adsrvr.org/track/cmf/openx?oxid=cfd54a14-41d2-7ff6-d65c-4fb8c73389a4&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=24de8755-1fd5-4995-84de-10c316ebc90a&ttd_puid=cfd54a14-41d2-7ff6-d65c-4fb8c73389a4&gdpr=0&gdpr_consent=
Request Chain 324
  • https://tg.socdm.com/rtb/sync_before?proto=openx HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwR.bMCo8YUAAItRBh0AAAAA
Request Chain 325
  • https://cr-p3.ladsp.jp/cookiesender/3 HTTP 302
  • https://cr-pall.ladsp.com/cookiesender/3 HTTP 302
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AR0QHPQBrGxLks8ADsWuCeMFxs8AAAGCyY3Z_Q
Request Chain 327
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
Request Chain 329
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=medianet
Request Chain 330
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Drkt%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D%7Buserid%7D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=rkt&refUrl=&vid=12388923893042404891537389000V10&ovsid=1991787313928468380
Request Chain 332
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dapx%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D%24UID HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=apx&refUrl=&vid=12388923893042404891537389000V10&ovsid=7212820068730442693
Request Chain 333
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dopx%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D HTTP 302
  • https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=opx&refUrl=&vid=12388923893042404891537389000V10&ovsid=07f9238b-ead2-4516-b513-31d675dc1b78
Request Chain 334
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dr1%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7739512854 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/24de8755-1fd5-4995-84de-10c316ebc90a HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dr1%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DRX-62526414-bc29-4276-bfef-ceff9f1ca25a-004 HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=r1&refUrl=&vid=12388923893042404891537389000V10&ovsid=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004
Request Chain 335
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Ddxu%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D_wfivefivec_ HTTP 302
  • https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=dxu&refUrl=&vid=12388923893042404891537389000V10&ovsid=1UmzCIQq1Oqo7E5
Request Chain 336
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40 HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bc7d5c35-5191-4276-945f-151cce41f324
Request Chain 337
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&google_hm=OWU1ZmMyNjAtMGU1Yi00MTcxLWE3ZWQtYTBkYmU5MWRkMjRj HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMLpubEIKvjJ4RQ7ZLpDBMI&google_cver=1&ssp=medianet&bsw_param=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c HTTP 302
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 338
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dzem%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=wRWUbjlXkwITcYHQCR_0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXKJLVKYTKNRMGW52JKRRVSSCRINJF6MBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTEMZYHA4TEMZYHEZTANBSGQYDIOBZGE2TGNZTHA4TAMBQKYYTAJTWONUWIPJTGA2DENBQGQ4DSMJVGM3TGOBZGAYDAVRRGA HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXKJLVKYTKNRMGW52JKRRVSSCRINJF6MBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTEMZYHA4TEMZYHEZTANBSGQYDIOBZGE2TGNZTHA4TAMBQKYYTAJTWONUWIPJTGA2DENBQGQ4DSMJVGM3TGOBZGAYDAVRRGA
Request Chain 339
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3042404891537389000V10 HTTP 302
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3042404891537389000V10 HTTP 302
  • https://contextual.media.net/cksync.php?type=mf&ovsid=8fa55afc-8635-4292-95dd-e95e9087ec97&cs=1
Request Chain 353
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=1&gdpr_consent=
Request Chain 355
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7212820068730442693
Request Chain 357
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN2sg2_f1RpS9V9heomGH8LUu85zyVcQ
Request Chain 359
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCO38kZgGEgUI6AcQAEIASgA HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 360
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Mf6u5BUTLNdlSNSEYPOQBFO3ayWCehbM3lkx_lMAPDM
Request Chain 362
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
Request Chain 364
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
Request Chain 367
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=3658&xuid=24de8755-1fd5-4995-84de-10c316ebc90a&dongle=0cfd
Request Chain 368
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODg2NDg0MDE1NjE0MzQ5MTg3Mjg2 HTTP 302
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE1TvKpZktWLQ5bC3aB_PBg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 370
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODg2NDg0MDE1NjE0MzQ5MTg3Mjg2
Request Chain 371
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=886484015614349187286&dbredirect=true&gdpr=0&consent= HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=886484015614349187286&dbredirect=true&gdpr=0&consent=&cookiesTest=true HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e8603767-a080-4ed4-8b35-1b7e2d3a336f&_noobservation=1 HTTP 302
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e8603767-a080-4ed4-8b35-1b7e2d3a336f&_noobservation=1&_expected_cookie=1996aba7fbc7600e192000149c70117a
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=886484015614349187286&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&ssp=triplelift&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Dtriplelift%26gdpr_consent%3D%26gdpr%3D0 HTTP 302
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c4f96cd0-0c1f-4938-b591-0fbf02111cad&ssp=triplelift&gdpr_consent=&gdpr=0
Request Chain 374
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/886484015614349187286?gdpr=0&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-102jfxlE2oSgnRV5iY3_K8rLn9P_On7duzp0oddFLg--~A&dongle=0883
Request Chain 375
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=886484015614349187286 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=886484015614349187286&dcc=t
Request Chain 376
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=CK143zJNumpPsunND2RL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5INFTCNBTPJFE45LNOBIHG5LOJZCDEUSM&gdpr=0 HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5INFTCNBTPJFE45LNOBIHG5LOJZCDEUSM
Request Chain 386
  • https://match.adsrvr.org/track/cmf/rubicon HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=&expires=30
Request Chain 387
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJWDCZN94UHdt-7j7VYCbFM&google_cver=1
Request Chain 388
  • https://id.rlcdn.com/709414.gif HTTP 307
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Request Chain 389
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmE2M2ZhMDAwZWYxNzM2MWMzZmI1NTdkNTdjM2MyMmQwOTg1MWIyYw
Request Chain 390
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VGY16v7ISPaE9q6LPoNREw&rk=usync-na
Request Chain 391
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id= HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Request Chain 392
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc1VVFQNDYtMTgtQU9PUg==
Request Chain 393
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vjCbWg7-ULPX4IqFbr57b8n5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3279108649440249905
Request Chain 399
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 400
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-& HTTP 302
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1YN-
Request Chain 401
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=7212820068730442693
Request Chain 402
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
Request Chain 403
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
Request Chain 404
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZTYxODc1NDYtZTNhZC00NTZiLTgwMWEtN2Q0OGE0MjAwZDgzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yM1QwNzoxNDo1NC4yMjMzNjVaIn0=
Request Chain 405
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=2340869888 HTTP 302
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=abb6c59d-886a-4e5e-a6b1-9f2e25e02662&ssp=adconductor HTTP 302
  • https://sync.1rx.io/usersync/bidswitch/9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c?gdpr=&gdpr_consent=
Request Chain 406
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=1978557990575788388
Request Chain 407
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=332&uid=9bde90f4-d27a-48f1-8a8f-295ce804e756
Request Chain 408
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F231%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D61d46240-18b0-4449-9aac-69a56f22fd95%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Request Chain 409
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
Request Chain 410
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-b2512687-4128-3554-914e-191ef655ff02
Request Chain 411
  • https://ups.analytics.yahoo.com/ups/58632/occ HTTP 302
  • https://ads.servenobid.com/sync?pid=339&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
Request Chain 413
  • https://match.adsrvr.org/track/cmf/casale HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24de8755-1fd5-4995-84de-10c316ebc90a&expiration=1663830893&gdpr=0&gdpr_consent=
Request Chain 414
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&dcc=t
Request Chain 415
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOibwBtNeQegsUdZ0GCIQeQ&google_cver=1
Request Chain 417
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent= HTTP 302
  • https://stags.bluekai.com/site/23178?id=5xvKKHPLjLFxeh4ne40b&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NLYOZFUWSCQJRVEYRTYMVUDI3TFGQYGE HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NLYOZFUWSCQJRVEYRTYMVUDI3TFGQYGE
Request Chain 418
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID) HTTP 302
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7145252931160927258&uid=Q7145252931160927258&ref=%2Feucm%2Fp%2Fcc HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7145252931160927258
Request Chain 419
  • https://match.prod.bidr.io/cookie-sync/ie HTTP 303
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1 HTTP 303
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHwkE7GCP0AAA_STV2ynw&expiration=1662448494
Request Chain 420
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwR.ak-wLMs5-uM0uZ1hzwAA%26857?gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
Request Chain 422
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L75UQP46-18-AOOR HTTP 302
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L75UQP46-18-AOOR
Request Chain 423
  • https://c1.adform.net/serving/cookie/match?party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Request Chain 424
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Request Chain 425
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
Request Chain 427
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Request Chain 428
  • https://cm.ambientdsp.com/cm/send?vc=pmj HTTP 301
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=ws4zfx9llln HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Request Chain 429
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1UmzCIQq1Oqo7E5&gdpr=0&gdpr_consent=
Request Chain 430
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=924108502 HTTP 302
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Request Chain 432
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=492aed34-22b3-11ed-8d50-b1ea5d048eea
Request Chain 433
  • https://gocm.c.appier.net/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=nWVhSbTmD92Rzn2-bX4EYw HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Request Chain 434
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=165b4480044d47dc965ac2557d877be5
Request Chain 435
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Request Chain 439
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93c687e3-316c-474c-8a4b-a702beb6378b-tuct9fe03ed&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 441
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ULs9_Tg0SSCqnryNR7WB5g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 442
  • https://idsync.rlcdn.com/420486.gif?partner_uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6 HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f77493b8d39e856e7ca20f0364973e0a1b3910cb2744911825130da4ae8c1bde791426b5417dce21&_=2 HTTP 307
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmNzc0OTNiOGQzOWU4NTZlN2NhMjBmMDM2NDk3M2UwYTFiMzkxMGNiMjc0NDkxMTgyNTEzMGRhNGFlOGMxYmRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7vyRmAYSBAgCEABCAEoA HTTP 302
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNzc0OTNiOGQzOWU4NTZlN2NhMjBmMDM2NDk3M2UwYTFiMzkxMGNiMjc0NDkxMTgyNTEzMGRhNGFlOGMxYmRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7vyRmAYSBAgCEABCAEoA&google_gid=CAESEPjAunF1TnYYpmAyLqMcv1Q&google_cver=1
Request Chain 443
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=004f6304-7e6b-4b00-a26e-aa0f898bca5d
Request Chain 444
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTBCQjNERkQtMzgzNC00OTIwLUFBOUUtQkM4RDQ3QjU4MUU2&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 445
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHouKwWMjjh7xCMeCTwTO1c&google_cver=1
Request Chain 446
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6B0FC4D757894CECAB2A9E4B67E678A3 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 448
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=24de8755-1fd5-4995-84de-10c316ebc90a
Request Chain 449
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7212820068730442693&gdpr=0&gdpr_consent=
Request Chain 450
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=88ICXfKUBF7olAAP9ckfWKDIV1DoxgJao5IIuBS9
Request Chain 451
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=433&user_id=1r2xk7oqbsk2&ssp=pubmatic
Request Chain 452
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1pefsRpE2uW5skhRTQfX3z0FNUqI9cc-~A&gdpr=0&gdpr_consent=
Request Chain 453
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3891991464737702653 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Request Chain 454
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 455
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&gdpr=0&gdpr_consent= HTTP 302
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6b3f0024daaf2260&is_secure=true&networkId=17100&version=1&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNmll1gqYWQN4sp9nAAAAAAA&expiration=1661325294&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&is_secure=true&gdpr_consent=&gdpr=0
Request Chain 456
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7212820068730442693
Request Chain 459
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7212820068730442693
Request Chain 460
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwR_awABwDl4EwBN
Request Chain 461
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&gdpr_consent=&us_privacy=&gdpr= HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
Request Chain 462
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=004f6304-7e6b-4b00-a26e-aa0f898bca5d
Request Chain 464
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE HTTP 302
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=492aed34-22b3-11ed-8d50-b1ea5d048eea
Request Chain 465
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent= HTTP 307
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7f3cf545-6bec-4997-9754-f06e33eec8ea&us_privacy=null&gdpr_consent=null&gdpr=null
Request Chain 470
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1258785339656606146&gdpr=0&gdpr_consent=
Request Chain 472
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent= HTTP 302
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=smartadserver HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=433&user_id=1bf1c5ctg819&ssp=smartadserver
Request Chain 473
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03030002_63047e6c43acd&knw=1
Request Chain 474
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN3tLFQPxlCJ3OGRZHG0N3b0-Bzw6WxA
Request Chain 475
  • https://id.rlcdn.com/711916.gif?ct=4&cv= HTTP 307
  • https://onetag-sys.com/match/?int_id=110&uid=
Request Chain 476
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Request Chain 477
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=2&uid=L75UQP46-18-AOOR&gdpr=0
Request Chain 478
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID HTTP 302
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7212820068730442693
Request Chain 480
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid] HTTP 302
  • https://onetag-sys.com/match/?int_id=107&uid=3611329998867518103
Request Chain 481
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1 HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KIPifx4vWQIPq95dwn5sTiI6nYiEhafJ7i6GU15rIuQ
Request Chain 482
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID HTTP 302
  • https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Request Chain 483
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm HTTP 302
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
Request Chain 484
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=92&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
Request Chain 485
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent= HTTP 302
  • https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
Request Chain 486
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&ssp=onetag&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0
Request Chain 489
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=7212820068730442693
Request Chain 490
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_87179a4f-7e60-46e5-a05d-3effcdd85999&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c
Request Chain 492
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=38e8ee64-69c7-47a0-b127-5f550f6388e2
Request Chain 493
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-161e88a1-ec7c-4019-47a2-440023cf4dda$ip$103.209.254.77
Request Chain 494
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-cdY.cU5E2pdxUiGE7.xOUShWFCkzrYF7W_Gu~A
Request Chain 498
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_87179a4f-7e60-46e5-a05d-3effcdd85999&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=CK143zJNumpPsunND2RL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Q2LGE2DG6SKJZ2W24CQON2W4TSEGJJEYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Request Chain 499
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Request Chain 500
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=1359365653
Request Chain 504
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Request Chain 505
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
Request Chain 508
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=ttd&i=24de8755-1fd5-4995-84de-10c316ebc90a
Request Chain 510
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=YwR.bsCo8YUAAItRBr4AAAAA
Request Chain 511
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=iex&i=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
Request Chain 513
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum

509 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
www.bg3.co/a/ 		49 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
84.17.37.44 Central, Hong Kong, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
unn-84-17-37-44.cdn77.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bb6c4af389ff03d7b0fbb9cf432598ee3b3a56246d5aa0ea3edfdb020aab1227

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
max-age=3600
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Tue, 23 Aug 2022 07:14:43 GMT
ETag
"c4f5-tB6llABa+oss3CBVt36DIQigPMw"
Expires
Tue, 23 Aug 2022 08:14:43 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding
v0.js
cdn.ampproject.org/ 		276 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
72499
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 07:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=3000, stale-while-revalidate=1206600
etag
"566a4cf199592f12"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 07:14:44 GMT
amp-sidebar-0.1.js
cdn.ampproject.org/v0/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-sidebar-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9657
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 07:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"d1fae90a9114f57d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 07:14:44 GMT
amp-auto-ads-0.1.js
cdn.ampproject.org/v0/ 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-auto-ads-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7576
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 07:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"df45f464576212d8"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 07:14:44 GMT
amp-analytics-0.1.js
cdn.ampproject.org/v0/ 		109 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0/amp-analytics-0.1.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31989
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 07:14:44 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
private, max-age=604800, stale-while-revalidate=604800
etag
"a1b1c4bb043ec9da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 23 Aug 2022 07:14:44 GMT
sdk
cdn.aralego.net/ucfad/sdk/apac-sg/
Redirect Chain
  • https://ads.aralego.com/sdk
  • https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
42 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:44 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2790
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43300
last-modified
Mon, 25 Jul 2022 08:38:19 GMT
server
cloudflare
etag
"62de567b-a924"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z3ZoIiioPBRaCszvBMNq0mMV64a0RKH8o6JXPJnnP8EWxcV3P6b0IZElIaVU%2Bd9%2FCNVNmSHFW7cgXd96UzOO3iwsJsCHf1xg6yH0D1xDThxi%2FKeSsLhapTAA41NGoGnEnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
73f20d943b2b5a91-MEL

Redirect headers

Location
https://cdn.aralego.net/ucfad/sdk/apac-sg/sdk
Connection
close
Content-length
0
adRecover.js
delivery.adrecover.com/43519/ 		36 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://delivery.adrecover.com/43519/adRecover.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:44 GMT
content-encoding
br
last-modified
Tue, 23 Aug 2022 07:00:18 GMT
server
nginx/1.18.0
etag
W/"63047b02-8ea7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=REVALIDATE, edge; dur=7, origin; dur=221
content-length
9533
expires
Tue, 23 Aug 2022 08:14:44 GMT
adpushup.js
cdn.adpushup.com/42753/ 		513 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/adpushup.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 07:14:44 GMT
content-encoding
br
last-modified
Fri, 19 Aug 2022 10:07:01 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=69
x-cf-geodata
AU
content-type
application/javascript
content-length
120666
expires
Tue, 23 Aug 2022 08:14:44 GMT
a18de0d444c452ea7bfe432b9910712d.jpg
static.bg3.co/imgs/202106/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/a18de0d444c452ea7bfe432b9910712d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
090ac7fdf7912708bf6e3335fc6d3eb5da2be58c78c243e934b5e93512a6df35

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 08:19:18 GMT
server
cloudflare
etag
"A18DE0D444C452EA7BFE432B9910712D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XYVftJogRPi532K3uAcMIiA2S%2FhFByO6cTw6uTo0XQvtCUj4QW%2BOnA4lBaUHYlkdx4DTC19zpSByj7X9Zu3FKU0YTb73bkYt318DWgW4LcmXIUdXjhQMcRxN0rgIqsw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d958aa93771-MEL
content-length
8277
expires
Tue, 30 Aug 2022 07:14:45 GMT
9030d18c2144907f6b6a12b805fae89d.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/9030d18c2144907f6b6a12b805fae89d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
672b52a518419085b090e36b2299db83c317229e35a653dc1e2205814d60d559

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Fri, 21 May 2021 17:16:17 GMT
server
cloudflare
etag
"9030D18C2144907F6B6A12B805FAE89D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n5v5%2BMuPo%2FZv1E5%2BFZhX9HCeWTm5VFpIGiSRMM4Tr6RyBmpy1EDN7AW234ONk5ydmSgLKiG9cxNSMN5tohbzM%2FyqbDh%2FoSPwnFTptV0Iqfp2TvAuXK6bQN%2BcJzHPfKI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d958aab3771-MEL
content-length
7478
expires
Tue, 30 Aug 2022 07:14:45 GMT
8a5659028e70c6245a74a055b0d152e9.jpg
static.bg3.co/imgs/202106/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/8a5659028e70c6245a74a055b0d152e9.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f5a7b5f909e58b8dd7be1bb88a076a12e86780f89eafd3b994e6d4ceb4abcfd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 18:30:20 GMT
server
cloudflare
etag
"8A5659028E70C6245A74A055B0D152E9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cqIAsPaCztq2Cy3nfR7UvU8qK2rJs9zGS89Sp8y8zLLWFnaZ8gt81t59lxmr2eIWguO%2BL73Jo9L0uFkUl0P7rqXgyQK3twg05TbcuAYrv3Q8xyyewA3mGCB3BL%2Fy6s8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d958aac3771-MEL
content-length
4716
expires
Tue, 30 Aug 2022 07:14:45 GMT
5129f88f880f4e4acdbbc9fe4a37ed01.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/5129f88f880f4e4acdbbc9fe4a37ed01.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1234f3361c8f2883c2713ae31e92a010cf2d8d369c797a26468413eba569dd2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Sun, 30 May 2021 08:42:47 GMT
server
cloudflare
etag
"5129F88F880F4E4ACDBBC9FE4A37ED01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8LcRq8ayQj17VZ4%2Bi6gwbPy8iQ1C2MZ3dHXfa1bUwLc08qbtQOTHmoIg8y1FTy9%2B2vZw5H4EfzYxjnGEnakk9izW3DF%2B7QVZemdvgQPFkg%2FhqkVFEl6%2FXhMqcPw9Cc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d958ab13771-MEL
content-length
7619
expires
Tue, 30 Aug 2022 07:14:45 GMT
bfc2d694c3913939dba0050e71ce0f41.jpg
static.bg3.co/imgs/202105/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/bfc2d694c3913939dba0050e71ce0f41.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c5cff4bce81711eb98387befd847f24f70610d1f19753f70bbd9a927b1543b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Fri, 28 May 2021 18:55:38 GMT
server
cloudflare
etag
"BFC2D694C3913939DBA0050E71CE0F41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7FPZCIjACwIwxTxbz81d2iXnV3EE%2BqBbNppM4ohzFODTb2ivcDnKZ1746QjawN4xaB%2BLZfe2gPOykoLXmU5W%2BZipT4E13T9uTMXRmJo5MT%2BHO7Huj90%2Bagh6s54zCtY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d958ab03771-MEL
content-length
7657
expires
Tue, 30 Aug 2022 07:14:45 GMT
52d36e44311cbd1c6f21ac19c7df637d.jpg
static.bg3.co/imgs/202106/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/52d36e44311cbd1c6f21ac19c7df637d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
554f83475d104e6d126d6141c6390ed0290858fd587c14d48a4bf06457e50997

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Mon, 07 Jun 2021 06:07:27 GMT
server
cloudflare
etag
"52D36E44311CBD1C6F21AC19C7DF637D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ErkUOA19jfiSklryvUV8RdiFrQLF9BhTsoKXL1LAjQCCuWygOK97%2Fqx6%2FYDJG4rT8sJS%2FZPFUDhSnJSuEctloQ3FCzFHD6bvQ6xoTHRJ4%2B19w5yaeuodsc4ZZF7aWAw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d958aa53771-MEL
content-length
9191
expires
Tue, 30 Aug 2022 07:14:45 GMT
37fb8c5a40bb36ed3f59ef775d67579c.jpg
static.bg3.co/imgs/202105/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/37fb8c5a40bb36ed3f59ef775d67579c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67aed7879e0c8d89941711779d2b4adb08639ef6bc984e612ef807669ddeac0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 07:45:04 GMT
server
cloudflare
etag
"37FB8C5A40BB36ED3F59EF775D67579C"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPdmtKv%2BGpPF%2FmUbWuWtaMe4r0SDU0zYKOG0jIEsv8pniVSd4oE%2BGF3v8HrrelSnCXK3HQVXsLYMZKOXDvA84tNqtkCOZQUwbEhlvU9aEmshnpuJITfLxVtnz4Ht1zI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d957aa33771-MEL
content-length
6638
expires
Tue, 30 Aug 2022 07:14:45 GMT
4c7e8006bc682419341df10ddc66788d.jpg
static.bg3.co/imgs/202106/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/4c7e8006bc682419341df10ddc66788d.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e37b29ddddf1ca555284cfe7ac528c7c424fc61da81ad386a33d5e41cb0b661d

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Thu, 03 Jun 2021 19:28:35 GMT
server
cloudflare
etag
"4C7E8006BC682419341DF10DDC66788D"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GHnz%2Bh07Nkd0AJgBfOoQ8JdBTjswCsK87rnIhFWozrbUBAjpLcRmRKYFAndUwzJAO0AMBTaWE3fVtVAN%2FQXq31ztYBr4deM9VI1SryApIoHUSniUwYTxAMmDoeNWedE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd483771-MEL
content-length
5943
expires
Tue, 30 Aug 2022 07:14:45 GMT
21916ab6869f859a48a519363498e6ae.jpg
static.bg3.co/imgs/202105/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/21916ab6869f859a48a519363498e6ae.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ad729ac5b9b937840e8495d19033e9ae12b6d2100d4cad9aee3cfaa995c6cfe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 05:51:10 GMT
server
cloudflare
etag
"21916AB6869F859A48A519363498E6AE"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=83D7bBPYBqp3OIiLTcwnwOQwfWlVDrx4G%2BM4I5ZeEA77sG5%2BXJK%2BPl0%2B0pphdetIye47R3GKSgeGGmyYkjGkPxd2b%2FEev8NKoVx1G9vvGXS9ok6fviJOZyddsruo2HI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd4c3771-MEL
content-length
9610
expires
Tue, 30 Aug 2022 07:14:45 GMT
fee9d6644e24bdea79a7cdb2726234a5.jpg
static.bg3.co/imgs/202105/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fee9d6644e24bdea79a7cdb2726234a5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246c359f33b48f053a9bfdf66b736791cdf015e5c2288d388c87173e5de0508e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 19 May 2021 08:37:27 GMT
server
cloudflare
etag
"FEE9D6644E24BDEA79A7CDB2726234A5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uBu%2BrwwDwSe5LHyKoi2NmjSAMrdF5NwopTwqJ8IJyfDWOTpI0CETzU1TTeQLEAUKTeJL6Pd6YiZoM6yzhrrpQECEVZb9UDT%2B4zlajO7NoWBT8gZphmfJ0aijNwF5th0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd4d3771-MEL
content-length
4496
expires
Tue, 30 Aug 2022 07:14:45 GMT
c49ffdfb4430351ae4e458d5366589c2.jpg
static.bg3.co/imgs/202105/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/c49ffdfb4430351ae4e458d5366589c2.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c36344b8f26c0f0df4305dd596d17a34d754bbd5c74ad01aa016f9285e45b74

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 02:14:41 GMT
server
cloudflare
etag
"C49FFDFB4430351AE4E458D5366589C2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AG5jEgLlCrJacA2%2FxE8DY8vNBiQpmOMuQA%2F6Ow1tVnJ1oD8TnvQtBRB0Px%2Ba8i2qBXmhKusXuvqs7RjWV5adgR7M9m6uJC2fScU0LhuGvOZPZ6%2BFlhzg3sceHsJ4sEk%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd4f3771-MEL
content-length
2766
expires
Tue, 30 Aug 2022 07:14:45 GMT
fb9714433aa2700b3be107ee6c1988e5.jpg
static.bg3.co/imgs/202105/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/fb9714433aa2700b3be107ee6c1988e5.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1ed4fbf10ad677f9ad23db958dfa09a1b8181a9543031414d4e33581dec8ad0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Mon, 24 May 2021 10:12:55 GMT
server
cloudflare
etag
"FB9714433AA2700B3BE107EE6C1988E5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XWy74XKsjxFGDCQD%2BMbW2z5FbgZRENaO3xVR92BKseB%2FAns1%2BeJW4gbe7zSkYvfnZGW9%2FbcmDnDCXWyeVq4njTTKTezugOpwLqbj2JwLysIwKPCfYfUe%2BXs4OViG4zg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd503771-MEL
content-length
6690
expires
Tue, 30 Aug 2022 07:14:45 GMT
5b104b386a7b2dc72fe0d785f255d45c.jpg
static.bg3.co/imgs/202107/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202107/5b104b386a7b2dc72fe0d785f255d45c.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46099df616e91dfd4ed3de7cb1450caea1b1fbf933e8ed4117b8df48cb5eb062

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 14 Jul 2021 06:47:25 GMT
server
cloudflare
etag
"5B104B386A7B2DC72FE0D785F255D45C"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6aZwJq7MthGmd5JgMnuTkVED3xE%2BWxAgbLom0aFFWUA%2Fv8RBTKFm3if0%2BEOmYdORUHivYQ%2BXrYHnZcJvGDAj8fdGVEMEJFrFT4AckhIEozGLqopuhAXBvv2xM1kAMDc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd513771-MEL
content-length
11155
expires
Tue, 30 Aug 2022 07:14:45 GMT
8620f11e6bf9cde3ecda9d8cb4618d5a.jpg
static.bg3.co/imgs/202105/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/8620f11e6bf9cde3ecda9d8cb4618d5a.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a29f2cd392c7f9b75f34c68946a3c95b13d66ce1fd2942946e2f6b1744abf238

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 01:57:01 GMT
server
cloudflare
etag
"8620F11E6BF9CDE3ECDA9D8CB4618D5A"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ho0jSxXs1ZjKkvB73S8%2FLSqX9R5Cl386JrLAgaYj2ja38Yl1v2dEwDkteh69%2BlwctNvA3qH76zSJvm0iaVr8pOatM87HhLWw%2F3JSYnAtu%2BpF7or1zwYuZHVpamcAAM%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd533771-MEL
content-length
8327
expires
Tue, 30 Aug 2022 07:14:45 GMT
ef108fb2ee62dd3d4d59f65123ea25b1.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/ef108fb2ee62dd3d4d59f65123ea25b1.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc66d4e259bbcfb9e1c4b8531294385a863d04ea6b22e498a1e967124c7b571

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Jun 2021 05:54:30 GMT
server
cloudflare
etag
"EF108FB2EE62DD3D4D59F65123EA25B1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HrlAVvMkBO389J328%2BETT9BEhvY%2FJfcxEtGsRdAJZUIHvTuHLqvUu9LxL4PbMYYSvR%2BmwrIIAeBBxwHtfSCBr3Hp%2Bmjv9MxGXp%2Bqsj2KGuMeoCvbUNGbeY%2Bb3tgIez4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd563771-MEL
content-length
6196
expires
Tue, 30 Aug 2022 07:14:45 GMT
f08c76895eaf70db7983ffcc7507c1b8.jpg
static.bg3.co/imgs/202106/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/f08c76895eaf70db7983ffcc7507c1b8.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c22f77404b69c55f5c66c1b762e22715a1552515a568c23437860afa5d96cca

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Tue, 08 Jun 2021 01:15:27 GMT
server
cloudflare
etag
"F08C76895EAF70DB7983FFCC7507C1B8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6kEgEMy2%2F%2Fw%2BIiHJGGTEPoBAsMlzu%2BBf6GSmWx45rfLqm0Wxb7ADThzy3zRnGFKH69xTsFXD9v5mGhViM88XbkprMYEh%2BGRF8b0ZizvHA2O30DZMQ1qK5pWqSqhNS%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd583771-MEL
content-length
6496
expires
Tue, 30 Aug 2022 07:14:45 GMT
c7f8daf6d1bbaf6e5c88b43a31de3da4.jpg
static.bg3.co/imgs/202106/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/c7f8daf6d1bbaf6e5c88b43a31de3da4.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ddd856293e292dd76897e078bd95b974306d6101404379aba6a01525d18f856

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Sun, 06 Jun 2021 01:29:21 GMT
server
cloudflare
etag
"C7F8DAF6D1BBAF6E5C88B43A31DE3DA4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEe2WejYvqOomydQP%2FLieVOZz8OF%2F0gEmBBIm%2Bvo2SiTE6lhGLa0RGaqxsD%2FjRN67t3DtsNBQN5LGKa%2FSe2%2Bp53pmpTbx5dcqB9etmeR%2FnaZqpCEl2JXhc%2Ftjo89DO4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd593771-MEL
content-length
16662
expires
Tue, 30 Aug 2022 07:14:45 GMT
b98dd286fd23458e3a886d9a723f1d9b.jpg
static.bg3.co/imgs/202105/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/b98dd286fd23458e3a886d9a723f1d9b.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
334f93c83f162f7190b0b50cc5677b01aaa362a8b44473e69a176cacff11a940

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Wed, 26 May 2021 12:13:19 GMT
server
cloudflare
etag
"B98DD286FD23458E3A886D9A723F1D9B"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2DF4M3A%2BRNN7qxRv3GlBVFnPiyx%2FQycZIbY8pHSQtMLnHnzN5BwDpWxYXQnO4xcS0n1xKUNZcVV%2BhnRBZWY%2FnxRLBVsM3jgXHOR8sw5MYrUrBb7DD1uLUoK8%2Bcv%2BGL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd5b3771-MEL
content-length
8659
expires
Tue, 30 Aug 2022 07:14:45 GMT
43cc5f6a4ff798490a5b4a2744daecb7.jpg
static.bg3.co/imgs/202105/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202105/43cc5f6a4ff798490a5b4a2744daecb7.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15a73accfd667e58445a7b0d1eabbd59df5e18f5b554f9805b713f49756044f7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Sat, 22 May 2021 04:19:17 GMT
server
cloudflare
etag
"43CC5F6A4FF798490A5B4A2744DAECB7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=upFF5nWXKYCYlYA3mD1Z0A9Hi7GdMgVqgMMGZTLjbBynRpcIVPKGUdhrTFjfb1KUAS03rM1jok5Ox2kzf4%2F8rFoWZUyyGq4BZnSDKNyigu9790DuK36c3YLSrJcttKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd5c3771-MEL
content-length
6283
expires
Tue, 30 Aug 2022 07:14:45 GMT
8656e4e21a53a3c691c14fafcee8ecfb.jpg
static.bg3.co/imgs/202106/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.bg3.co/imgs/202106/8656e4e21a53a3c691c14fafcee8ecfb.jpg?w=150&h=100&q=100
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.72.16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e900fc15b08de961ba57697f07cb1458e8acc07bcd85e341604da3ff6b01274

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
cf-cache-status
MISS
last-modified
Tue, 01 Jun 2021 11:39:58 GMT
server
cloudflare
etag
"8656E4E21A53A3C691C14FAFCEE8ECFB"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FaHGkIILda2SirSeXan0SwpK7dC7Rm4A2dn6%2FnYhR6p6uh%2BBRsKxnn0nsWInoW6HY7LpOM4r0TZJSwePDgUn3xqubivEb5USSYMwkoT1XKW7WnDLkKy%2FatQaL%2BPIwPU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges
bytes
cf-ray
73f20d96dd5d3771-MEL
content-length
10365
expires
Tue, 30 Aug 2022 07:14:45 GMT
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
102569
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2977
x-xss-protection
0
server
sffe
date
Mon, 22 Aug 2022 02:45:15 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ab22edc768bc2763"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 22 Aug 2023 02:45:15 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
359685
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3843
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 03:19:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"e1102914dcffd250"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 03:19:59 GMT
amp-ad-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		81 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
258288
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23035
x-xss-protection
0
server
sffe
date
Sat, 20 Aug 2022 07:29:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"65c480cb2d2a17eb"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sun, 20 Aug 2023 07:29:56 GMT
ama
pagead2.googlesyndication.com/getconfig/ 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/ama?client=ca-pub-3216231935713038&plah=www.bg3.co&ama_t=amp&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
fd55646df908cf289bfcd99e2f430b2600e15e16aed2fd0f02a1fab9f34b8241
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
0
jquery-2.2.2.min.js
code.jquery.com/ 		84 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.2.min.js
Requested by
Host: delivery.adrecover.com
URL: https://delivery.adrecover.com/43519/adRecover.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-14e98"
vary
Accept-Encoding
x-hw
1661238885.dop111.la3.t,1661238885.cds227.la3.hn,1661238885.cds210.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
29880
ucfad-formats.css
cdn.aralego.net/css/dev/ 		975 B
625 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/css/dev/ucfad-formats.css
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:44 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3816
cf-polished
origSize=1191
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 16 Mar 2018 07:19:46 GMT
server
cloudflare
etag
W/"5aab7012-4a7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=McAjX0GfL4BRlC%2BMNqMKhouH0rgyY%2BpMQcL0Zpmxuxfkb1siyPZDdDEhX6J%2F3%2BEvMU%2BXGLW68g5H8%2F7GQcWdpJYlP%2F4CD7YT9FS5o76TLyPMFA8%2FnVG2eiJvB6Ku2OBFAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
access-control-allow-credentials
true
cf-ray
73f20d94dc645a91-MEL
cf-bgj
minify
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
d13eef70c5960e5ebccdd001715bb8aedee3b6c0be3a028512eea8b8d0537493

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:45 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
idRequest
sync.aralego.com/ 		46 B
488 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sync.aralego.com/idRequest?lang=en-US,en&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif&
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
d13eef70c5960e5ebccdd001715bb8aedee3b6c0be3a028512eea8b8d0537493

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:45 GMT
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Allow-Credentials
true
Connection
close
Content-Length
46
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=0&cb=0.5042865165228843&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:45 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
ad_request
ads.aralego.com/ 		508 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.aralego.com/ad_request?sw=1600&sh=1200&ifr=0&bl=en-US&je=1&dnt=0&host=www.bg3.co&u=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&adid=ad-627443DBE4283AB9F7A46EA83243447&w=336&h=280&ver=UCX_WEB-20200113&pos=1&seq=1&cb=0.05963458822955037&gdpr=1&euconsent-v2=%24%7BGDPR_CONSENT_607%7D&format=336%2C280%3B&lang=en-US%2Cen&deviceInfo=8416001200&pixRatio=1&font=16px%20sans-serif
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
103.254.153.160 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:45 GMT
X-Width
336
X-Height
280
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,OPTIONS
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Access-Control-Expose-Headers
X-Width,X-Height,X-AdStyle,X-AdCap,X-AdWatchUrl,X-AdSource,X-SspId,X-Deal
X-AdSource
PSA
X-Adtype
html
Connection
close
Access-Control-Allow-Credentials
true
Content-Length
508
X-AdStyle
banner
jquery-3.6.0.min.js
code.jquery.com/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-3.6.0.min.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
nginx /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
last-modified
Wed, 16 Feb 2022 10:50:39 GMT
server
nginx
etag
W/"620cd6ff-15d9d"
vary
Accept-Encoding
x-hw
1661238885.dop111.la3.t,1661238885.cds227.la3.hn,1661238885.cds267.la3.c
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
30875
amp-sticky-ad-1.0.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		39 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-sticky-ad-1.0.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
16576
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10239
x-xss-protection
0
server
sffe
date
Tue, 23 Aug 2022 02:38:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"62cdf4b1a7a2ae40"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 23 Aug 2023 02:38:29 GMT
amp-ad-network-adsense-impl-0.1.js
cdn.ampproject.org/rtv/012208051912001/v0/ 		214 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-network-adsense-impl-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Origin
https://www.bg3.co
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
320044
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57907
x-xss-protection
0
server
sffe
date
Fri, 19 Aug 2022 14:20:41 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"900caa8e3e134c7a"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 19 Aug 2023 14:20:41 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3EC6 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
596c2cc6655f271a7e1de2980e23a505da2bb8ff13efb746b1e0a60ac199db92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40229
x-xss-protection
0
server
cafe
etag
15611604643775315931
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:45 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 3B05 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ad8461c6fa7ab61f3a458881569a9b6ecf186f409ec6a93b14e678e9e98fa53c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40221
x-xss-protection
0
server
cafe
etag
16030305548225435676
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:45 GMT
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame 78AB 		714 B
863 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73f20d99f8155ab4-MEL
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 07:14:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4k3d30y89jG%2BSqpo8l%2Fv34DqKMoe1xKL1IsLt4SPUFPo3WpHDOF%2FifuvHilPFYUyNgH9cqHKqVk4bmhnULSE%2FhHWyMy4P1M1CQKfhLnD7p4Vq9A19yictdEoWqvJ9wgVw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
idsync
sync.aralego.com/ 		35 B
384 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.aralego.com/idsync?gdpr=1&euconsent-v2=${GDPR_CONSENT_607}&
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.188.181 Central, Hong Kong, ASN133752 (LEASEWEB-APAC-HKG-10 Leaseweb Asia Pacific pte. ltd., HK),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:45 GMT
Connection
close
Content-Length
35
Content-Type
image/gif
cookieSyncIframe.html
cdn.aralego.net/ucfad/cookie/ Frame A4E5 		714 B
829 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Requested by
Host: ads.aralego.com
URL: https://ads.aralego.com/sdk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.5.103 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
age
1027
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
max-age=14400
cf-cache-status
HIT
cf-ray
73f20d9a083a5ab4-MEL
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 07:14:45 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Wed, 09 Feb 2022 05:59:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDju%2BJXgmgq67P8jD3GXS4LtObf2G3zMg97wF1rqtgHDDeIBGP%2FYMtjJd2b3%2F%2FR5oqiQZmNtvnyi2INr92rRXs%2B2jUxhtMmEn7J%2BGsqPrPOmtwH4yU2sVntNrtrRotU89w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
gtag.json
cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/ 		2 KB
931 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012208051912001/v0/analytics-vendors/gtag.json
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
545922
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
901
x-xss-protection
0
server
sffe
date
Tue, 16 Aug 2022 23:36:03 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
application/json
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d737f3c89b0705df"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 16 Aug 2023 23:36:03 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame 78AB 		83 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
eb27e6d5e41e67b47da040a4109466e455c252b0772b0f9f3a74954a5b0ec2ec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28609
x-xss-protection
0
server
sffe
etag
"1311 / 3 of 1000 / last-modified: 1661206097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 07:14:45 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame A4E5 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.aralego.net
URL: https://cdn.aralego.net/ucfad/cookie/cookieSyncIframe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
99d449712d5a8f936b9d3a8e381bd23ee663b98d0b8ca5bf4a4a2a09a3658b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28616
x-xss-protection
0
server
sffe
etag
"1311 / 585 of 1000 / last-modified: 1661206097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 07:14:45 GMT
block.jpg
delivery.adrecover.com/ 		631 B
866 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.adrecover.com/block.jpg?ts=1661238885531
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.5.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-5-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:45 GMT
last-modified
Wed, 23 Jun 2021 06:37:54 GMT
server
nginx/1.18.0
etag
"60d2d6c2-277"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
accept-ranges
bytes
content-length
631
expires
Tue, 23 Aug 2022 08:14:45 GMT
integrator.json
adservice.google.com/adsid/ 		86 B
572 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.json?domain=www.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
access-control-allow-origin
https://www.bg3.co
cache-control
private, no-cache, no-store
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
83
x-xss-protection
0
nameframe.html
d-40317529472723931178.ampproject.net/2208051912001/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://d-40317529472723931178.ampproject.net/2208051912001/nameframe.html
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f94.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
amp
www.googletagmanager.com/gtag/ 		610 B
808 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept
application/json
Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=utf-8

Response headers

date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
br
vary
*
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="amp.json"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
258
x-xss-protection
0
pragma
no-cache
amp-access-control-allow-source-origin
https://www.bg3.co
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
pb.42753.1660729490688.js
cdn.adpushup.com/prebid/ 		327 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
br
last-modified
Wed, 17 Aug 2022 09:45:26 GMT
server
nginx/1.18.0
etag
W/"62fcb8b6-51a96"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=7
content-type
application/javascript
content-length
93943
expires
Wed, 23 Aug 2023 07:14:46 GMT
93446157-f601-4c1c-9583-fb5a07621bfe
https://www.bg3.co/ 		4 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.bg3.co/93446157-f601-4c1c-9583-fb5a07621bfe
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
3743
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame 3EC6 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
35e41cdaa36382c69454eac396fb24c28bd850f83e0b21436a213b0ae6a2409f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122732
x-xss-protection
0
server
cafe
etag
12258783966808042754
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:46 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame 3B05 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
03b14184861a1442d9b7258bf4c6dc7ea78351be5179adda3857cd49dfc10272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
17620972829521432287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:47 GMT
collect
www.google-analytics.com/r/ 		35 B
396 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=%E8%B6%85%E5%B8%82%E9%A9%9A%E8%A6%8B%E7%BF%B9%E8%87%80%E6%AD%A3%E5%A6%B9%20%E5%A5%BD%E5%A5%87%E8%B7%9F%E7%9C%8B%E3%80%8C%E5%81%B4%E9%9D%A2%E6%AF%94%E8%83%8C%E9%9D%A2%E6%AE%BA%E3%80%8D%EF%BC%9A%E5%A4%AA%E9%8A%B7%E9%AD%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&sr=1600x1200&cid=amp-iB30bCViJa4IPRLMl01FQw&tid=UA-172083736-2&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&dr=&sd=24&ul=en-us&de=UTF-8&t=pageview&jid=0.659784695788276&gjid=0.6655352467750413&_r=1&a=5795&z=0.28425232053974403&gtm=2pu000
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame 78AB 		384 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 3E82 		603 B
242 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3216231935713038&format=1600x250&w=1600&h=250&ptt=12&adk=2733026255&output=html&bc=7&to=ampa&pv=1&wgl=1&asnt=0-8562404511470109277&dff=sans-serif&prev_fmts=1600x96&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&ifi=2&pfx=0&pwprc=1037897477&adf=470780615&nhd=0&adx=0&ady=3180&oid=2&is_amp=5&amp_v=2208051912001&d_imp=1&c=30401005795&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&ga_hid=5795&dt=1661238885740&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&bdt=2174&dtd=353&__amp_source_origin=https%3A%2F%2Fwww.bg3.co
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012208051912001/v0/amp-ad-0.1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:47 GMT
expires
Tue, 23 Aug 2022 07:14:47 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ Frame A4E5 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499224
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
quantcast.js
cdn.adpushup.com/pbuseridscripts/ 		450 B
505 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
br
last-modified
Mon, 28 Jun 2021 04:15:23 GMT
server
nginx/1.18.0
etag
W/"60d94cdb-1c2"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=31536000
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-type
application/javascript
content-length
211
expires
Wed, 23 Aug 2023 07:14:46 GMT
linkPreview.js
cdn.adpushup.com/42753/ 		72 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/linkPreview.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
br
last-modified
Thu, 14 Jul 2022 19:44:27 GMT
server
nginx/1.18.0
etag
W/"62d0721b-11ed1"
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=HIT, edge; dur=6
content-type
application/javascript
content-length
17440
expires
Tue, 23 Aug 2022 08:14:46 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/adpushup.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
99d449712d5a8f936b9d3a8e381bd23ee663b98d0b8ca5bf4a4a2a09a3658b64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28616
x-xss-protection
0
server
sffe
etag
"1311 / 582 of 1000 / last-modified: 1661206097"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 23 Aug 2022 07:14:46 GMT
sync
e3.adpushup.com/AdPushupFeedbackWebService/user/ 		70 B
476 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/user/sync
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
ap-cookie-status
cookies ap_uid and ap_usid are set
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
cookie.js
partner.googleadservices.com/gampad/ Frame 3EC6 		379 B
464 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
30f243b091c86829a73615c320e9b1adbcc598dc05ac440fc266c45e8405e9d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 3EC6 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3EC6 		107 B
196 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
adx.holmesmind.com/adx-file/20220802/ Frame 24D6
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134176&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fw...
  • https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
673 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-114.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
412
content-length
673
content-type
text/html
date
Tue, 23 Aug 2022 07:07:58 GMT
etag
"48eae0cda160246f65db69ea3a0e8b6a"
last-modified
Tue, 02 Aug 2022 04:45:52 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-id
CDEXL7WvvqdzkgpARznOFMbXraIDmw0ZzNwMHZ_AeTmxk4G5GvU53w==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
AXCXhborHznj.8nLhhiA1470QYBmIoZE
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:47 GMT
location
https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEyMzg4ODY1ODAsInBhY2tldElkIjoiMDAwMEE3MDEtOGQyM2E4YmEtZDkyOS00M2E0LTk4ZGMtNTY3ODYzYmM0YmEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tc2hpLWxpYW5nLWppYW4tcWlhby10dW4temhlbmctbWVpLWhhby1xaS1nZW4ta2FuLWNlLW1pYW4tYmktYmVpLW1pYW4tc2hhLXRhaS14aWFvLWh1bi5odG1sIiwibW9kZSI6NCwiZXJyb3JDb2RlIjowLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
testmode
e3.adpushup.com/AdPushupFeedbackWebService/feedback/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback/testmode?data=eyJjcmVhdGVkVFMiOjE2NjEyMzg4ODY1ODEsInBhY2tldElkIjoiMDAwMEE3MDEtOGQyM2E4YmEtZDkyOS00M2E0LTk4ZGMtNTY3ODYzYmM0YmEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tc2hpLWxpYW5nLWppYW4tcWlhby10dW4temhlbmctbWVpLWhhby1xaS1nZW4ta2FuLWNlLW1pYW4tYmktYmVpLW1pYW4tc2hhLXRhaS14aWFvLWh1bi5odG1sIiwibW9kZSI6NSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOm51bGx9
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEyMzg4ODY1ODEsInBhY2tldElkIjoiMDAwMEE3MDEtOGQyM2E4YmEtZDkyOS00M2E0LTk4ZGMtNTY3ODYzYmM0YmEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tc2hpLWxpYW5nLWppYW4tcWlhby10dW4temhlbmctbWVpLWhhby1xaS1nZW4ta2FuLWNlLW1pYW4tYmktYmVpLW1pYW4tc2hhLXRhaS14aWFvLWh1bi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6Ijc3YTljMjJmLWFjMDItNDVkZC05NmJjLWIwODk2YThhN2Q1YSIsInNlY3Rpb25OYW1lIjoiQVBfTF9EX0FSVElDTEVfNzI4WDI1MF83N2E5YyIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJBRFBfNDI3NTNfNzI4WDI1MF83N2E5YzIyZi1hYzAyLTQ1ZGQtOTZiYy1iMDg5NmE4YTdkNWEiLCJzZXJ2aWNlcyI6WzEsM10sImFkVW5pdFR5cGUiOjF9XX0%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEyMzg4ODY1ODYsInBhY2tldElkIjoiMDAwMEE3MDEtOGQyM2E4YmEtZDkyOS00M2E0LTk4ZGMtNTY3ODYzYmM0YmEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tc2hpLWxpYW5nLWppYW4tcWlhby10dW4temhlbmctbWVpLWhhby1xaS1nZW4ta2FuLWNlLW1pYW4tYmktYmVpLW1pYW4tc2hhLXRhaS14aWFvLWh1bi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6ImQxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfNzI4WDkwX2QxYzEwIiwic3RhdHVzIjoxLCJuZXR3b3JrIjoiYWRwVGFncyIsIm5ldHdvcmtBZFVuaXRJZCI6IlNUSUNLWV9BRFBfNDI3NTNfNzI4WDkwX2QxYzEwYTcyLTI3YjQtNDkzMS04Y2U3LTk5YTE4ZWJiZGJhZSIsInNlcnZpY2VzIjpbNSwzXSwiYWRVbml0VHlwZSI6M31dfQ%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
feedback
e3.adpushup.com/AdPushupFeedbackWebService/ 		70 B
131 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e3.adpushup.com/AdPushupFeedbackWebService/feedback?data=eyJjcmVhdGVkVFMiOjE2NjEyMzg4ODY1ODgsInBhY2tldElkIjoiMDAwMEE3MDEtOGQyM2E4YmEtZDkyOS00M2E0LTk4ZGMtNTY3ODYzYmM0YmEyIiwic2l0ZUlkIjo0Mjc1Mywic2l0ZURvbWFpbiI6Imh0dHBzOi8vYmczLmNvLyIsInVybCI6Imh0dHBzOi8vd3d3LmJnMy5jby9hL2NoYW8tc2hpLWxpYW5nLWppYW4tcWlhby10dW4temhlbmctbWVpLWhhby1xaS1nZW4ta2FuLWNlLW1pYW4tYmktYmVpLW1pYW4tc2hhLXRhaS14aWFvLWh1bi5odG1sIiwibW9kZSI6MSwiZXJyb3JDb2RlIjoxLCJyZWZlcnJlciI6IiIsInBhZ2VHcm91cCI6IkFSVElDTEUiLCJwYWdlVmFyaWF0aW9uSWQiOiI5Njc1MDEyNS1iOTBjLTQ5N2EtODY5OS03MzE3MWY3YjQ5MzUiLCJwYWdlVmFyaWF0aW9uTmFtZSI6IkFkUHVzaHVwIiwicGFnZVZhcmlhdGlvblR5cGUiOjEsInBsYXRmb3JtIjoiREVTS1RPUCIsImlzR2VuaWVlIjpmYWxzZSwic2VjdGlvbnMiOlt7InNlY3Rpb25JZCI6IjEwNGIyODJhLWJkMTEtNGQ4ZC1hZDY0LTA0OTIwNjNiNmNiYSIsInNlY3Rpb25OYW1lIjoiQVBfSV9EX0FSVElDTEVfMTIwWDYwMF8xMDRiMiIsInN0YXR1cyI6MSwibmV0d29yayI6ImFkcFRhZ3MiLCJuZXR3b3JrQWRVbml0SWQiOiJTVElDS1lfQURQXzQyNzUzXzEyMFg2MDBfMTA0YjI4MmEtYmQxMS00ZDhkLWFkNjQtMDQ5MjA2M2I2Y2JhIiwic2VydmljZXMiOls1LDNdLCJhZFVuaXRUeXBlIjozfV19
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
13.76.45.37 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-robots-tag
noindex
content-length
70
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bg3.co
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 23 Aug 2022 07:14:46 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1373
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220823
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.88.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2bcaa1a057d41a665402c26800748817ee8ef0c867cf3c45c1608da0820daf1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
15224
x-jsd-version
1.0.1440
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19140-FRA, cache-iad-kiad7000106-IAD
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66a-Nfe7pCKRLKSkWSDL2Vvny6Rv/7Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MAKeQy%2FQ6jeyvSQPJcD23MBH0RmsuM5dfDhBHo2WL3Z%2FhI2Jd3IYl%2BZfa2Cv6ZrWjJIkinnpLjS%2BW7Da0MscLVbfsUMN49QqvHInW7QED2IZl1p0F63qpYG9z2OALANwAGg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
73f20da30a825a61-MEL
access-control-expose-headers
*
json
gum.criteo.com/sid/ 		318 B
609 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.bg3.co%2F&domain=www.bg3.co&cw=1&lsw=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
8b7af2fec00cbf99c3fae07c2fb70511dda8d5e8e2ce8d9c9b0beda43701a836
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2827
strict-transport-security
max-age=31536000; preload;
expires
0
adreq
ads.servenobid.com/ 		405 B
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=10312
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cygnus
htlb.casalemedia.com/ 		36 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225b05503f6704c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2267f80d5590afad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22806894f6916ca%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2210735af45655747%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22115c2f66e31952a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22250x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A250%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22131a7cd05f51218%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22153e6ced2914175%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22320x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2216548edfb4f02cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22banner%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2267f80d5590afad%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22131a7cd05f51218%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22300x50%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A50%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485d5501e31383c2f409a4107825d23d85b34306aa37501c6930d91de2ac4b6c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GftSfkmyShUFhm2YX%2FqBWBPc94S1JRf3DISLFKX8m9kLP1z6%2B0YoHrUjNDHvCFNYfu8Sb1MkXA9R6lpMTK52HSXJE%2Bm02TkirZ8MF%2FFG0FMVUgeDW5tkTJhWHHrpk6MpTcwJn88e"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73f20da33b5317cc-MEL
expires
0
cygnus
htlb.casalemedia.com/ 		36 B
635 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=693656&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%225b05503f6704c1%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A3%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A3%2C%22ou%22%3A3%2C%22allu%22%3A3%2C%22ren%22%3Atrue%2C%22version%22%3A%224.43.0%22%2C%22userIds%22%3A%5B%22pubcid%22%5D%2C%22msd%22%3A0%2C%22msi%22%3A0%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22adpushup.com%22%2C%22sid%22%3A%22062d9a21f747ddee7c25d4297776e0aa%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22131a7cd05f51218%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22728x90%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B728%2C90%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%2216548edfb4f02cd%22%2C%22ext%22%3A%7B%22siteID%22%3A%22693656%22%2C%22sid%22%3A%22120x600%22%7D%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22playerSize%22%3A%5B%5B120%2C600%5D%5D%2C%22api%22%3A%5B2%5D%2C%22linearity%22%3A1%2C%22placement%22%3A4%2C%22w%22%3A120%2C%22h%22%3A600%7D%7D%5D%7D
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
485d5501e31383c2f409a4107825d23d85b34306aa37501c6930d91de2ac4b6c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3%2FsQL1wfAv7bKPq1zwYgcDXlMbVihyAVVCj1MLTob8QWper%2BbIVpTvHDcK0BjMKLB30L8yp%2BIUS0FV1TqZ2Y7dXycyXFq01yJgGjk0CypzQBP6CESnSTRWfXspFxw7uOiJYwu96"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
73f20da33b5717cc-MEL
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
19cfd95f861bee0df79e7e79a7728655bee60c87b7bc7f3b193c7dc6bfe7c018

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
173
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
52a3b488422067bc7a4fb2d693693f0fcc743cff3334849f2a62581d960013b3

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ 		185 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.193.82.11 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-193-82-11.ap-northeast-1.compute.amazonaws.com
Software
/
Resource Hash
adb515834cb0fb5ae90c907f1a800395776858d5c24ed71b8f80329ff22c8d1a

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-prebid
pbs-java/1.96.0
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		472 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20616&site_id=395958&zone_id=2209398&size_id=15%3B2%3B8&alt_size_ids=2%2C1%2C13%2C14%2C19%2C43%2C44%2C117%3B1%2C43%2C44%3B&rp_schain=1.0,1!adpushup.com,062d9a21f747ddee7c25d4297776e0aa,1,,,&eid_pubcid.org=1c79754d-e855-4001-8c8a-8750a314ba59%5E1&rf=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&tk_flint=pbjs_lite_v4.43.0&x_source.tid=b93dd7ec-8c7e-45ee-93a5-e7e960da7f74%3B3bc2fef3-f510-4bfe-8bef-a80481b77545%3B3b06e64e-9a6d-4eab-91ff-e9498992879a&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=3&rand=0.6548220542621419
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.65 Ashburn, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fa200c0af6cfc8ad1c6d680dcb509143d3a94edc9ac2235087d98b351adb73dd

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:47 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
472
Expires
Wed, 17 Sep 1975 21:32:10 GMT
c
prebid.a-mo.net/a/ 		23 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
952f65c3304c29b0eeb743b476cfebb9f4dfc57066a51f54a8a5f45d18fefa52

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
167
content-length
11648
prebid-request
onetag-sys.com/ 		15 B
547 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
access-control-allow-headers
content-type, origin, referer, user-agent
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://www.bg3.co
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
41
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		0
0
arj
adpushup-d.openx.net/w/1.0/ 		174 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=08679746-ba62-46a4-bf7c-7f18cdf808b8%2C7fac7e42-55a8-433f-a326-e42daa7bd52e%2Ce65049a8-db28-4e68-98cb-41d9aa7d1a5b&nocache=1661238886693&pubcid=1c79754d-e855-4001-8c8a-8750a314ba59&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&aus=728x250%2C728x90%2C690x90%2C690x250%2C675x90%2C675x250%2C670x90%2C670x250%2C650x90%2C650x250%2C650x150%2C630x90%2C630x250%2C602x100%2C600x90%2C600x250%2C580x90%2C570x90%2C550x150%2C468x60%2C320x50%2C320x100%2C300x50%2C300x100%2C300x75%2C300x250%2C250x250%2C200x200%7C728x90%2C690x90%2C675x90%2C670x90%2C650x90%2C630x90%2C600x90%2C580x90%2C570x90%2C468x60%2C320x50%2C300x50%2C300x75%7C120x600&divids=ADP_42753_728X250_77a9c22f-ac02-45dd-96bc-b0896a8a7d5a%2CSTICKY_ADP_42753_728X90_d1c10a72-27b4-4931-8ce7-99a18ebbdbae%2CSTICKY_ADP_42753_120X600_104b282a-bd11-4d8d-ad64-0492063b6cba&aucs=%2C%2C&auid=545618347%2C545618347%2C545618347
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
87fbfeba737f5f8c702482812938f7c05d7fb7b41b012bb19d9d46ceb76c49af

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
164
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=b96b56d4-6558-4317-b2b0-2dd6d1bedf4a&nocache=1661238886694&pubcid=1c79754d-e855-4001-8c8a-8750a314ba59&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A120%2C%22h%22%3A600%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=120&vht=600&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
297 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e68b283a-4845-4113-afe8-8bbc5f303788&nocache=1661238886694&pubcid=1c79754d-e855-4001-8c8a-8750a314ba59&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=728&vht=90&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
avjp
adpushup-d.openx.net/v/1.0/ 		106 B
505 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adpushup-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ce6e8f9a-9be4-4580-a734-aba178e5d7fc&nocache=1661238886694&pubcid=1c79754d-e855-4001-8c8a-8750a314ba59&schain=1.0%2C1!adpushup.com%2C062d9a21f747ddee7c25d4297776e0aa%2C1%2C%2C%2C&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22w%22%3A400%2C%22h%22%3A225%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22video%2Fwebm%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A300%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22api%22%3A%5B2%5D%2C%22playbackmethod%22%3A6%2C%22linearity%22%3A1%7D%7D%5D%7D&auid=545618481&vwd=400&vht=225&vos=101&vmimes=video%2Fmp4%2Cvideo%2Fwebm
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:46 GMT
via
1.1 google
server
OXGW/0.0.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.bg3.co
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		49 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d4af920697e66a45d52a593a34f7a2d60e6ae2a9b182f817560b1f4342a1efc1
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 23 Aug 2022 07:14:47 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
ac48eed5-5389-4cd7-91ce-186ff9337b99
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.bg3.co
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
212 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=13945274989
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.145 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:46 GMT
server
Finatra
vary
Origin
access-control-allow-origin
https://www.bg3.co
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
auction
rtb.adxpremium.services/openrtb2/ 		59 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.adxpremium.services/openrtb2/auction
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
148.251.121.152 Braunlage, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
egon
Software
/
Resource Hash
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:48 GMT
x-prebid
pbs-go/unknown
vary
Origin
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
59
expires
0
auction
tlx.3lift.com/header/ 		21 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&tmax=3000
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.140.14.88 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-140-14-88.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
afac8c6114f00efef4356e4c4525d11d881145d709f9e82d8ee2c22f60eeb730
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
accept-ch
sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data,sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
7670
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
prebid.media.net/rtb/ 		1 KB
920 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CUPEPKI9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
92476139419d60ba68a355035d2674a89d04a643b2738409e304840e61b0d828

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
198
alt-svc
clear
via
1.1 google
bid-request
a.teads.tv/hb/ 		16 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.153.54 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-153-54.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bg3.co
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Tue, 23 Aug 2022 07:14:47 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/pbuseridscripts/quantcast.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
etag
"gV5iHc/sd8Rde4C/i53H5w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Tue, 30 Aug 2022 07:14:47 GMT
pubads_impl_2022081701.js
securepubads.g.doubleclick.net/gpt/ 		384 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
sffe /
Resource Hash
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 12:34:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
499225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
133512
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 08:37:57 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 17 Aug 2023 12:34:22 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		109 B
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93
x-xss-protection
0
expires
Tue, 23 Aug 2022 07:14:47 GMT
integrator.js
adservice.google.com.au/adsid/ Frame 78AB 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f154.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 78AB 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=cdn.aralego.net
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame 78AB 		492 B
262 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1475966281438034&correlator=1149830801799065&eid=31069041%2C31067825&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661238887019&lmt=1644386353&dlt=1661238885503&idt=1491&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=cjbpfuang9t9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1696904214.1661238887&ga_sid=1661238887&ga_hid=724489889&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
f89279deaf8f2fbf354ded8854581f2b6f731d806e86870ff82c590c3d000ffc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
232
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09FC 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:47 GMT
expires
Wed, 23 Aug 2023 07:14:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ Frame A4E5 		492 B
264 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=4121761813376924&correlator=1033923666949605&eid=31060438%2C31067358%2C44768682%2C44770638%2C31062930&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=18087395%2Ccookie&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=64515409&sfv=1-0-38&fsapi=false&sc=1&cdm=cdn.aralego.net&abxe=1&dt=1661238887159&lmt=1644386353&dlt=1661238885512&idt=1638&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=m3arvxhkkmy8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&nhd=1&url=https%3A%2F%2Fcdn.aralego.net%2Fucfad%2Fcookie%2FcookieSyncIframe.html&ref=https%3A%2F%2Fwww.bg3.co%2F&top=https%3A%2F%2Fwww.bg3.co%2F&frm=24&vis=1&psz=0x0&msz=0x-1&fws=256&ohw=0&ea=0&ga_vid=1174653607.1661238887&ga_sid=1661238887&ga_hid=815700450&ga_fc=false
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
77a962500f35ac6074010441ea3f54299ccd012893bdbdb97f1b6be0bdab4fbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
234
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://cdn.aralego.net
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8D03 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:47 GMT
expires
Wed, 23 Aug 2023 07:14:47 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rules-p-54Nt-1NAaEEe0.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-54Nt-1NAaEEe0.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.227.254.2 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-227-254-2.sin52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:04:59 GMT
via
1.1 75c2742886aa426af3e0688fa2a8677a.cloudfront.net (CloudFront)
age
589
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 28 Jul 2022 16:54:54 GMT
server
AmazonS3
etag
"05b131079c67d484167fd1b1f6c79577"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-pop
SIN52-C3
accept-ranges
bytes
x-amz-cf-id
68_fI6uQDt9GyoWba01ucjFqCdk-KHWDHPoiaNqJJ0eB0Zk0AVSypg==
sodar
pagead2.googlesyndication.com/getconfig/ Frame 78AB 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
a1736f9b7eb1d8d82a793a449a1977304ace4f27f42ed26f3f015fb6953b3173
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11105
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame A4E5 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022081701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
cb030b236e5184d342a50954b9febfbdb0556ff0b2572cef64ebd8802d40fb6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11127
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ Frame 3B05 		12 B
53 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.bg3.co&callback=_gfp_s_&client=ca-pub-4485239425924787&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ Frame 3B05 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3B05 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 03E9 		41 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
69f2f64deee265e16cfce1655ea8a7f5c2dc399e50d1cb81d2224ee4c801b32b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
15899
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:48 GMT
expires
Tue, 23 Aug 2022 07:14:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
show_ads.js
pagead2.googlesyndication.com/pagead/ Frame 24D6 		116 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/wHpRX0bWuC9xRFH5Zh6Brkvx3yfQuUmZc8yJalW2.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9eae654a8e0aa0f026bb1996cea3a04436c05a266a3dff7b28bbc23d70ddc766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40229
x-xss-protection
0
server
cafe
etag
7770664948745237730
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:47 GMT
log
aplogger.adpushup.com/ 		0
53 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=glimpse_pageView&data=eyJzZXNzaW9uSWQiOiI1NDc5MzZfMTY2MTIzODg4Nzc1NSIsInVzZXJJZCI6IjUwMzM2NF8xNjYxMjM4ODg3NzU1Iiwic2l0ZUlkIjo0Mjc1MywicGxhdGZvcm0iOiJERVNLVE9QIiwicGFnZUlkIjoiNTUwODIyXzE2NjEyMzg4ODc3NTUiLCJwYWdlUGF0aCI6IiUyRmElMkZjaGFvLXNoaS1saWFuZy1qaWFuLXFpYW8tdHVuLXpoZW5nLW1laS1oYW8tcWktZ2VuLWthbi1jZS1taWFuLWJpLWJlaS1taWFuLXNoYS10YWkteGlhby1odW4uaHRtbCIsImhvc3RuYW1lIjoid3d3LmJnMy5jbyIsInVybCI6Imh0dHBzJTNBJTJGJTJGd3d3LmJnMy5jbyUyRmElMkZjaGFvLXNoaS1saWFuZy1qaWFuLXFpYW8tdHVuLXpoZW5nLW1laS1oYW8tcWktZ2VuLWthbi1jZS1taWFuLWJpLWJlaS1taWFuLXNoYS10YWkteGlhby1odW4uaHRtbCIsInBoYXNlIjowLCJ1c2VyVHlwZSI6Ik5FVyIsInByZXZpZXdWYXJpYXRpb24iOiJub1ByZXZpZXdQYWdlIiwiZXhwZXJpbWVudFBhZ2UiOmZhbHNlLCJ0aW1lc3RhbXAiOjE2NjEyMzg4ODc3NTV9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:48 GMT
server
nginx/1.14.0 (Ubuntu)
L2EvY2hhby1zaGktbGlhbmctamlhbi1xaWFvLXR1bi16aGVuZy1tZWktaGFvLXFpLWdlbi1rYW4tY2UtbWlhbi1iaS1iZWktbWlhbi1zaGEtdGFpLXhpYW8taHVuLmh0bWw=.json
cdn.adpushup.com/42753/ 		555 B
818 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.adpushup.com/42753/L2EvY2hhby1zaGktbGlhbmctamlhbi1xaWFvLXR1bi16aGVuZy1tZWktaGFvLXFpLWdlbi1rYW4tY2UtbWlhbi1iaS1iZWktbWlhbi1zaGEtdGFpLXhpYW8taHVuLmh0bWw=.json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.44.4.232 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-44-4-232.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 /
Resource Hash
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-akamai-country
AU
date
Tue, 23 Aug 2022 07:14:48 GMT
server
nginx/1.18.0
vary
Accept-Encoding
x-akamai-device
mobile:false&tablet:false
access-control-allow-origin
*
cache-control
max-age=3600
server-timing
cdn-cache; desc=MISS, edge; dur=5, origin; dur=215
content-type
text/html
content-length
555
expires
Tue, 23 Aug 2022 08:14:48 GMT
pixel;r=293665071;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html;uh=e51ed67dfb8d91dc24b15e...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=293665071;rf=0;a=p-54Nt-1NAaEEe0;url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-421761949-1661238887832;pbc=1c79754d-e855-4001-8c8a-8750a314ba59;ns=0;ce=1;qjs=1;qv=26d71701-20220818164642;cm=;gdpr=0;ref=;d=bg3.co;dst=0;et=1661238887832;tzo=0;ogl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.10.171 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:47 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/ Frame 24D6 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
f67d47baf39a87cc4da1eda8f3bd9b2f56f1553e40e7420f5f76574c18991b10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122732
x-xss-protection
0
server
cafe
etag
3472895500222032491
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:48 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 78AB 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A4E5 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:49 GMT
js
www.googletagmanager.com/gtag/ 		201 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
10f68de7fe506521cd04d1e633e7772e2c53bb8d7de0a67f2972e8a70805d3bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
73059
x-xss-protection
0
expires
Tue, 23 Aug 2022 07:14:48 GMT
log
aplogger.adpushup.com/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://aplogger.adpushup.com/log?event=linkPreview_failed_JSONRequest&data=eyJzaXRlSWQiOjQyNzUzLCJ1cmwiOiIvYS9jaGFvLXNoaS1saWFuZy1qaWFuLXFpYW8tdHVuLXpoZW5nLW1laS1oYW8tcWktZ2VuLWthbi1jZS1taWFuLWJpLWJlaS1taWFuLXNoYS10YWkteGlhby1odW4uaHRtbCIsInRpbWUiOjE2NjEyMzg4ODgxNTF9
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/42753/linkPreview.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.211.156.162 Mumbai, India, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:48 GMT
server
nginx/1.14.0 (Ubuntu)
ping
pagead2.googlesyndication.com/pagead/ Frame A4E5 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://cdn.aralego.net/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
integrator.js
adservice.google.com.au/adsid/ Frame 24D6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 24D6 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
adx.holmesmind.com/adx-file/20220802/ Frame A872
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006-1&adk=3314916115&adf=3653020616&pi=t.ma~as.3006%2F14006-1&w=336&url=https%3A%2F...
  • https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
801 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.251.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-251-114.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
665
content-length
801
content-type
text/html
date
Tue, 23 Aug 2022 07:03:54 GMT
etag
"ecb9b362af60ffdbe438788aa8ca18e5"
last-modified
Tue, 02 Aug 2022 04:48:09 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 f92e2b771ebc524db2f478f72162e564.cloudfront.net (CloudFront)
x-amz-cf-id
0CzouwFLsYe1XSM8-pfKFjXmgVmejwGUECQE9B9YkTT3mCN0YFFywg==
x-amz-cf-pop
SIN5-C1
x-amz-version-id
KbMM.b5nTQFCq_iVT2XQPFDqHmRW1hjS
x-cache
Hit from cloudfront

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:48 GMT
location
https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame A872 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Requested by
Host: adx.holmesmind.com
URL: https://adx.holmesmind.com/adx-file/20220802/Jpdrj6FTFudMF9gFh20p69WOhIfPkDWiDdiuTHfZ.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
caa92478664959545c65121f6bb4e48e3e0402039de9b6f0aa3ba745f38c525c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Origin
https://adx.holmesmind.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
57048
x-xss-protection
0
server
cafe
etag
9101255666369586302
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:48 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 36FD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-nnDaH4EY5PwDZWpngXkgIdQrNf98GS09qiT4gvAjbcBEAEgAGClwKOApAGCARdjYS1wdWItNDQ4NTIzOTQyNTkyNDc4N6ABlfWb3wPIAQmoAwGqBK0CT9CN_CpENhBCK0ugc4ln4eNfCeb4QR3610Noyickh3Px7-Z5Kz4cXShgU1km6Z5T6OT_L72g_K64pdSQMUkjFiQMEkATpqal_6gi6d90G8HenArC-zkW96vJku0Ks2nHlzrGaZWjqn6H2HS-nrMYDZfryfW_yWPgA7Gnsr5G5XEoHRnyQWFFrkip8JV95DzUV9XLZzjn57JknOOft51Sx0cUpF0wMEln5K0y9hKQ-AeOOxY_LC4SZRAeUlRDR3ihG20FZMmCfIFqgb5-GG5eEbWVttdfgItmMyzbZPrcSgN9ugiUVzQ7B8-WlOZ48FmKMze3FsKMPrJJXSZ5LWq2bCs-SUG8jwOBy7-CMnHWk-_4ik2iDXqTtnK2rTdOMU2d8s6tz_azVCEw04domYAGw8Xfm8qtzZjpAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA0IgGEQATICigI6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTQ0ODUyMzk0MjU5MjQ3ODcY4swZ&sigh=eN4CVSPYaAs&uach_m=[UACH]&cid=CAQSPACsnQUxpy53O5nNu_JhCv2l_njUQTQypNMmSEDR33FLT5opF5TZ47Qw093u-BKa5S3msXAnrurKhzo3BhgB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Tue, 23 Aug 2022 07:14:48 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
log
hblg.media.net/ Frame 36FD 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hblg.media.net/log?logid=kfk&evtid=l1log&app=0&cc=AU&ctr=0.0015041453&viewability=82&device_id=4&cbdp=0.02&slotVisibility=1&dn=bg3.co&acid=f57ce47be0e5436e8fe6c598a7f6aa57&ugd=4&size=250x250&pvid=313&csip=rtb-common-istio-85cb58b4b7-s5jkb.SG&ogbdp=0.02&prvReqId=30745548317523_988179151_52982010413131&itype=ADX&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&scrid=1700080812610100250025000000500&mang=1&bidrestime=1661238888440&cid=8CU3SX34C&rme=nurl
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:49 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 23 Aug 2022 07:14:49 GMT
log
qsearch-a.akamaihd.net/ Frame 36FD 		35 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&ckfl=0&lper=&app_type=adx_test&bdr_typ=1&ss_d1=0&ogerpm=0.0100&ss_d2=0&stid=&other_prv=313&jar_err=&current_day=2.0&adtyp=0&req_id=YwR-aAAE8VUEf4flOQ5-eQ&bd_m3=0.0000&bidfp=0.0100&bd_m2=0.0000&pvag_id=&bd_m1=0.0000&ugd=4&dim10=false&exp=&fdbk_id=&second_bidder=*&floor_bucket=0.00&gpid_format=&seat=BID_API&size=250x250&url_l1=a&f_seg=&url_l2=chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&prdp=0.0200&ogcbdp=0.0200&dfpbd=0.0200&server=1&ogerpm_wd_bkt=0-1&viewability=0.8200&dmm_r=0.0000&cut=0&dmm_l=0.0000&tcyerpm=&sc=AU-VIC&send_erpm=false&sd=1&hb_exp=&seg=&erpm_bucket=0.00&ugd_ver=&requrl=bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html%2F&bidrestime=1661238888440&cc=AU&strg=no_strategy&ss=&current_hour=7&time_stamp=2022-08-23+07%3A14%3A48&rvshhon=&bdp=0.0200&ct=Melbourne&akey=&mnckfl=0&bdp_bucket=0.00&algo=no_strategy&dc=apac_sg&splid=&dim4=exploration&dn=bg3.co&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&buyer_id=&bdp_wider_bucket=1&acid=f57ce47be0e5436e8fe6c598a7f6aa57&infl=&o_ver=NT+10.0&br_ver=89.0.4389.72&bdmm_m6=0.0000&bdmm_m7=0.0000&bdmm_m5=0.0000&ver=8.13.0&totalTimeBucket=3&visibility=1&totalTime=3091060&dmm_m1=2022-08-23+07%3A14%3A48.442783817&e_rpm=0.0000&dmm_m22=0.0100&gdpr=&vsid=&log_less=false&gpid_sent=false&ogerpm_used=false&bdmm_m12=0.0000&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&rawbid=0.0200&seat_id=BID_API&sub_bidder=196&pst=EMS&pbshr=100.0000&dmm_d10=&o_id=101&clisp=rtb-common-istio-85cb58b4b7-s5jkb.SG&dfp_bucket=0.0&adblk=2365071409&itype=adx&pvid_seat=313_BID_API&cliIP=1741815296&advurl=topics.businessfocus.online%2F&crid=529820104&sat=1&br_id=265&cut_bkt=1&gpid=&iwb=1&second_bid=0.000000&sc_pvid=313&capd=0&other_bids=0.02
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
42.99.128.160 , Japan, ASN4637 (ASN-TELSTRA-GLOBAL Telstra Global, HK),
Reverse DNS
ip-42-99-128-160.pacnet.net
Software
Jetty(9.4.35.v20201120) /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:49 GMT
Server
Jetty(9.4.35.v20201120)
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Tue, 23 Aug 2022 07:14:49 GMT
nmedianet.js
contextual.media.net/ Frame 36FD 		164 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b811b194b5aae396d784586653ce575564fed5bede84da586853bac02f8ae179
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
x-mnt-h
8-12
content-encoding
gzip
server
Apache
etag
"1d27717da381e79aea5535da0f4dab42"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
date
Tue, 23 Aug 2022 07:14:49 GMT
strict-transport-security
max-age=31536000
x-mnt-w
8-11
expires
Tue, 23 Aug 2022 07:19:49 GMT
adperformance.js
warp.media.net/rtb/resource/ Frame 36FD 		61 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resource/adperformance.js?v=35e90bcdc8
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
server
nginx
date
Tue, 23 Aug 2022 07:14:49 GMT
content-type
application/javascript;charset=ISO-8859-1
cache-control
max-age=72003
access-control-allow-credentials
true
content-length
62892
expires
Wed, 24 Aug 2022 03:14:52 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 36FD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
218
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:11:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 36FD 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:49 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 36FD 		17 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
440
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:07:28 GMT
l
www.google.com/ads/measurement/ Frame 36FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSFBpFPLDEZM-9xb7BE_FKu5hV-aWDW8wPOOu3M7xNBn7aBHjJHGcEhv-jue0TqFFGdH8XUyjKsmMsp5rijY2s4_2je5Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
collect
www.google-analytics.com/g/ 		0
106 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8m0&_p=5795&cid=37497361.1661238889&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1661238888&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&dt=%E8%B6%85%E5%B8%82%E9%A9%9A%E8%A6%8B%E7%BF%B9%E8%87%80%E6%AD%A3%E5%A6%B9%20%E5%A5%BD%E5%A5%87%E8%B7%9F%E7%9C%8B%E3%80%8C%E5%81%B4%E9%9D%A2%E6%AF%94%E8%83%8C%E9%9D%A2%E6%AE%BA%E3%80%8D%EF%BC%9A%E5%A4%AA%E9%8A%B7%E9%AD%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_fv=1&_nsi=1&_ss=1&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_success
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:49 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/ Frame A872 		341 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
03b14184861a1442d9b7258bf4c6dc7ea78351be5179adda3857cd49dfc10272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122622
x-xss-protection
0
server
cafe
etag
17620972829521432287
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 23 Aug 2022 07:14:49 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/ Frame F9B2 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220818/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4126554779393986
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
66824
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4412
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Mon, 22 Aug 2022 12:41:05 GMT
etag
8616628553774171045
expires
Mon, 05 Sep 2022 12:41:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.com.au/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.bg3.co
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		125 KB
44 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2120309846229613&correlator=710893008773004&eid=31068457%2C31068500%2C31068830%2C31068926%2C31069045%2C44768257&output=ldjh&gdfp_req=1&vrg=2022081701&ptt=17&impl=fifs&iu_parts=103512698%3A22574853003%2C22477626096%2C22479095528%2C22579309510&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3&prev_iu_szs=320x50%7C728x250%7C728x90%7C690x90%7C690x250%7C675x90%7C675x250%7C670x90%7C670x250%7C650x90%7C650x250%7C650x150%7C630x90%7C630x250%7C602x100%7C600x90%7C600x250%7C580x90%7C570x90%7C550x150%7C468x60%7C320x50%7C320x100%7C300x50%7C300x100%7C300x75%7C300x250%7C250x250%7C200x200%2C320x50%7C728x90%7C690x90%7C675x90%7C670x90%7C650x90%7C630x90%7C600x90%7C580x90%7C570x90%7C468x60%7C320x50%7C300x50%7C300x75%2C320x50%7C120x600&fluid=height%2Cheight%2Cheight&ifi=1&adks=1420297610%2C2857874404%2C4082231052&sfv=1-0-38&fsapi=false&prev_scp=adpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.04%26hb_ap_adid%3D83d97df6c2e0516%26hb_ap_bidder%3Dtriplelift%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D876c6d9fe674288%26hb_ap_bidder%3Dappnexus%7Cadpushup_ran%3D1%26hb_ap_siteid%3D42753%26hb_ap_ran%3D1%26fluid%3D0%26refreshcount%3D0%26refreshrate%3D30%26hb_ap_format%3Dbanner%26hb_ap_pb%3D0.00%26hb_ap_adid%3D88a1fc18d674739%26hb_ap_bidder%3Dappnexus&eri=1&cust_params=da%3Dadx%26outbrain%3Dtrue&sc=1&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&arp=1&abxe=1&dt=1661238889143&lmt=1661238889&dlt=1661238883566&idt=3746&adxs=236%2C436%2C5&adys=60%2C1110%2C300&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0&ucis=1%7C2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&frm=20&vis=1&psz=728x-1%7C728x-1%7C120x-1&msz=728x-1%7C728x-1%7C120x-1&fws=4%2C516%2C516&ohw=728%2C1600%2C1600&ga_vid=37497361.1661238889&ga_sid=1661238889&ga_hid=5795&ga_fc=true&ga_cid=amp-iB30bCViJa4IPRLMl01FQw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
cafe /
Resource Hash
c33b10192b81770be2fe8111a90605381ea989da65bc97b457747fdb96a416f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
45298
x-xss-protection
0
google-lineitem-id
-1,-1,-1
pragma
no-cache
server
cafe
google-creative-id
-1,-1,-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 005E 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:49 GMT
expires
Wed, 23 Aug 2023 07:14:49 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8E2A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
197820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 00:17:49 GMT
expires
Mon, 21 Aug 2023 00:17:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame BAF1 		783 B
1001 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
GSE /
Resource Hash
13c37b1ef76f0f4e129f78c5d9ea97f39d10c1767ed44a31f6d1377997fa0761
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-hGMwS4VB5KpoIzs6bFmvsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-hGMwS4VB5KpoIzs6bFmvsA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:49 GMT
expires
Tue, 23 Aug 2022 07:14:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 70AA 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
197820
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 00:17:49 GMT
expires
Mon, 21 Aug 2023 00:17:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F3DE 		783 B
737 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
GSE /
Resource Hash
1f2296da7eb60b4b614ee00b9a30c6dde0c66d32ff0c57f265b6ec53ed075ab5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Qf60yG0tX2475sCpEcgh7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://cdn.aralego.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Qf60yG0tX2475sCpEcgh7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:49 GMT
expires
Tue, 23 Aug 2022 07:14:49 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
integrator.js
adservice.google.com.au/adsid/ Frame A872 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.au/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame A872 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=adx.holmesmind.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 0FED 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238889104&bpp=3&bdt=379&idt=314&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&nras=1&correlator=8280574251330&frm=8&ife=1&pv=2&ga_vid=175170663.1661238889&ga_sid=1661238889&ga_hid=944145834&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767166%2C31068957%2C31067825&oid=2&pvsid=3031117260853865&tmod=1731377135&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.m96a59vykwd0&fsb=1&dtd=327
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 90CA 		603 B
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238889107&bpp=2&bdt=382&idt=331&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8280574251330&frm=8&ife=1&pv=1&ga_vid=175170663.1661238889&ga_sid=1661238889&ga_hid=944145834&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767166%2C31068957%2C31067825&oid=2&pvsid=3031117260853865&tmod=1731377135&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.lsridnvki5zn&fsb=1&dtd=336
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame BAF1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=1475966281438034&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/getconfig/ Frame A872 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
deaeeee0f1ce49db07a70657e5910d3ec97d35efb9dc8e34b9dff9a365847a61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11251
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 24D6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
d9cf383923250025f0946cf1fc305a3a066ef9741084174afcb6e55287e7a53e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11075
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3EC6 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
4fce4a9fb29d9f8c66fa609f77e869584b97c5a1def96fdd9c788445bf7d5cd5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11202
x-xss-protection
0
smtr
contextual.media.net/ Frame 36FD 		90 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/smtr?cb=window._mNDetails.initAd&&gdpr=0&cid=8CUABW64L&cpcd=ZNUXWKgjxAVr8bMpeLkZyA%3D%3D&crid=357234536&size=250x250&cc=AU&chnm=NO_STRATEGY&pid=8PO15GP54&tpid=TT2CP55&https=1&vif=2&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&kwrf=https%3A%2F%2Fwww.bg3.co&nse=5&vi=1661238889571152418&lw=1&ugd=4&adt1=8CU3SX34C&adt2=529820104&bae=B44Bg/aNqq&bcpf=B44Bg%2FaNq8fOnRrolnfOur8q&bdrId=313&ntv=0&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&katpre=1&katbid=-103&pgid=p12085541629t202208230714&goent=1&nb=1&cadomain=tzR-hLcl-L81q0bo4F7GnA3mMwDIDjC2d77KxBXphR_fTCDUsmLZYQ%3D%3D&allsc=VIC
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/nmedianet.js?cid=8CUABW64L
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b15794d7b651b23f9d007f19a4b00e355d2906fd8057e93ae1bb141fc6dd5607
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript
expires
Tue, 23 Aug 2022 07:14:50 GMT
cache-control
max-age=0, no-cache, no-store
x-sc-h
21-tkmf
strict-transport-security
max-age=31536000
timing-allow-origin
*
content-length
33661
x-sc-w
21-34wl
bping.php
lg3.media.net/ Frame 36FD 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=652&&vgd_cdv=782&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&vi=1661238889571152418&ugd=4&lf=6&kwrf=https%3A%2F%2Fwww.bg3.co&cc=AU&sc=VIC&lper=100&wsip=2886781042&r=1661238889670&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&vgd_l2type=sca&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=140952&vgd_rakh=1661238889188636014&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_pgid=p12085541629t202208230714&vgd_pgids=1&vgd_uspa=0&hvsid=00001661238889668017418153733328&gdpr=0&vgd_end=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 23 Aug 2022 07:14:49 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=20565
content-length
15
checksync.php
contextual.media.net/ Frame 9782 		26 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
22da7fd90bee3d5a37570c9ed148dfa1a49fe0e2da62325a06ef8314f7822429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
9411
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 07:14:49 GMT
expires
Thu, 25 Aug 2022 07:14:49 GMT
p3p
CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 36FD 		35 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=4668&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=YwR-aAAE8VUEf4flOQ5-eQ&s_city=dallesport&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0015041453&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=ba20ae08&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=82&renderer=1&be=0&rtime=15.0&adj0=0.0&tmax=300&s_ip=172.217.46.68&adj2=0.0&adj1=0.0&feedback_id=YwR-aAAE8VUEf4flOQ5-eQ&adtypes=0&mx_aabpc=0&reqid=YwR-aAAE8VUEf4flOQ5-eQ&sc=AU-VIC&sd=1&mowxReqId=f57ce47be0e5436e8fe6c598a7f6aa57_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&bidrestime=1661238888440&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-35-4&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=f57ce47be0e5436e8fe6c598a7f6aa57&actltime=23&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESECzbzMqV2Vo4X5neChvjTnY&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661239488695&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=255&ltime=22.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=30745548317523_988179151_52982010413131&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=27&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-944d9d594-bpspb&currsrc_date=2022-08-22+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-23+07%3A14%3A48&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET7BfFpXAWMHcCECxetnporv-3O4Ma8NLDbmPzT5QdI2VSl3ROyQIbQWuY2QxRWPTLWj&dmm_ogerpm=false&csip=rtb-common-istio-85cb58b4b7-s5jkb.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.82~smm_bid%3D0.02~vis_sd%3D540~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022082223~iurl_b%3D57836.9~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D117%2C117~et%3D14~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082222~vis_b%3D681.89~url_b%3D0.02~url_tvi%3D0~smm_wr%3D18.3581~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082221~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw4adiRxsleMojs1~btd%3D60213921828918993939732388397571773395023823289477437779030855491472977382674432~d2p_l%3D60~3pcf%3D15.19~uim%3D12964~dmm_strg%3Dno_strategy~d2p_b%3D0.92~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D13.43~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dmelbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D9.81~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.71~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESECzbzMqV2Vo4X5neChvjTnY%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0015041453%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=1230&sf=0&cpr=0.7102790675433486
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
max-age=3600
date
Tue, 23 Aug 2022 07:14:49 GMT
server
Apache
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=21600
content-length
35
expires
Tue, 23 Aug 2022 13:14:49 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame BEF3 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:20:24 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:20:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 36FD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
49d1f8dfa733c0f01de9f41b1930e61afc8296071b5572526a48d26d0755571c

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Aug 2022 07:14:50 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 8E2A 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 70AA 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518362
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 24D6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069049
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:49 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F3DE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022081701&jk=4121761813376924&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame A872 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:49 GMT
/
google2waycm.netmng.com/cm/ Frame BEF3 		0
0
pixel
cm.g.doubleclick.net/ Frame BEF3
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cve...
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&goog...
  • https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVVtekNJUXExT3FvN0U1&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cver=1&google_push=AehlK4A9KIuvwqynJx_sBxx8wJFI_6A_Yr4-zQECdb4vVVX...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVVtekNJUXExT3FvN0U1&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cver=1&google_push=AehlK4A9KIuvwqynJx_sBxx8wJFI_6A_Yr4-zQECdb4vVVXnI4HEgE_2M01d_PZZANCGCYRnPbpsKPvu5uteijww-EW5blPiN3s
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:49 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=MVVtekNJUXExT3FvN0U1&google_gid=CAESEBQ--hw8SHYg4tk55x8YisM&google_cver=1&google_push=AehlK4A9KIuvwqynJx_sBxx8wJFI_6A_Yr4-zQECdb4vVVXnI4HEgE_2M01d_PZZANCGCYRnPbpsKPvu5uteijww-EW5blPiN3s
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BEF3
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxGeehB6oUGABex5q7mlBw&google_cver=1&google_push=AehlK4BXu2iaD8vptAiDoMr7APO8a3oy3iwBMXHMjeL8XO2raGXZderuXfOjsURa8Mqv2oZ6f7H8XoTAzzxxFbDqZI...
  • https://match.adsrvr.org/track/cmb/google?google_gid=CAESEAxGeehB6oUGABex5q7mlBw&google_cver=1&google_push=AehlK4BXu2iaD8vptAiDoMr7APO8a3oy3iwBMXHMjeL8XO2raGXZderuXfOjsURa8Mqv2oZ6f7H8XoTAzzxxFbDqZI...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
google
pix.impdesk.com/csync/ Frame BEF3 		0
0
pixel
cm.g.doubleclick.net/ Frame BEF3
Redirect Chain
  • https://rtb.openx.net/sync/dds?google_gid=CAESEPOFubS5SmXw6lfxFxQv57s&google_cver=1&google_push=AehlK4AjkD-8Ag6HIBybEk23ndkAy1-58vc4LNnxwLArkPtgLFg1V7Fpi0abzZ4nBIjaufFfSZ3frsF0WtxvVDyvdmQQp5eeCcI
  • https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AjkD-8Ag6HIBybEk23ndkAy1-58vc4LNnxwLArkPtgLFg1V7Fpi0abzZ4nBIjaufFfSZ3frsF0WtxvVDyvdmQQp5eeCcI&google_hm=EIPAKOhUxtgwKAMPFCqzHg==
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AjkD-8Ag6HIBybEk23ndkAy1-58vc4LNnxwLArkPtgLFg1V7Fpi0abzZ4nBIjaufFfSZ3frsF0WtxvVDyvdmQQp5eeCcI&google_hm=EIPAKOhUxtgwKAMPFCqzHg==
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:49 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AehlK4AjkD-8Ag6HIBybEk23ndkAy1-58vc4LNnxwLArkPtgLFg1V7Fpi0abzZ4nBIjaufFfSZ3frsF0WtxvVDyvdmQQp5eeCcI&google_hm=EIPAKOhUxtgwKAMPFCqzHg==
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-request-id
lpfj8ipth41ip19osuh9b0qtsbfegcve
pixel
cm.g.doubleclick.net/ Frame BEF3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg&redir=https%3A%2F%2Fcm.g.doublec...
  • https://sync.targeting.unrulymedia.com/csync/RX-05f6ca0c-8673-4f4b-bf18-e2bfd6cf1055-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4B1Qadl7ZsVx5DLClhEJ...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg&google_hm=BAX2ygyGc09Lvxjiv9bPEFU
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg&google_hm=BAX2ygyGc09Lvxjiv9bPEFU
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4B1Qadl7ZsVx5DLClhEJrfQXRDa9J2X4OYzZafcvSt92dVpd8Y5tjGkfEFn3ulpVOg7Ta1wLXhdqBqn_STmT06pzvyabg&google_hm=BAX2ygyGc09Lvxjiv9bPEFU
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX05f6ca0c86734f4bbf18e2bfd6cf1055004
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame BEF3
Redirect Chain
  • https://cc.adingo.jp/adx/push/?google_gid=CAESEK3BBFolYvVucuI0iF6JweY&google_cver=1&google_push=AehlK4D4P6nt-qSCOx1zgyR4nXri7SVyudBgT9fJuprsoTyXcCJH-Zlia2ac1aMAc4gvk86n03kU_j0GSLpWiIH4kjC5OH8ghQ
  • https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4D4P6nt-qSCOx1zgyR4nXri7SVyudBgT9fJuprsoTyXcCJH-Zlia2ac1aMAc4gvk86n03kU_j0GSLpWiIH4kjC5OH8ghQ&google_hm=cce47bd3168de2bf8e1a2...
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4D4P6nt-qSCOx1zgyR4nXri7SVyudBgT9fJuprsoTyXcCJH-Zlia2ac1aMAc4gvk86n03kU_j0GSLpWiIH4kjC5OH8ghQ&google_hm=cce47bd3168de2bf8e1a261fc9aab341
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fluct_eb&google_push=AehlK4D4P6nt-qSCOx1zgyR4nXri7SVyudBgT9fJuprsoTyXcCJH-Zlia2ac1aMAc4gvk86n03kU_j0GSLpWiIH4kjC5OH8ghQ&google_hm=cce47bd3168de2bf8e1a261fc9aab341
date
Tue, 23 Aug 2022 07:14:50 GMT
server
nginx
content-type
text/html; charset=UTF-8
p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
attr
cm.g.doubleclick.net/pixel/ Frame BEF3 		0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K_KWCN-ePCNRmBXZwgEuMwAsgNuiMygSuKfeUVcTujFFsaMjU-4oyHHimgFe8DetzmVlyF
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4485239425924787&output=html&h=280&slotname=3006%2F14006&adk=2365071409&adf=3615134179&pi=t.ma~as.3006%2F14006&w=336&url=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238886070&bpp=13&bdt=1494&idt=1656&shv=r20220818&mjsv=m202208160101&ptt=5&saldr=sa&cookie=ID%3Dfd889806d20ccb7e-227746f4c0d500e9%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_MYWTeqTqrOygJEWGmgNIi65znQ_qw&gpic=UID%3D000008ec8b987d9b%3AT%3D1661238886%3ART%3D1661238886%3AS%3DALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg&correlator=3936562187921&frm=23&ife=1&pv=1&ga_vid=403291054.1661238888&ga_sid=1661238888&ga_hid=1830707832&ga_fc=0&ga_cid=amp-iB30bCViJa4IPRLMl01FQw&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=320&biw=1600&bih=1200&isw=336&ish=280&ifk=1241222966&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C21066430%2C31067825%2C31062931&oid=2&pvsid=3874194803782175&uas=0&nvt=1&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CoE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=1&uci=1.q0s7istmvk4y&fsb=1&dtd=1673
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3EC6 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208170101/show_ads_impl_fy2021.js?bust=31069029
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:49 GMT
container.html
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9EC0 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
expires
Wed, 23 Aug 2023 07:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 857D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
expires
Wed, 23 Aug 2023 07:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 714A 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022081701.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f132.1e100.net
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
expires
Wed, 23 Aug 2023 07:14:50 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cksync
cs.media.net/ Frame 9782
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?cs=6&google_nid=media&google_cm=1&google_hm=MzA0MjQwNDg5MTUzNzMwMTAwMFYxMA%3D%3D&google_sc=1
  • https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPYPU5tnQoFeNXrqYOma8Y0&google_cver=1
45 B
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPYPU5tnQoFeNXrqYOma8Y0&google_cver=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cs.media.net/cksync?type=g&cs=6&google_gid=CAESEPYPU5tnQoFeNXrqYOma8Y0&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync
cs.media.net/ Frame 9782
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=8m33zk4&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://cs.media.net/cksync?cs=1&type=ttd&ovsid=24de8755-1fd5-4995-84de-10c316ebc90a
45 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=24de8755-1fd5-4995-84de-10c316ebc90a
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=6&cv=31&https=1&cid=8CU3SX34C&prvid=99%2C77%2C20000%2C2033%2C262%2C241%2C3018%2C246%2C4%2C313%2C359%2C10000%2C9%2C319&itype=ADX&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:50 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cs.media.net/cksync?cs=1&type=ttd&ovsid=24de8755-1fd5-4995-84de-10c316ebc90a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
199
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 771F 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
197821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 00:17:49 GMT
expires
Mon, 21 Aug 2023 00:17:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame AE26 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
GSE /
Resource Hash
2836254d7fd088db3479666ed718600b4369158e75b500a75a3dddd91d335201
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-6d53Dc0S62kiXZc2xAmafw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-6d53Dc0S62kiXZc2xAmafw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
expires
Tue, 23 Aug 2022 07:14:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9E17 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
197821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 00:17:49 GMT
expires
Mon, 21 Aug 2023 00:17:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 612C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
GSE /
Resource Hash
f7248f05ab2b77595f1640ee6dbc24d6d4ab069c538f63f634a613acaf501968
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-IQ1mmRh6LSCak0bJ4EQjYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://adx.holmesmind.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-IQ1mmRh6LSCak0bJ4EQjYw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
expires
Tue, 23 Aug 2022 07:14:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 57B5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
197821
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 00:17:49 GMT
expires
Mon, 21 Aug 2023 00:17:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame F98F 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
GSE /
Resource Hash
22e0c8d461f81e0f5ec0c6ddcdc7096ccea7f9ebfec3d9bb19d4a088b58e035c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Jz49SEmCnI4Czs7sloz7EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-Jz49SEmCnI4Czs7sloz7EQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
expires
Tue, 23 Aug 2022 07:14:50 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame 8E2A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?d96hVw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 70AA 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?dR9Nzw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame AE26 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=3030552095383672&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 612C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=3031117260853865&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 771F 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame F98F 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=2336590716747131&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 9E17 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 57B5 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
truncated
/ Frame B645 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B645 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame B645 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
bql.php
lg3.media.net/ Frame B645 		15 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5521&&&vgd_l2type=sca&fp=MzA_eCVWy1eyoiNQ0FcmxukXzhqh1Z7Q0nctUTW1pMLMrbvSdl7-m0CiwU7wSSRk4VTjIe0GQeAvoy17D2jf0EfosUg_AjixtAqHKRXrAxYjqwo0-lMA9kORN1VCi0a4&cme=2XUgY8XkSFiPh1tI3hcRY-M8gi1Kl9HgD2lJhEaumM45ExOeFqVPTP9DNob9SqPfbDrswz9JXXRaQgIMfJLeSeGynDnP14EunoDMmQxRIPWL47KmmNFvmeGHWufi-ah_hxZT5A8WvWL1-PgUREBU7Cz_0omvCS1ZDazP11lTGqMaI484xP_1mAPEK-o8GowCChbUsCod-Gpjsdhrf71a2g%3D%3D%7C%7Cu8A6SM53vAdJjhazCSusZAnIl_9HqKRb%7CjyjVTouP1sOI3OR67jxweNSVYtHEv6HR%7Csj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U%7CeeuQL5oPz9zR5yXC_mdYbpa2a2-Y3gtKJGODKueDyv47WSgmloJYKFDWqAXAo4XkJqShDle39sB9kU9XGIboaZ4o4nJUj5B7RvpVtoWG8bqal4R1ktqXPku2vt5rEr1NMNhIzf_7I5A%3D%7Cxrl5Md8q4-_ojEqJ-ZPqEDISFRG5d2jVLVnwjxF6eDM%3D%7CfQvNHJb4Ruw5DkHKrJTkqBOuHXVvxmWL4KjamFeBk_ENSkCRwiw57vUpEfSJVKjPr-3U_cO-5l5i9jWZkgbYUvCggEkUf0fQot-ATHFY8wnNoyxDDoIFPhngHNqFhBOuVr-q-IAvwjttjJAdKtrqsAdZbl4dKIxS0aOj6Iwl4jByqieIynbEyop28epna1OFHNfz76nxTVgFeJAIRtjMHiWX0qlkJg6YqpS8WkLHf74%3D%7C&v=1&geo=-37.81%7C144.96&dlper=20&lper=100&lpid=&tsid=5&q=&prv=&type=&ps=&hint=&td=&cc=AU&wsip=170721328&bca=0&ugd=4&vgd_fcic=0&vgde_setid=Nfu&vgd_dnquo=01_9&ksu=224&fdkt=391&vgde_kbbh=fuoNWNY&kwd[]=Website+Maker+App&kwt[]=391&kbc[]=1224808752&kwp[]=1&kid[]=340189069&kbc2[]=1%3D0.82%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.97%7C10%3D4.76%7C60%3D0.83%7C63%3D0.33%7C66%3D1.24%7C12%3D0.36%7Cps%3D0.583%7C3%3D0.38%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Website+Maker+App&kwd[]=Best+Priced+Car+Insurance&kwt[]=391&kbc[]=1224808752&kwp[]=2&kid[]=48970281&kbc2[]=1%3D0.63%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.08%7C10%3D4.76%7C60%3D0.66%7C63%3D0.33%7C66%3D1.04%7C12%3D0.54%7Cps%3D0.583%7C3%3D0.40%7C4%3D5.00&ktd[]=274894815488&ktrkt[]=Best+Priced+Car+Insurance&kwd[]=Best+Stocks+to+Invest+in+2022&kwt[]=391&kbc[]=1224808752&kwp[]=3&kid[]=350575367&kbc2[]=1%3D0.65%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D1.70%7C10%3D4.76%7C60%3D0.65%7C63%3D0.33%7C66%3D1.04%7C12%3D0.60%7Cps%3D0.583%7C3%3D0.73%7C4%3D4.79&ktd[]=274894815488&ktrkt[]=Best+Stocks+to+Invest+in+2022&kwd[]=Best+Bank+for+a+Savings+Account&kwt[]=391&kbc[]=1224808752&kwp[]=4&kid[]=324879789&kbc2[]=pmb%3D1%7C1%3D0.50%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.74%7C10%3D4.76%7C60%3D0.42%7C63%3D0.33%7C66%3D1.04%7C12%3D0.72%7Cps%3D0.583%7C3%3D0.17%7C4%3D5.00&ktd[]=274911723776&ktrkt[]=Best+Bank+for+a+Savings+Account&kwd[]=Small+Kitchen+Designs&kwt[]=391&kbc[]=1224808752&kwp[]=5&kid[]=26322723&kbc2[]=pmb%3D1%7C1%3D0.16%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C62%3D0.98%7C10%3D4.76%7C60%3D0.06%7C63%3D0.33%7C66%3D1.00%7C12%3D0.28%7Cps%3D0.583%7C3%3D0.11%7C4%3D4.63&ktd[]=274911723776&ktrkt[]=Small+Kitchen+Designs&cid=8CUABW64L&vwid=1661238889571152418&vi=1661238889571152418&tdAdd[]=ib%3D0&vsid=3042404891537389&tdAdd[]=asnum%3D140952&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_cdv=782&vgd_l3_sc=VIC&vgd_chost=contextual.media.net&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_refdomain=bg3.co&vgd_katbid=-103&vgd_pdtid=1&vgd_implt=3&vgd_l2wsip=170721328&vgd_nrrv=96642&vgd_nrrmf=1c80a&vgd_nrrsf=scrr&vgd_cty=melbourne&vgd_go_pid=8PO15GP54&&tdAdd[]=%7C%40%7Cabp%3A1%3A2&vgd_ifrmode=11&vgd_l1rakh=1661238889188636014&sttm=1661238889668&upk=1661238890.15119&hvsid=00001661238889668017418153733328&verid=3111299&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&sbdrId=196&vgd_ecrid=1700080812610100250025000000500&vgd_isiolc=1&vgd_fcm_enc_mis=1&pid=8PO15GP54&&abpl=2&&kbbq=%26asn%3D140952&&vgd_vstrid=3042404891537389&vgde_bdata=QOfvzxjj~8xLjMjvX9~myJLEYv9.9u~eBMJ-Nv9.Wf~QYYMG8Ov9.9f~e8QMQOvXH9~ONfvu~QNOve8N~eM1QzvuH9iXf~ejfLMQOvf9ff9WfffA~8xLjMGvXhWAF.i~xLjM7UNv9~Q7Ov~j1Q7v~e8QMxLjMGv9.fu~8Evu_b76F~kGGv9~e8QMxLjMjvA9~L88Ex1vuuh%2Cuuh~J7vuH~LNvu~L8Qx8Ov9%2C9~LEQMQOvf9ff9Wffff~e8QMGvFWu.Wi~xLjMGv9.9f~xLjM7e8v9~QYYMBLvuW.AXWu~xLjMjvX9~yN17vou~GGvuiF~eev9~jfLMGvu999~JLEYv9.9u~GYvu~QYYMQOvf9ff9Wfffu~Q8OvXA9WuHXAWOhAJhGAkf1kf1WJfFJGAkNX~QOvu~x8Ov1gBH1O8D-QjJcmdQu~G7OvF9fuAifuWfWiuWiiAiAihAfAWWAihXhuhhAAiX9fAWfAfWiHhhHAhhhi9A9WXXHiuHhfihhAWfFhHHAf~OfEMjvF9~AENkvuX.ui~x8YvufiFH~OYYMQ7LyvzmMQ7L17Jy5~OfEMGv9.if~myOfEMGv9.WX~exLjMGv9.u~QQvIK~x8BviW~NJv9~LEQMGvuA.HA~exLjMjvX9~%3DVvfhfA~z7QvA~7Gvou~N7vYJjGmxLzJ~G1Q8QfvuiF~G1Q8QuvuiF~8QDJkv9~8exLjMGvi.Wu~8Q8kv9~jNvA~G8Ov9.9f~ONvW~ejfLMGv9.hu~8exLjMjvX9~QxEEj5M71yM8Ov~e8JB1G8j875v9.Wf~1YEvu~NGOEv9.9f9~OYYvzmMQ7L17Jy5~Qx8Ov%3DK4b4%3DlGlc%20%2Ff%2FmHtXzJ%3Dwed_z3~QOvu~O7Nv1E1NMQy~-8OvKrtoExGoHHWXfAiHfXifHhWh~O1jyvzmMQ7L17Jy5~w7Yjvu~1OGjUvfAFX9huH9i~QmGEv~N7Lv9.99uX9HuHXA~GOEN1EOv9~OYYMJLEYvk1jQJ~GkjLv9.9u9~myG8Ov9.9f9~1NM75EJvu~875EJM8Ovuh~QJjjJLM71yM8Ov~OJ7JN7JOM71yM8Ov~ONx7vu~OmyGv9ou~8GNvu~OO7vou~zQlvA~7yQvfX9-fX9%7CA99-fX9%7CAAF-fW9~GQGv9~GQEv9~7Y-vfXX&vgd_optout=0&vgd_cfud=220331&vgd_scsver=291&vgd_bhv_kbb=-1&vgd_go_ent=1&vgd_l2ch=0&vgd_rensize=250_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_dtc=apac_sg&vgd_mbr=1&vgd_l1rpth=%2Fnmedianet.js&vgd_pgids=1&&tdAdd[]=uiparams%3D%3Brend_w%3A250%3Brend_h%3A250&&vgd_uspa=0&vgd_sc=VIC&vgd_l1rhst=contextual.media.net&hvsid=00001661238889668017418153733328&subBdr=196&bdrid=313&rc=0&rand=1661238890313&acid=f57ce47be0e5436e8fe6c598a7f6aa57&matm=1661238890313&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&vgd_ltimesrc=1&vgd_ltime=1557&vgd_rtime=1550&vgd_etm=15&vgd_l1hcsd=A12%7C5535&vgd_l1ch=1&vgd_lhl=2989&vgd_pgid=p12085541629t202208230714&vgd_adprefflag=11&vgd_csip=rtb-common-istio-85cb58b4b7-s5jkb.SG&vgd_sbSup=1&vgd_nrrs=96642&vgd_cntrdt=SL%7CBODY%7CHTML&vgd_crefurl=https%3A%2F%2Fwww.bg3.co%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 23 Aug 2022 07:14:50 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=22003
content-length
15
pixel
googleads.g.doubleclick.net/xbbe/ Frame 198C 		624 B
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNWN5OpPYQfVFur9vEQwZiHGLFhI32tfWmG3YurwKEAF3gfr--hUWNqSw8I9QTWyXCJjTFgN-2XrhegFIvYEW01NCyUQ_A
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 9EC0 		80 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4L8zwRH89-SLyMD6knUba0-AxVhudUU5BwmYfCd_dDLSPOwhXY-mKmqqKrhKv2vdhVwWf9yYMtqmLkxW2eAzoEX7qfg&cry=1&dbm_d=AKAmf-DGz-LstyU9mTwwy068HpbZ-BGfmoh9rIiuCzsY3EXR0rMeTCJd9s3-PFWPwyiCEQjQw05oLyD_hKuoj3E1BGmiOA7zVxZ6KxWZXw4_68R7NHPryCmqt6PgCubniVuW2nnJo0RR7b9yZmYIhn4SIyCpGZNc59eNnnSzcYffClMcMict-ghWvUNJ6DyfsibRb60uPxSU08FFTguV7d9OMA9E2AlsUdQPZdVMSIvmLYcCxcxY4tLkAhbiQj1eTwL1uzBn8OdbLIqRXlgYWmCq60wILO2mozz0n3AeHVBjkOJ6Dy2z3sM4l0HWz-Ts75fjz2_ueS4G72EVuZrBtcNTzQBT6LXMoSNOglq_TrjMzkj27iu-8xa9gSTbeJClEQy1_GOyA4jfDJxGvyF_J7qE07yPd_VITnlzlK4Zwf38Y-OJzAFzZmGaaNYl_eBdMbhvQX_bOi6NVuKAsH42TCUJX_n9bD_-CYpEo_uP-DyzuwHtRwBqASwmaXcKwU9d0x33wLlKcr-eZD2c1fkcLQc6uSjLLBkKmpM3C7D-Z3FQinGwr-ZacPjq-_z9DHfaNDGNb9Pz2asRUMseKXGBUsa8gz_06NrTKHb80k4UWzltkhP6DbNzWieU2orNUr6GaOQ2Ixrco8-qznAqRqyt1jwULKV5zOtXYnxojheYlZnMsiRAHbRcEMgtXl12v3Qw4Qf78SFw01qOhNaoommP6rwPDIDk7MkUzx7MVR4HhPtbpKjDvPAiPO31iO4FUHWF_JD6WTfckokyzhbC0p8zNWvCaDWZK56QsknH4dcEBx_mO4r8M_h5pe8lInxRFflSD5g7HQa8OH_f4SW0pAQHLgXl90gOCgdJWfWANUIF6XnCni0jcBD56246WZXjdbLCTVjdTu5l-mnigezvD6K2nAvL6yA6s0zxkdCPCFCIZtTMKpS5Tsm9_yN3SqbmyQ1Bg1V4IOHZc-CgeCpAyeBEJP8UjtgBAYoi8-0EKw3o45AWZ-bHQLuXqE4_nrWFHgABD3hyxMjRHwLpN8-vL4lR05XzLVrdHK-oAt5j1TO3m2n3Py6Ewh4ak6S6InbiEFs-VoPYiKCxHwakvTMpShwOVkLzO4DWT2Vy2XjSM_HtzBZuVQSkT2UpoTATHbW-Ng7v63uPMuSoST2MRFBsEs2KDvDqyOcY_N_ihzbw7f2y3ztJ9e9iYWdC4TzTLY8Oi1i3kgM1FGRyqVGLNE487LJg9GnBgujnCQnw6h0QVCWkXmnJW7Apgc-4IIEhQ7NEQnPBqTfaprV9U1b2e64MwzrWCj1BbxYpdSjFLiO-DQ1XBnqfUH5cAHUvqzoptiBWlvj4Q2ackUGqUi4XgwtNt0S8q0eKCT7gxIJ-guk99rTRQM6hmW3BEJ9K8ntk25D1ufggbKcocWRkgPVaJDNkqz5j1nuljo3kNREscd455LXPrzd4BWUCzwxr5dFR0wArgLGizUnxP6Thj1_FR9fUMtyXwmm_g5vQqCiUCMOY-MP5sBkyOATI-GpaNq1tfR_f655HDl8s-MXkZpJ4k2mvR-s0GpFbryIDYIuh7MxwSdwTo_JNt-dNvKQrVZzC1nFVvjYYytkH9PK36D15Qw7AwC72Sa5Si1bQE_S-o4pW8e2IjGTfvs-qtxCFcsvW5Q2DpYT9zOmyOGkvpyyPM6JJeAJvGJiiLvwfbWinJsG7F_wCeyD8JSMCKrC1RaHOoiPVD3KBL07CsFHZ1LMtWSVeeqhGAEcOYcBpCrlbenrzEY7g-dxZbDPuaDFCkyuO4qVqblBPSpM21t5av54tb5Qdvq0HcknsF1Z8okGfQjD3MXqPUrWCj7_aBM7n2nJ_XE2tuT2llKevwxoYLtoryMeHj63WNpJl4QkISbLuvRS5Ot8uyzZIS_IVbAOWut0nVUzB9-83KWkvDVe3049UUFoopgWL1CG97292_iGPwdRvlTkjKEtYo37xq8SuuAwviZJNCzXRbnpVYBx901ctTz7pGZkhX5Q8lWu4v0vlmcFUDDhFT_pHtKURPaGllnGpKELSSdC63xnaBsDDrflOOZAZbuluqstVMNGnGVLVXQoJjZDaFkX9SkhNDCqYGjTxz0PwJB0sJx_6jeGIexMyNdwg5P9l9uZHSYSgLMjnYD5l85bHdG52QeuNePhQuN5rXer4__-Ldb6DXsrcay8ElgH7D3T_t9yeNR6PXx9QAwQnyri-n20eZxv1uwrFhN4DlU7J6wKr_BtK2Gz6js0XaoGe9KSJWo-sBJNPuR8_VsAwcQcYDK6Oo8DVY8R7dh5QWmbRttry0GbWartKJhWNLAyr887VHbm3Yg-WXwF0ODcbDkd3xrBV0EeWecmKbhgVNeDeCXYpHd9ie9wXk5KQWgaICFsN2SrSir7huWQOfSikbWnwF4zk67YQwc2AWMZTr2-ZChcK7LqpfjeM4PPLOHEm7b4st94EJtlLedQ6izaHRBhk_mDdArlx2QM5JQl7Xd9R-_8R2wcbs_qmmxcHWlycNvsK9LbSqjRNPCe8jtPg-JKT520QtUZtSf1sBrrGBMFVySMZVXYaILg8qD31bohAhEF_AHJs4TxMhw-TIArcwl6bUJQrF4YtdAwDDJOEYjXN31WJkW81xT0EHwhrnel1Rs439nWWTAlcjYRKNEJcw2u4Egit69Wxq79RPJAYYvZBVOaHh-fkGEEyVTc_a4FRgZtHwFY0C84y6UtuyQPqVnMWop9QMXTIGSx7-ZnSWlUGvsYWLLC4udGzQtsmx8wxjr8i1oDLGjLLXfTCnKp3r6kyO5HU0AY9VZkiUjonthx-wZg6Oomi2h-g-2uAGdQSqqTrb7bxIx3J1_7l9NeRor6XP40ECeQ2hbdDGmupQZbvrdtRsjH1WM7XOAp_OH7BunilAFZ0uHfhkgULbwdGoD2dCVaEvOJTLfdFaPCJJMPx_2pO9fxkijSJfNtwe0LGBaINbGoZDhN8Lf4SRm-32k6ZYUf-p1WON8vOC2X6hGfHMYehVhl_J656yScEf1C-ZEoEibG0DpbomILTPm3vH248hWQByIe0CvzhEvMrgZKGtd7IcbVDEw6HSTjSkh-0pcOChb3RgT1bBRgh6gfS2Sx8NphJkC3s7XsgMF_oSwYy8RZhlYdGsoRnNhZMdYbSgK_P9wda40Kj5cNf7yYRdxML3bvK0Stf-XU2oSdOzOWCNmC2IQJF9nLDX5qPdRka367dEkHBhpvWoa_Jpci6qEeTDdiulYpp1-jbeLPOaVHebqr0OUCFmC8EL7i7&cid=CAASJeRohzAj16LXcIXJg7IZR3mb_FXJ94TjROT9zaSEMSonghUsblA&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
e9f4c6b8a0babff8c615529d9d20414345c02fc2d16321119c65d6c13beffcad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34189
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9EC0 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DlS2P-_pHsm-x3e6kXo6wBYrttvw2d80D-yKSUG_mpufJIMPiyUEBfSpEohVqwuJs6S0Gd4R1nre0pHnnCJerh0owlLCN4pANcn6eHnp4FQK-ZyWU
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 9EC0 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:11:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9EC0 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 9EC0 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:07:28 GMT
l
www.google.com/ads/measurement/ Frame 9EC0 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR4CtM8A4FnPf04ZIkvSuWQ-Ba3iIGQxsvzwgrmoPZM0QBiP4U-kq7RgyO10XQodh2ThsmwsQzVsQyRlGw6wb3pBulfxQ
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7299 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXdh0YVaOcRxkccHWQoDoTrRF4GhA7Xv0CW5oEgujPoBxVFtDhjz1pulxBcl369pKFA4pwOPs30pPuvVl3Y-BPYN79CAA
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:50 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 857D 		80 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOFGrNspRZCuAirezyKLL9B_AOMkC4zwXbgHEuxi2ELlxZNOGbAaHALiYJ-X0tp00NdnWT0dN-vhZaW3BGGDUnnEFk9g&cry=1&dbm_d=AKAmf-AlvgYf_le1tk1PesaqWRV4QynFmkNNM1iAYDmQAUEU29geZeqU_UVQX9TK0OYSgiqTPVunMS6zaSEqL2mfcezr8pBuscG5Xygcn-9U0CrN52VAabsWOwXQI3VqettezszbA33eHHjaM3eF6rww3alIxzQ7bQrCl7g5mssKu__1WZvS-ojxs1amVpBUQpK_LXQH2emK2rSgRDXHj2TzCrDvWq2An4TPVWTVOtkWLOTuFv-4rsJZw7nWBEw7BG-FoMgRkMaHbJiPBxHj3gMYX-RU96DpK1y9U4Fac5IgLgcFPJ1_i7SyP9mLWO-g9EopO3WzwqjOwH_Ua9Fa0A-z_Rw_5fdkl0r5tyNW1eF_DqqqmiOK3bOtjZmVrHByXJmFE1gWMa_ql0R20_VAKBw_2wvyD06qS_EKRaUoM6n1FUMFizcb2lLkSey2-uA16q1zYBkR9rsCyGS4JfKbfFkmS5eIuIzSmzclLHZ0iW-GGfpyMbrIYOtQYyTKrTG1izB_7k5J5bGG2zrGoO8jT1WZDYol5316s0kfRifkfme9HcvEYP4fIfvwrsydGCs1IWcKj4uh57Z13M6nnGG8VfwIat0Gw9Fc4zLPaaE8j0Bp00wmmME20R5a1PdbWYPFPXBoqwVfMz7p-ZWtkz-0Fec_hKFZGiuW02q_DsmynVqps0z7m3jTASWRc0c7ndSkfDhZpiwYFxCDL4YNisKVrJQY1FDIUaofvtqyJ_Fs9kpklrn4e9Bh0jzsCCCb10CxYminXs-eq6Lby-er21PCWLsYX5No2PsRwUZor7P97HOqEXBqtCLYnzqOaE47FgN4p0PdGsWrowF3R7n6C32rioIv7o0nO6m16eX3Pp98DvBRTUoXQ65GVVYKWrZxxAnCcp9iWXuvbNtDqKz1d3eNCgbV55grIkkIbdOTvP91YOEQgsDKnJY4BrFdSbchFh8ysHUohHoFLpGo82t-_p9bdxXHYFiJm4VjF6Fjmc28go7IWtsRtRTicwYdmKXk_6LuHq9RQQl-IoPQhzmfnCWQzENgkcabFI9TQEpsz8_tqVEnFtHM_ifvGO-oKxkPmuiswmi5PmRnxl62A4vLAfqlej6tWXaMhPbGRWaE-fGk3x2qL2xPncqhMlUaq4anrbfem0Hm9xs3bcbeljCBHCW9DPkDo9LFKznaZt50tIcY2dhumF8DXr719jrCJDir3UhG6zQQN3tu3Y9Wb7QAd2ypJ-D72fYRiEksjR9d1QcnyzstaLbASq0absIbsIMQDnDAIEMW3_er35w-bIg-UlxdT7raeMIJpZuKAG5XZO8euR6V0I4QQ2hRRdiAq95PrMS1IhXOzOR95ch4oV3NhbWIEJUT5y974o79d4MICy0ZCALCj4Harim_FCYsbzEwFf2ALZoJd-kB8yVmAFm6M5Wym9YiRw00E4uVMEs9JxqjQ1bY3dA8dIcKyHmWT8ZxgmcmrhmTrvBGx0pmaxNHJoCrFJggHaUThYO2KR1q8tczN4fdkog5H1KJ_C2OimLtVxjz2Cwe-TiXD0sGavN1vxZFu7jd046B2jpLGhslvqvdVZ9QY3pwSYK-3bUYkFT8KKxghFoJx58vHZNzS_z3WBqa10mIfN-2QvIGYdpdPQMLZxK_NX4GA1wtQ4dw3_Meriaq8NmeHS9mvLfbU7urkaBcrKpckdXoprU2pbRl5KXK3J1kFEiWecNLXJF7ySIz6FLCQqIlM8kDFu8oMTdcwgfNKKSpIIueEocjEMijzPrMia_fEn3jHNet9leoMwxQD2rd0ETlIZhQUq09-ug9ktCy-z32-fL_yzNpUERPUDxOHugzHcYKsbHIZ_1KKcTEAn1rC1HRcGR4Cnl8r6AFsFxy4nyF8aPmE8MeyIEA221lkjcQFG6Cea1XYeMt8dTVyAN2bT2YoYfKB0CSYB3tO3ifhqOdtpzvFaYI5gkHT6dilYmZnqO85dM2SErS1Rq005JhnXpfWoo9kX9d8A3GPSs7EsEeJGZf7gdnVEHPzE6hDt4lWi8skHaiu70m5gldXI-EkWsqgnOdbn9wjpRX37d_pXSkpAHQg7-FrSX8hLcA95CNLbw_ELaAJ3FCE-t7_s3BcSKajudWHrdIEp1vqdvKMvfdfTnzxUUzffjt6z-fsGhUmTlswIV0z_yK4FMgZuaBzG4yeAXU58ENvCyhp5w3paYuvyS2ivMJBbZioU70_SosMlOPRCdiiFV0oQbuHQwVC9SMK2fA2TNwLMF7Tvny_1Uf0ZpjvR63esWKqoqlEqX8gaxre-lx9SujlQ0bnEvlt3Uq-DpCM3gqU-OMnzQve96_TjXjXHYSxQ3MgFN1sALUhP7HcOCbkQWyHPHNo-gcE9dbWOruTeyXS8kTPPhzv6zrHDy2L5xUOEi8F9WUgvqxV6bF6OZAkK_FX29IP3-pBwv1bMzrYITnrFa8xOBb8dFukhEA64AOGgA9YcRKGsNG7aRstZnFu7qc47hOgd-90AMmpNv6XKRxOrK_spgj36eVUC2H42f8tzK-A5eCgZPI0j-PWjoZNSJ0HlfIbvdNEaneSv47ZaPAkCWnqlambiePTqtjo5rcfCm31ameS6zZohNxZW0kq3_e5RipJKCXHZT6vlDZdt2pVsTnyzCE27lsH0_JzrPQq2C1v-BD3iAAdaSAp4KBhguqA9CWTMK43Bk4G9kCkjairICaNidqQQIa-k2pUQloleXWEHrh1_RrI_WSyoOcOXT3FDd4bnGq7SlKgZLIsuTtUF1SFKxlVkY01G8rxYptPgNkpdHIEFj4GulMdR16SO3A8RLgFp0sa2bS7TBuSpupaJsprZ6V5wiXndneIIzHg0Wsoeo8gbEujSpttqigejE3nSaERz5vuoPWHVRZyZoFm7DevLLOMF0xjuzU2GZbetymkDs-85ZctVhDqRjBG9jSLRUC5SurDS7LIHlTlmr4LKYXoDyuDnJ1AU_9c4MQ85s9dMsQrV9LkzBTem6LNQsaIkeoGdr6pXjQQNbil01jFl9Uotd-NXEDiQImUQZQnWqiaTSz9qDvcFIF9B96tD99p1_JT9feyRcYzBjcGhQ6Xpv4XBv8Hn6Y1Fpy54p3X8oajqSPYrp3OHpaBW8GRKyv2dXrIcvj0sb9bF7YcyCFQQfoG-UUUB2x1d7L0yk9yL3I7MtCCVciI8LiKkvfle7t_iy5Yvk0tYngor3JWpwS3s7fHRaFP7-wv-5RtdDUUkOiL4AtbpwvhZs4LI3Oxgw6rPtu463ApJRZsCcMk1U6&cid=CAASJeRo_-F1TIKRejXQbwHbQP4Ee1dJ39kRe1s1KYZddTRQAqL-EXM&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
cafe /
Resource Hash
41edef94fa9634d734710c9c94b675266e13e4c2fabd3495b5e346db18beea45
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34294
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 857D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C2qMOiN2hf0aAu4vDDJu0GfM2jCm7nlmgOqr1DHjlutRMbKU5I4LhmpZuawV5TUX-7K1pVhokB3QRDJjsSO3CvkWEXsmY0V6_mS8sfVmj9dVsJtCQ
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 857D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:11:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 857D 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 857D 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:07:28 GMT
l
www.google.com/ads/measurement/ Frame 857D 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqjSG4wNP5zto9jDuppZ8FZPE1aaBV_FFD5xfGtF5FLO8_tQ33j10LKNn5js_2nvWSmmNVs5jm9ySEXFFPbT0PWds7LQ
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame 714A 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f95.1e100.net
Software
ESF /
Resource Hash
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 23 Aug 2022 06:01:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 23 Aug 2022 07:14:50 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 Aug 2022 07:14:50 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 714A 		2 KB
902 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:17:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3439
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
875
x-xss-protection
0
server
cafe
etag
16974406330603315520
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 06:17:31 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 714A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=Cjx8MaX4EY4iMEfyvmsMPqZaFyAL-xJzja4SVu_q7ELHR_d8FEAEguoTAM2ClwKOApAGgAcC8rIMDyAEJqQKLKp72tqywPuACAKgDAcgDywSqBMYCT9CYTQr0XdHoEjPEz0WNflIIJ4fU-VCte5M-ATBTMVDSrdL7kh5x6E5Zkjh8waQnmkN4FfVpKmfc9aLX0uClW91DkdsrfDcqLNF2nRtn2jNtzvAlpglrqO3616VGEhPWCpXl_CqTLB8OtoB2dJfpFCFwU_7rhblmyjyCiH8pqYwqG-iTnEhGnvUODkIxtLN3gIjslGBF7xUmY7NH9JgEduCOD5LTLTzw1UczjnFYqows9-9VyUXaG7xlZKHMMSgWjvzpjEojEVWPHD6hSqsjer1Z_bSDg2CwSs7cfYjIy50EmEcn0U4RObQwALqqYsP46_1d0AcLGzh6pztYKDdvc9sPDvf49jWAvSATmDmdUYuAYVH126UgwQyEaUm8V-DgZ8kUiCKY96YApI5IfFx21L9a4FScpFf6IM0JyG0wk36VRqi6vI_ABLz39rqpBOAEAZIFBAgEGAGSBQQIBRgEoAYugAe-zM7CA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEELi4AtIIDwiAYRABGB0yAooCOgKAQPIIG2FkeC1zdWJzeW4tNTIzOTkzODIxMzg3MDM4MIAKA8gLAbgT5APYEwyIFAHQFQGAFwGyFx4KHAgAEhRwdWItODkzMzMyOTk5OTM5MTEwNBjKqx4&sigh=pdvSItqfrhA&uach_m=[UACH]&template_id=484
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f155.1e100.net
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/ Frame 714A 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/abg_lite_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:10:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9668
x-xss-protection
0
server
cafe
etag
3250940068065303693
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:10:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 714A 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/window_focus_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:11:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
220
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:11:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 714A 		140 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f156.1e100.net
Software
sffe /
Resource Hash
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44049
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1661168302676581"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:50 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/ Frame 714A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220818/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
cafe /
Resource Hash
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:07:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
442
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7599
x-xss-protection
0
server
cafe
etag
9215437806027971270
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 07:07:28 GMT
l
www.google.com/ads/measurement/ Frame 714A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRlTECQOsA08LIHm2ikxN_DjxkDPaCBpHXJFjHIZy9RxCdRrtMx3zOezX9zmLnradbFgYiJKhkLKjs2CvEtZ581f5r-iw
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
e3ca5db921b3b46420ba257a4c2f6b26.js
www.gstatic.com/mysidia/ Frame 714A 		33 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/e3ca5db921b3b46420ba257a4c2f6b26.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
sffe /
Resource Hash
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 00:09:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
457519
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13683
x-xss-protection
0
last-modified
Wed, 17 Aug 2022 22:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Wed, 16 Nov 2022 00:09:31 GMT
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
29 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
last-modified
Tue, 16 Aug 2022 07:20:45 GMT
server
nginx
etag
W/"62fb454d-15cfe"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 24 Aug 2022 07:14:50 GMT
2076313506083323656
tpc.googlesyndication.com/simgad/14120158420928142099/ Frame 714A 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/14120158420928142099/2076313506083323656
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
dab24ad7f0f2ec38bad3b0f961db6fe96dfd1fb14bd5cfb087cefa4f14f7ddf0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 06:29:55 GMT
x-content-type-options
nosniff
age
261895
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
64634
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 14:33:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 20 Aug 2023 06:29:55 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/15127223741224077781/ Frame 714A 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15127223741224077781/downsize_200k_v1?w=100&h=100
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
356e5440c3d82fdbddc94875bb41e29b276d2c362c0cc6a9d19125e0ae172eb5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 15:34:55 GMT
x-content-type-options
nosniff
age
315595
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9831
x-xss-protection
0
last-modified
Fri, 22 Jul 2022 14:30:50 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 19 Aug 2023 15:34:55 GMT
truncated
/ Frame 714A 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
rum
dsum-sec.casalemedia.com/ Frame 198C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNWN5OpPYQfVFur9vEQwZiHGLFhI32tfWmG3YurwKEAF3gfr--hUWNqSw8I9QTWyXCJjTFgN-2XrhegFIvYEW01NCyUQ_A
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dbe0bbf5a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCavBp6BK2YqKyUQVY%2FEOu%2FAUYdYzMkMjMxrjXm3IYrmG3JCcPZfN2nE9QvwQ5N%2BEp0CaddiE2DnkyEZTWma8xDPy39vbXCI3JawNR3eioSrvthL73G4Oe8MUQzUtSj5W3LBrTezKshdgQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 198C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YwR.ak-wLMs5-uM0uZ1hzwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1&google_hm=2
43 B
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNWN5OpPYQfVFur9vEQwZiHGLFhI32tfWmG3YurwKEAF3gfr--hUWNqSw8I9QTWyXCJjTFgN-2XrhegFIvYEW01NCyUQ_A
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dc12c0d5a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a7bKUnASxgHor494%2BysEVu40jfjvByGW4XaD%2FJ0E%2F2xWiTqvK5PGAfLdQIipg1INnFqPxk5BV1kcDnsju9uKOTOfl2omxaPWrIE1sxeFo5LC5CxAB0tn0R8iDjokiWnZh84BoU8tQAMBYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECNsZurVjPZsHgENiii5xnQ&google_cver=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 198C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEHi96LdExNyzFqR2hbJ3bf8&google_cver=1
43 B
1018 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEHi96LdExNyzFqR2hbJ3bf8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNWN5OpPYQfVFur9vEQwZiHGLFhI32tfWmG3YurwKEAF3gfr--hUWNqSw8I9QTWyXCJjTFgN-2XrhegFIvYEW01NCyUQ_A
Protocol
HTTP/1.1
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:51 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
25a51465-6d38-418e-8cc8-1f946106595c
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEHi96LdExNyzFqR2hbJ3bf8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 198C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMjgyMDA2ODczMDQ0MjY5Mw%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMjgyMDA2ODczMDQ0MjY5Mw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYl8WtcTAB&v=APEucNWN5OpPYQfVFur9vEQwZiHGLFhI32tfWmG3YurwKEAF3gfr--hUWNqSw8I9QTWyXCJjTFgN-2XrhegFIvYEW01NCyUQ_A
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:50 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d10ccd5f-09a8-4acf-a5c5-d9b212791992
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzIxMjgyMDA2ODczMDQ0MjY5Mw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3B05 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220818&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
59b02f3e1a3e944e2dadfec22abca321222873c1bb4deb7ffc3d39a7455f1794
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11119
x-xss-protection
0
sd
us-u.openx.net/w/1.0/ Frame 7299
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXdh0YVaOcRxkccHWQoDoTrRF4GhA7Xv0CW5oEgujPoBxVFtDhjz1pulxBcl369pKFA4pwOPs30pPuvVl3Y-BPYN79CAA
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7299
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTNiYTk5ZGUtODhhNS0yMTUyLWMzYmMtMTUwMTBkZDE0N2M0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTNiYTk5ZGUtODhhNS0yMTUyLWMzYmMtMTUwMTBkZDE0N2M0
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXdh0YVaOcRxkccHWQoDoTrRF4GhA7Xv0CW5oEgujPoBxVFtDhjz1pulxBcl369pKFA4pwOPs30pPuvVl3Y-BPYN79CAA
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTNiYTk5ZGUtODhhNS0yMTUyLWMzYmMtMTUwMTBkZDE0N2M0
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
um
sync.teads.tv/ Frame 7299
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEBWqZdEhLGXjsn_yxZXuFo8&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEBWqZdEhLGXjsn_yxZXuFo8&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXdh0YVaOcRxkccHWQoDoTrRF4GhA7Xv0CW5oEgujPoBxVFtDhjz1pulxBcl369pKFA4pwOPs30pPuvVl3Y-BPYN79CAA
Protocol
H2
Server
23.53.160.138 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-53-160-138.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.8 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
cache-control
max-age=0, no-cache, no-store
expires
Tue, 23 Aug 2022 07:14:51 GMT
server
akka-http/10.2.8
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEBWqZdEhLGXjsn_yxZXuFo8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 7299
Redirect Chain
  • https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDdhOWIwZjAtNjdiYy00MmZiLWE0MzAtMTZkOTQ1NWYxOGE5
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDdhOWIwZjAtNjdiYy00MmZiLWE0MzAtMTZkOTQ1NWYxOGE5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNCgQRCLx0IYisqtcTAB&v=APEucNXdh0YVaOcRxkccHWQoDoTrRF4GhA7Xv0CW5oEgujPoBxVFtDhjz1pulxBcl369pKFA4pwOPs30pPuvVl3Y-BPYN79CAA
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
akka-http/10.2.8
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MDdhOWIwZjAtNjdiYy00MmZiLWE0MzAtMTZkOTQ1NWYxOGE5
cache-control
max-age=0, no-cache, no-store
content-length
189
expires
Tue, 23 Aug 2022 07:14:51 GMT
generate_204
tpc.googlesyndication.com/ Frame 771F 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?hh7cKw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
generate_204
tpc.googlesyndication.com/ Frame 9E17 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?mD8XUw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9AE4 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6866
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:20:24 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:20:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame 57B5 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WiF7Eg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
log
hblg.media.net/ Frame 36FD 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?log=kfk&evtid=adplog&&lmt_enf=true&req_mtype%3C%3E=0&mx_nsz=3&spSource=0&ifst=0&vid=YwR-aAAE8VUEf4flOQ5-eQ&s_city=dallesport&ugd=4&bcat%3C%3E=1000031%23%231000030%23%2310130%23%231000024%23%231000037%23%231000036%23%231000004&exp=sfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Cclt%3D3%7CssProfile%3D0%7Cdbr%3D1%7Ctpi%3D1&app=0&ctr=0.0015041453&mx_TAF=3&device_id=4&ae=false&mx_UCC=1&prspt=headerBid&mx_bss_algos%3C%3E=0&usp_status=0&seat=BID_API&og_cbdp=0.020&size=250x250&mx_TAS=1&mx_gpid_sent=false&xtmax=290&commit_id=ba20ae08&scrid=1700080812610100250025000000500&itypeid=17&mx_SPRIG=0&viewability=82&renderer=1&be=0&rtime=15.0&adj0=0.0&tmax=300&s_ip=172.217.46.68&adj2=0.0&adj1=0.0&feedback_id=YwR-aAAE8VUEf4flOQ5-eQ&adtypes=0&mx_aabpc=0&reqid=YwR-aAAE8VUEf4flOQ5-eQ&sc=AU-VIC&sd=1&mowxReqId=f57ce47be0e5436e8fe6c598a7f6aa57_1&ifdp=0&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&bidrestime=1661238888440&pv_adtype=0&cc=AU&strg=NO_STRATEGY&pcrid=8CUABW64L-357234536-35-4&coppa_enf=true&bdp=0.020&ct=Melbourne&spIsReq=3&s=1&abs=0%7C0%7Cxtmax%3D290%7CNO_STRATEGY%7Cbrr%3D0&mx_epbc=8CUABW64L&dnt_enf=false&mx_ssBucket=0&vls=0&asn=140952&mang=1&fleet=common-istio&mx_isLossNtf=false&advUrl=https%3A%2F%2Ftopics.businessfocus.online&dn=bg3.co&dt=O&acid=f57ce47be0e5436e8fe6c598a7f6aa57&actltime=23&act=headerBid&iframingState=0&mx_lr_seg_deal=0&exclattr=32%7C34%7C70%7C13%7C14%7C15%7C16%7C48%7C17%7C114%7C18%7C19%7C20%7C22%7C25%7C26%7C27%7C30%7C95&dfpBd=0.02&sckfl=1&dmm_erpm=false&mx_lr=0&mview=1&smbrid=adx-1&bfs=103&rfc=-1&prvApiId=8CUABW64L&epcexp=false&pubid=pub-ADX-101418826937&mx_bsProfile=0&cid=8CU3SX34C&bcrid=1700080812610100250025000000500&omul=1.0&res_mtype=0&apPrfs%3C%3E=62%23%2313%23%2361&suid=CAESECzbzMqV2Vo4X5neChvjTnY&chnl=NO_STRATEGY&pst=0&reqsize=250x250&adpos=1&itype=ADX&mx_g_one_uid_sent=None&spCst=0&tgtval=pub-ADX-101418826937&__expireat=1661239488695&lmt_status=N&reftype=0&viewability_vendor=EXCHANGE&prvAccId=357234536&ckfl=0&lper=1&mx_tgs=250x250%7C300x250%7C336x280&cbdp=0.02&pvdTmax=255&ltime=22.0&epc=357234536&ctr_vendor=EXCHANGE&prvReqId=30745548317523_988179151_52982010413131&zip=3207&exid=31&spFst=0&mx_GCID=0&cliIPType=v4&pexid=ADX-pub-4485239425924787&ybnca_erpm=0.01&brsrclk=0&sbdrid=196&rtttime=27&apTags%3C%3E=75&mx_PC=1&wsip=mowx-istio-944d9d594-bpspb&currsrc_date=2022-08-22+00%3A00%3A00&psrc=fail&geoll=false&omid=0&debug_ts=2022-08-23+07%3A14%3A48&policy_enf=2&mx_ssProfile=0&mx_SC=0&reftime=0&pbidflr=0.010&spbf=0&currsrc=API&fpusp=false&lmt_applied=N&mnrfc=-1&pub_blk_enf=1&amptype=1&moau=true&ocurr=USD&snm=SUCCESS&mx_IAB2=0&usp_enf=1&bidflr=0.010&incentive_type=0&skadidfl=0&pid=8PR113JGC&spTo=3&pvid=313&schain_cmpl=1&is_ortb=false&mx_aurl_hc=0&ucrid_ver=2&mx_maq_call=false&mx_uid_sent=0&mx_sbp=-10.0&mnrf=0&slotVisibility=1&dbf=1&gdpr=0&gqid=AHfbET7BfFpXAWMHcCECxetnporv-3O4Ma8NLDbmPzT5QdI2VSl3ROyQIbQWuY2QxRWPTLWj&dmm_ogerpm=false&csip=rtb-common-istio-85cb58b4b7-s5jkb.SG&mx_bsBucket=0&mx_aurt=0&spIvt=3&ptype=23&media=0&acsn=1&dtc=apac_sg&mx_aqcpl_crid=4&ogbdp=0.02&tpbTkn=false&adblk=2365071409&fpuReq=0&vcmplrt=-1.0&crid=529820104&geo_source=2&sat=1&mnet_ckfl=0&opbidflr=0.010&impId=1&rme=adm&bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.82~smm_bid%3D0.02~vis_sd%3D540~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022082223~iurl_b%3D57836.9~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D117%2C117~et%3D14~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082222~vis_b%3D681.89~url_b%3D0.02~url_tvi%3D0~smm_wr%3D18.3581~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082221~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw4adiRxsleMojs1~btd%3D60213921828918993939732388397571773395023823289477437779030855491472977382674432~d2p_l%3D60~3pcf%3D15.19~uim%3D12964~dmm_strg%3Dno_strategy~d2p_b%3D0.92~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D13.43~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dmelbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D9.81~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.71~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESECzbzMqV2Vo4X5neChvjTnY%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0015041453%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&utime=1230&sf=0&cpr=0.7102790675433486&evttyp=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:50 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Tue, 23 Aug 2022 07:14:50 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 78AB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=1475966281438034&bg=!paalpuLNAAYUOm8VNDo7ACkAdvg8WtQAxzfDnYbAShVGoCzFuo-Wcl5M1jCRVVco4UvpbtLadj2DmAIAAACTUgAAAANoAQcKAM4QUnJXpzdiSdGDg1_iL6TPebqRPbpsD24AK428AWhSvEA8e8rI6LGPlscL5pEwnN0w0RvmnMjU3vY9UOp27VEAhZ6YFkB5sFa2tnIVzQZQ1j0y289s1K4OxsKWQCLHOb-F3Or65nEbEiebsG5yDuGNzd_Jv9gLurR606Lhq1orZW9wv8dVBYf0gYktFyq9w-em7OVg894ZdXVQGn-5WU0okMh_6k_8fEMpN5dNMFApHpyaZ0cmKTfKuLha3WFBgiV26476gJMc8En20rd8qJkCru6BpKVrUa3mrcPyZAFv4XYhN1ff27p9fu1g3uv5zk3ck4tStJ0jWFdjBwYxr065DkAiJ7ukdI1qke160WMplGjJv3u1lJbUHdAnE5s92IbhSiEsTJQ8jWq3cycGT9AbciOe6JiJaQpUFzC4e--tZWY7hinCBCKlfT_85oaA-6jBQz39YFlqIVpFe0bjjXKpoca98Eg9e_5_6gUQaUQ_00hdbx-NaL5JruFP9wVl3nclkIXQKSWz1jUtdbys0ga3vPzic9aCiji-x9KbLpMEBx8t0DUkpggUSwp9BNQW0sDzMB_qG45_07amDff2skn37bo5MpfYB7HmOX2i9hPHiqGmwQyd1IKvWcxUu3JZYvihSajURj0Jj9-hnCg-nsOjarWeJTDFI9DklvgMz_qb_TnKha2MY1WzLkxxPzFREQBMFVxQXdc9LXVbEu8KXa231M-QzVYEj7O2hg6ikDj0khd4lpd6K5vc5kE4WTre8PniLmw_zx4GcjSasMzNXi3ifcP52p0yH9qQYh_tVKXLNKlN_p0vL4TzuQIfEgqXZdW7d4ZyUvwGCD59qTacmEVLJ5xcpWuK0nCpPjl_7jKz-Opr8psF0RMm7CAs8pALcSNYxkvfKa3bbVHrP8dVz_nYxPa-qk3uUZ0_08a3v1ULhkWyhKCRHdT7ZmNrex-HX83R-PMgncNiOsnYgUjfOd08xv5HKmsQ-eFYis8N0tRPQy8lON6eRBI2VdH_BylBiormOz-wMt-V0YwpMf6zxUBFs2fv9gXuc_UoyNsg87Pp0ZoC06A1LIoWC306aP5NBZJBjas9EG5xEH7x9u52KZ7THBF_oo7n4AMRMdW1FU5ou9071Cnc34qmp5FKv5b7c0z5KKFUAvpgg0jjb4J4j989-jUSc8GOsCqyb7itufb_
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A4E5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022081701&jk=4121761813376924&bg=!hYalhsLNAAYUOm8VNDo7ACkAdvg8WnmIyg-ENxLWk01G1cZQaIFO1baIuwHUsZertiaO-5hKrI6quAIAAACeUgAAAANoAQcKAIchyXJd5E2eehGFd0pRAvA4BjFfxWNtDGQdsqvuGRg0cE6f9KXIX2PJ_S7tfXcRIA9NLDdDlO2N3wKhetObrNaKWpej8ICM57eI7TKI7b6DvCmgYJL6VHnWkClGNVgp82Hxnqg_mDqePl9BNRuoPQ92E64-AtXHX1hrBPTi08KUY1RUCnPVxc2ZArThvhShsTpoP6NDJgZ_jAWqlXQhPDrU_14L3q5I3WcymwuPzYdb2Ztg2e-sCiHiLovtNQzwVwci_-gVv8-veaF0Xz4Na6_qa8_cRq7Hus0XqouA1Tfsz8bDRqZbvayS7t8K8_UDPgz6e71OM3V_G9q96x2AH-wusv2Hd-N6BgeIC4y_qRORAO5t3CiSUiuAItp_4xPD2YKYleB4nQJfppvFucfXcmUJKhNhSUFh_N2WNjz1rLct036Dk5BcAfj9VTO71M96FL4XW6XL68_uXTAdZeaNpMsmNAgr1rtRq0IfP0BAZbE1J4fCqk0HGSGGocbwAx9DGZRv2ewPV4tw0HnaSmysGC1nmqCC3YUazNRWVQw5BXKuh9JaCik4vfWzY_iJm9d9T5CVqnwfTffKsBFDibMo9U0Eldxi_5QLS9bdaeCY8lG-zmOb0HorzGFJm3ayBWHC6wDUb_2qSW355Po_mGZKYwav8bdXzaWy5U7uP8KaxGKEKoaTzaLL7W9cOIlJ0JqdHHgbQhV6gtd92HDpOFP2oMrF2PM-xDWgnRBu4CC94FG58L2dtHycpz0fJY9Ng-GlPFTlW9SRKACc6t-M1Jm6W5_mpoqftDWhFmIzgIlXxXKtqEte9x_PMVAtk_oPx9_D7cEFz2QtZ8cXn4XQ1nk2li1vUkTvWNG18r_QIpeYWu_7NnNWtujyHiHr-pJCDhEsOyP87ruk9k2so8ykzL_Qzk4bgfCr858NRI9rybjMZSFi7kMAydLKnKrx_yI9PwKlYnrQd8GfhLxUFiMyU64_VnMqk6ZWQIDSJ-P__mgcoXurQO1S7Qj08pcrCm-RC6z_l7vuRr0mg7MAyxzW1XoiaDwP56WIy896nHJBDQPHRN7SYqQbmUOJ_nvYgk-XcWWBmbzE3ZtANbOZSOiYiy1Uuw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://cdn.aralego.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3B05 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202208160101/show_ads_impl_fy2021.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 23 Aug 2022 07:14:50 GMT
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGXOgEBDvk8gDslOKwFB3JE&google_cver=1&google_push=AehlK4AkSo_wIKzMVKZnIQam9vIBwKdgPSLWUx2hIKYa_AGJfyNKfaHrmnz5K8SCRj90obtegcNfNLG71Y6FWr0i...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AkSo_wIKzMVKZnIQam9vIBwKdgPSLWUx2hIKYa_AGJfyNKfaHrmnz5K8SCRj90obtegcNfNLG71Y6FWr0iNMAbMXQ8WrlY
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AkSo_wIKzMVKZnIQam9vIBwKdgPSLWUx2hIKYa_AGJfyNKfaHrmnz5K8SCRj90obtegcNfNLG71Y6FWr0iNMAbMXQ8WrlY
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 23 Aug 2022 07:14:51 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4AkSo_wIKzMVKZnIQam9vIBwKdgPSLWUx2hIKYa_AGJfyNKfaHrmnz5K8SCRj90obtegcNfNLG71Y6FWr0iNMAbMXQ8WrlY
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 Aug 2022 07:14:50 GMT
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEBgFHDU-f1CWvB8H2FkxRAg&google_cver=1&google_push=AehlK4Biox2NGGhKHN0FqrG6SrrK2EREMrCeQacpK4X7hFLCMiJWdvYnOVsfsMuQrZwN2Mt0lPjdd...
  • https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4Biox2NGGhKHN0FqrG6SrrK2EREMrCeQacpK4X7hFLCMiJWdvYnOVsfsMuQrZwN2Mt0lPjddUbPnc1ehSb_TBfNpOurrI-6
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4Biox2NGGhKHN0FqrG6SrrK2EREMrCeQacpK4X7hFLCMiJWdvYnOVsfsMuQrZwN2Mt0lPjddUbPnc1ehSb_TBfNpOurrI-6
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 07:14:50 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: F8BB4568CF17486E90D6F6E53E9000DD Ref B: MEL01EDGE1318 Ref C: 2022-08-23T07:14:51Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
location
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=AehlK4Biox2NGGhKHN0FqrG6SrrK2EREMrCeQacpK4X7hFLCMiJWdvYnOVsfsMuQrZwN2Mt0lPjddUbPnc1ehSb_TBfNpOurrI-6
x-li-proto
http/2
content-length
0
x-li-uuid
AAXm41H/sZAgl08sBuMX6w==
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_gid=CAESEIVGkeu_y2BzP-TMI4ax5f0&google...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_gid=CAESEIVGkeu_y2BzP-TMI4ax5f...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_hm=AfWs5k5jSpidks8ADsaW3o...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_hm=AfWs5k5jSpidks8ADsaW3oUR-cA
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
via
1.1 61726f6e6656624f90145ef79b7954ea.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4DY0mVD6ncmzcHqpGR8-SPQL2dLZRMTWILOoRFmboMZgjA95ko02iUzwi1df-bqg6xv5gkjufEu5MRZ2RdPrnMz0iOen60f&google_hm=AfWs5k5jSpidks8ADsaW3oUR-cA
cache-control
no-cache
content-length
0
x-amz-cf-id
SElRblVCubWlD-i_lc1ITzpgOI7h7p9OaWUWR6N-jhl-x5ecOdLX7Q==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://fksnk.com/cs/google?google_gid=CAESEFJX_DMrjBuLJxkADGx5M5Y&google_cver=1&google_push=AehlK4D6QZslKmcXylaCfuDcsaSsHM7e8wvqbPAvg-O6K-OeZZwRtOIovxx8JQbKOOm9oj8peST4ot09m-5a_J5Xsoufu9kaf2H0
  • https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0VFQzlFNDI4RDA0QkEyMw==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0VFQzlFNDI4RDA0QkEyMw==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=fiksu&google_hm=M0VFQzlFNDI4RDA0QkEyMw==
date
Tue, 23 Aug 2022 07:14:51 GMT
content-language
en-US
content-type
text/html;charset=ISO-8859-1
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEKWTUsiu_FgJAsJyH_9Q4Ig&google_cver=1&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjon...
  • https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEKWTUsiu_FgJAsJyH_9Q4Ig&google_cver=1&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFn...
  • https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw&google_hm=nl_CYA5bQXGn7aDb6R3STA==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw&google_hm=nl_CYA5bQXGn7aDb6R3STA==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw&google_hm=nl_CYA5bQXGn7aDb6R3STA==
Date
Tue, 23 Aug 2022 07:14:51 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://ds.uncn.jp/doubleclick/0/sync_push?google_gid=CAESEElWnNPZXxngR2fqu2-aTio&google_cver=1&google_push=AehlK4C2iIIpCyjH9D76XCAOCgNQfxwQk1-GFotXwele6lBAF30ORnwsETSnP7Q9rxcq7II2wTXS5od1o-BYzXkTh...
  • https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4C2iIIpCyjH9D76XCAOCgNQfxwQk1-GFotXwele6lBAF30ORnwsETSnP7Q9rxcq7II2wTXS5od1o-BYzXkThOjM0vzfKjzA&google_hm=AbbMLkMv1kW6uGNqJieoojE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4C2iIIpCyjH9D76XCAOCgNQfxwQk1-GFotXwele6lBAF30ORnwsETSnP7Q9rxcq7II2wTXS5od1o-BYzXkThOjM0vzfKjzA&google_hm=AbbMLkMv1kW6uGNqJieoojE
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=unicorn&google_push=AehlK4C2iIIpCyjH9D76XCAOCgNQfxwQk1-GFotXwele6lBAF30ORnwsETSnP7Q9rxcq7II2wTXS5od1o-BYzXkThOjM0vzfKjzA&google_hm=AbbMLkMv1kW6uGNqJieoojE
Date
Tue, 23 Aug 2022 07:14:51 GMT
Server
Apache
Connection
keep-alive
Content-Length
231
Content-Type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame 9AE4
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA&redir=https%3A%2F%2Fcm.g.double...
  • https://sync.targeting.unrulymedia.com/csync/RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4CIGWl4uWRDqpjZPaPYX...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA&google_hm=BGJSZBS8KUJ2v-_O_58colo
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA&google_hm=BGJSZBS8KUJ2v-_O_58colo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4CIGWl4uWRDqpjZPaPYX5KpKydVRyDMypQ3SOZw088vNBiw__5EakLoSL_oMwyOVNMhIQnyWoviB3QxIIO1Lu65aG0i3JA&google_hm=BGJSZBS8KUJ2v-_O_58colo
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX62526414bc294276bfefceff9f1ca25a004
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 9AE4 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IwKpO5eROezF3_B5mfgsjfA-jqr4zYle8R_E4tl9n0ZR5Af8ta7isD85uiHwJ_eOoD7GsA
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 9EC0 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Origin
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Aug 2022 08:23:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/elements/html/ Frame 9EC0 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4L8zwRH89-SLyMD6knUba0-AxVhudUU5BwmYfCd_dDLSPOwhXY-mKmqqKrhKv2vdhVwWf9yYMtqmLkxW2eAzoEX7qfg&cry=1&dbm_d=AKAmf-DGz-LstyU9mTwwy068HpbZ-BGfmoh9rIiuCzsY3EXR0rMeTCJd9s3-PFWPwyiCEQjQw05oLyD_hKuoj3E1BGmiOA7zVxZ6KxWZXw4_68R7NHPryCmqt6PgCubniVuW2nnJo0RR7b9yZmYIhn4SIyCpGZNc59eNnnSzcYffClMcMict-ghWvUNJ6DyfsibRb60uPxSU08FFTguV7d9OMA9E2AlsUdQPZdVMSIvmLYcCxcxY4tLkAhbiQj1eTwL1uzBn8OdbLIqRXlgYWmCq60wILO2mozz0n3AeHVBjkOJ6Dy2z3sM4l0HWz-Ts75fjz2_ueS4G72EVuZrBtcNTzQBT6LXMoSNOglq_TrjMzkj27iu-8xa9gSTbeJClEQy1_GOyA4jfDJxGvyF_J7qE07yPd_VITnlzlK4Zwf38Y-OJzAFzZmGaaNYl_eBdMbhvQX_bOi6NVuKAsH42TCUJX_n9bD_-CYpEo_uP-DyzuwHtRwBqASwmaXcKwU9d0x33wLlKcr-eZD2c1fkcLQc6uSjLLBkKmpM3C7D-Z3FQinGwr-ZacPjq-_z9DHfaNDGNb9Pz2asRUMseKXGBUsa8gz_06NrTKHb80k4UWzltkhP6DbNzWieU2orNUr6GaOQ2Ixrco8-qznAqRqyt1jwULKV5zOtXYnxojheYlZnMsiRAHbRcEMgtXl12v3Qw4Qf78SFw01qOhNaoommP6rwPDIDk7MkUzx7MVR4HhPtbpKjDvPAiPO31iO4FUHWF_JD6WTfckokyzhbC0p8zNWvCaDWZK56QsknH4dcEBx_mO4r8M_h5pe8lInxRFflSD5g7HQa8OH_f4SW0pAQHLgXl90gOCgdJWfWANUIF6XnCni0jcBD56246WZXjdbLCTVjdTu5l-mnigezvD6K2nAvL6yA6s0zxkdCPCFCIZtTMKpS5Tsm9_yN3SqbmyQ1Bg1V4IOHZc-CgeCpAyeBEJP8UjtgBAYoi8-0EKw3o45AWZ-bHQLuXqE4_nrWFHgABD3hyxMjRHwLpN8-vL4lR05XzLVrdHK-oAt5j1TO3m2n3Py6Ewh4ak6S6InbiEFs-VoPYiKCxHwakvTMpShwOVkLzO4DWT2Vy2XjSM_HtzBZuVQSkT2UpoTATHbW-Ng7v63uPMuSoST2MRFBsEs2KDvDqyOcY_N_ihzbw7f2y3ztJ9e9iYWdC4TzTLY8Oi1i3kgM1FGRyqVGLNE487LJg9GnBgujnCQnw6h0QVCWkXmnJW7Apgc-4IIEhQ7NEQnPBqTfaprV9U1b2e64MwzrWCj1BbxYpdSjFLiO-DQ1XBnqfUH5cAHUvqzoptiBWlvj4Q2ackUGqUi4XgwtNt0S8q0eKCT7gxIJ-guk99rTRQM6hmW3BEJ9K8ntk25D1ufggbKcocWRkgPVaJDNkqz5j1nuljo3kNREscd455LXPrzd4BWUCzwxr5dFR0wArgLGizUnxP6Thj1_FR9fUMtyXwmm_g5vQqCiUCMOY-MP5sBkyOATI-GpaNq1tfR_f655HDl8s-MXkZpJ4k2mvR-s0GpFbryIDYIuh7MxwSdwTo_JNt-dNvKQrVZzC1nFVvjYYytkH9PK36D15Qw7AwC72Sa5Si1bQE_S-o4pW8e2IjGTfvs-qtxCFcsvW5Q2DpYT9zOmyOGkvpyyPM6JJeAJvGJiiLvwfbWinJsG7F_wCeyD8JSMCKrC1RaHOoiPVD3KBL07CsFHZ1LMtWSVeeqhGAEcOYcBpCrlbenrzEY7g-dxZbDPuaDFCkyuO4qVqblBPSpM21t5av54tb5Qdvq0HcknsF1Z8okGfQjD3MXqPUrWCj7_aBM7n2nJ_XE2tuT2llKevwxoYLtoryMeHj63WNpJl4QkISbLuvRS5Ot8uyzZIS_IVbAOWut0nVUzB9-83KWkvDVe3049UUFoopgWL1CG97292_iGPwdRvlTkjKEtYo37xq8SuuAwviZJNCzXRbnpVYBx901ctTz7pGZkhX5Q8lWu4v0vlmcFUDDhFT_pHtKURPaGllnGpKELSSdC63xnaBsDDrflOOZAZbuluqstVMNGnGVLVXQoJjZDaFkX9SkhNDCqYGjTxz0PwJB0sJx_6jeGIexMyNdwg5P9l9uZHSYSgLMjnYD5l85bHdG52QeuNePhQuN5rXer4__-Ldb6DXsrcay8ElgH7D3T_t9yeNR6PXx9QAwQnyri-n20eZxv1uwrFhN4DlU7J6wKr_BtK2Gz6js0XaoGe9KSJWo-sBJNPuR8_VsAwcQcYDK6Oo8DVY8R7dh5QWmbRttry0GbWartKJhWNLAyr887VHbm3Yg-WXwF0ODcbDkd3xrBV0EeWecmKbhgVNeDeCXYpHd9ie9wXk5KQWgaICFsN2SrSir7huWQOfSikbWnwF4zk67YQwc2AWMZTr2-ZChcK7LqpfjeM4PPLOHEm7b4st94EJtlLedQ6izaHRBhk_mDdArlx2QM5JQl7Xd9R-_8R2wcbs_qmmxcHWlycNvsK9LbSqjRNPCe8jtPg-JKT520QtUZtSf1sBrrGBMFVySMZVXYaILg8qD31bohAhEF_AHJs4TxMhw-TIArcwl6bUJQrF4YtdAwDDJOEYjXN31WJkW81xT0EHwhrnel1Rs439nWWTAlcjYRKNEJcw2u4Egit69Wxq79RPJAYYvZBVOaHh-fkGEEyVTc_a4FRgZtHwFY0C84y6UtuyQPqVnMWop9QMXTIGSx7-ZnSWlUGvsYWLLC4udGzQtsmx8wxjr8i1oDLGjLLXfTCnKp3r6kyO5HU0AY9VZkiUjonthx-wZg6Oomi2h-g-2uAGdQSqqTrb7bxIx3J1_7l9NeRor6XP40ECeQ2hbdDGmupQZbvrdtRsjH1WM7XOAp_OH7BunilAFZ0uHfhkgULbwdGoD2dCVaEvOJTLfdFaPCJJMPx_2pO9fxkijSJfNtwe0LGBaINbGoZDhN8Lf4SRm-32k6ZYUf-p1WON8vOC2X6hGfHMYehVhl_J656yScEf1C-ZEoEibG0DpbomILTPm3vH248hWQByIe0CvzhEvMrgZKGtd7IcbVDEw6HSTjSkh-0pcOChb3RgT1bBRgh6gfS2Sx8NphJkC3s7XsgMF_oSwYy8RZhlYdGsoRnNhZMdYbSgK_P9wda40Kj5cNf7yYRdxML3bvK0Stf-XU2oSdOzOWCNmC2IQJF9nLDX5qPdRka367dEkHBhpvWoa_Jpci6qEeTDdiulYpp1-jbeLPOaVHebqr0OUCFmC8EL7i7&cid=CAASJeRohzAj16LXcIXJg7IZR3mb_FXJ94TjROT9zaSEMSonghUsblA&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 06:44:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/ Frame 9EC0 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D4L8zwRH89-SLyMD6knUba0-AxVhudUU5BwmYfCd_dDLSPOwhXY-mKmqqKrhKv2vdhVwWf9yYMtqmLkxW2eAzoEX7qfg&cry=1&dbm_d=AKAmf-DGz-LstyU9mTwwy068HpbZ-BGfmoh9rIiuCzsY3EXR0rMeTCJd9s3-PFWPwyiCEQjQw05oLyD_hKuoj3E1BGmiOA7zVxZ6KxWZXw4_68R7NHPryCmqt6PgCubniVuW2nnJo0RR7b9yZmYIhn4SIyCpGZNc59eNnnSzcYffClMcMict-ghWvUNJ6DyfsibRb60uPxSU08FFTguV7d9OMA9E2AlsUdQPZdVMSIvmLYcCxcxY4tLkAhbiQj1eTwL1uzBn8OdbLIqRXlgYWmCq60wILO2mozz0n3AeHVBjkOJ6Dy2z3sM4l0HWz-Ts75fjz2_ueS4G72EVuZrBtcNTzQBT6LXMoSNOglq_TrjMzkj27iu-8xa9gSTbeJClEQy1_GOyA4jfDJxGvyF_J7qE07yPd_VITnlzlK4Zwf38Y-OJzAFzZmGaaNYl_eBdMbhvQX_bOi6NVuKAsH42TCUJX_n9bD_-CYpEo_uP-DyzuwHtRwBqASwmaXcKwU9d0x33wLlKcr-eZD2c1fkcLQc6uSjLLBkKmpM3C7D-Z3FQinGwr-ZacPjq-_z9DHfaNDGNb9Pz2asRUMseKXGBUsa8gz_06NrTKHb80k4UWzltkhP6DbNzWieU2orNUr6GaOQ2Ixrco8-qznAqRqyt1jwULKV5zOtXYnxojheYlZnMsiRAHbRcEMgtXl12v3Qw4Qf78SFw01qOhNaoommP6rwPDIDk7MkUzx7MVR4HhPtbpKjDvPAiPO31iO4FUHWF_JD6WTfckokyzhbC0p8zNWvCaDWZK56QsknH4dcEBx_mO4r8M_h5pe8lInxRFflSD5g7HQa8OH_f4SW0pAQHLgXl90gOCgdJWfWANUIF6XnCni0jcBD56246WZXjdbLCTVjdTu5l-mnigezvD6K2nAvL6yA6s0zxkdCPCFCIZtTMKpS5Tsm9_yN3SqbmyQ1Bg1V4IOHZc-CgeCpAyeBEJP8UjtgBAYoi8-0EKw3o45AWZ-bHQLuXqE4_nrWFHgABD3hyxMjRHwLpN8-vL4lR05XzLVrdHK-oAt5j1TO3m2n3Py6Ewh4ak6S6InbiEFs-VoPYiKCxHwakvTMpShwOVkLzO4DWT2Vy2XjSM_HtzBZuVQSkT2UpoTATHbW-Ng7v63uPMuSoST2MRFBsEs2KDvDqyOcY_N_ihzbw7f2y3ztJ9e9iYWdC4TzTLY8Oi1i3kgM1FGRyqVGLNE487LJg9GnBgujnCQnw6h0QVCWkXmnJW7Apgc-4IIEhQ7NEQnPBqTfaprV9U1b2e64MwzrWCj1BbxYpdSjFLiO-DQ1XBnqfUH5cAHUvqzoptiBWlvj4Q2ackUGqUi4XgwtNt0S8q0eKCT7gxIJ-guk99rTRQM6hmW3BEJ9K8ntk25D1ufggbKcocWRkgPVaJDNkqz5j1nuljo3kNREscd455LXPrzd4BWUCzwxr5dFR0wArgLGizUnxP6Thj1_FR9fUMtyXwmm_g5vQqCiUCMOY-MP5sBkyOATI-GpaNq1tfR_f655HDl8s-MXkZpJ4k2mvR-s0GpFbryIDYIuh7MxwSdwTo_JNt-dNvKQrVZzC1nFVvjYYytkH9PK36D15Qw7AwC72Sa5Si1bQE_S-o4pW8e2IjGTfvs-qtxCFcsvW5Q2DpYT9zOmyOGkvpyyPM6JJeAJvGJiiLvwfbWinJsG7F_wCeyD8JSMCKrC1RaHOoiPVD3KBL07CsFHZ1LMtWSVeeqhGAEcOYcBpCrlbenrzEY7g-dxZbDPuaDFCkyuO4qVqblBPSpM21t5av54tb5Qdvq0HcknsF1Z8okGfQjD3MXqPUrWCj7_aBM7n2nJ_XE2tuT2llKevwxoYLtoryMeHj63WNpJl4QkISbLuvRS5Ot8uyzZIS_IVbAOWut0nVUzB9-83KWkvDVe3049UUFoopgWL1CG97292_iGPwdRvlTkjKEtYo37xq8SuuAwviZJNCzXRbnpVYBx901ctTz7pGZkhX5Q8lWu4v0vlmcFUDDhFT_pHtKURPaGllnGpKELSSdC63xnaBsDDrflOOZAZbuluqstVMNGnGVLVXQoJjZDaFkX9SkhNDCqYGjTxz0PwJB0sJx_6jeGIexMyNdwg5P9l9uZHSYSgLMjnYD5l85bHdG52QeuNePhQuN5rXer4__-Ldb6DXsrcay8ElgH7D3T_t9yeNR6PXx9QAwQnyri-n20eZxv1uwrFhN4DlU7J6wKr_BtK2Gz6js0XaoGe9KSJWo-sBJNPuR8_VsAwcQcYDK6Oo8DVY8R7dh5QWmbRttry0GbWartKJhWNLAyr887VHbm3Yg-WXwF0ODcbDkd3xrBV0EeWecmKbhgVNeDeCXYpHd9ie9wXk5KQWgaICFsN2SrSir7huWQOfSikbWnwF4zk67YQwc2AWMZTr2-ZChcK7LqpfjeM4PPLOHEm7b4st94EJtlLedQ6izaHRBhk_mDdArlx2QM5JQl7Xd9R-_8R2wcbs_qmmxcHWlycNvsK9LbSqjRNPCe8jtPg-JKT520QtUZtSf1sBrrGBMFVySMZVXYaILg8qD31bohAhEF_AHJs4TxMhw-TIArcwl6bUJQrF4YtdAwDDJOEYjXN31WJkW81xT0EHwhrnel1Rs439nWWTAlcjYRKNEJcw2u4Egit69Wxq79RPJAYYvZBVOaHh-fkGEEyVTc_a4FRgZtHwFY0C84y6UtuyQPqVnMWop9QMXTIGSx7-ZnSWlUGvsYWLLC4udGzQtsmx8wxjr8i1oDLGjLLXfTCnKp3r6kyO5HU0AY9VZkiUjonthx-wZg6Oomi2h-g-2uAGdQSqqTrb7bxIx3J1_7l9NeRor6XP40ECeQ2hbdDGmupQZbvrdtRsjH1WM7XOAp_OH7BunilAFZ0uHfhkgULbwdGoD2dCVaEvOJTLfdFaPCJJMPx_2pO9fxkijSJfNtwe0LGBaINbGoZDhN8Lf4SRm-32k6ZYUf-p1WON8vOC2X6hGfHMYehVhl_J656yScEf1C-ZEoEibG0DpbomILTPm3vH248hWQByIe0CvzhEvMrgZKGtd7IcbVDEw6HSTjSkh-0pcOChb3RgT1bBRgh6gfS2Sx8NphJkC3s7XsgMF_oSwYy8RZhlYdGsoRnNhZMdYbSgK_P9wda40Kj5cNf7yYRdxML3bvK0Stf-XU2oSdOzOWCNmC2IQJF9nLDX5qPdRka367dEkHBhpvWoa_Jpci6qEeTDdiulYpp1-jbeLPOaVHebqr0OUCFmC8EL7i7&cid=CAASJeRohzAj16LXcIXJg7IZR3mb_FXJ94TjROT9zaSEMSonghUsblA&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 06:45:47 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 857D 		106 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Origin
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 08:23:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
82257
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 23 Aug 2022 08:23:54 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/elements/html/ Frame 857D 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOFGrNspRZCuAirezyKLL9B_AOMkC4zwXbgHEuxi2ELlxZNOGbAaHALiYJ-X0tp00NdnWT0dN-vhZaW3BGGDUnnEFk9g&cry=1&dbm_d=AKAmf-AlvgYf_le1tk1PesaqWRV4QynFmkNNM1iAYDmQAUEU29geZeqU_UVQX9TK0OYSgiqTPVunMS6zaSEqL2mfcezr8pBuscG5Xygcn-9U0CrN52VAabsWOwXQI3VqettezszbA33eHHjaM3eF6rww3alIxzQ7bQrCl7g5mssKu__1WZvS-ojxs1amVpBUQpK_LXQH2emK2rSgRDXHj2TzCrDvWq2An4TPVWTVOtkWLOTuFv-4rsJZw7nWBEw7BG-FoMgRkMaHbJiPBxHj3gMYX-RU96DpK1y9U4Fac5IgLgcFPJ1_i7SyP9mLWO-g9EopO3WzwqjOwH_Ua9Fa0A-z_Rw_5fdkl0r5tyNW1eF_DqqqmiOK3bOtjZmVrHByXJmFE1gWMa_ql0R20_VAKBw_2wvyD06qS_EKRaUoM6n1FUMFizcb2lLkSey2-uA16q1zYBkR9rsCyGS4JfKbfFkmS5eIuIzSmzclLHZ0iW-GGfpyMbrIYOtQYyTKrTG1izB_7k5J5bGG2zrGoO8jT1WZDYol5316s0kfRifkfme9HcvEYP4fIfvwrsydGCs1IWcKj4uh57Z13M6nnGG8VfwIat0Gw9Fc4zLPaaE8j0Bp00wmmME20R5a1PdbWYPFPXBoqwVfMz7p-ZWtkz-0Fec_hKFZGiuW02q_DsmynVqps0z7m3jTASWRc0c7ndSkfDhZpiwYFxCDL4YNisKVrJQY1FDIUaofvtqyJ_Fs9kpklrn4e9Bh0jzsCCCb10CxYminXs-eq6Lby-er21PCWLsYX5No2PsRwUZor7P97HOqEXBqtCLYnzqOaE47FgN4p0PdGsWrowF3R7n6C32rioIv7o0nO6m16eX3Pp98DvBRTUoXQ65GVVYKWrZxxAnCcp9iWXuvbNtDqKz1d3eNCgbV55grIkkIbdOTvP91YOEQgsDKnJY4BrFdSbchFh8ysHUohHoFLpGo82t-_p9bdxXHYFiJm4VjF6Fjmc28go7IWtsRtRTicwYdmKXk_6LuHq9RQQl-IoPQhzmfnCWQzENgkcabFI9TQEpsz8_tqVEnFtHM_ifvGO-oKxkPmuiswmi5PmRnxl62A4vLAfqlej6tWXaMhPbGRWaE-fGk3x2qL2xPncqhMlUaq4anrbfem0Hm9xs3bcbeljCBHCW9DPkDo9LFKznaZt50tIcY2dhumF8DXr719jrCJDir3UhG6zQQN3tu3Y9Wb7QAd2ypJ-D72fYRiEksjR9d1QcnyzstaLbASq0absIbsIMQDnDAIEMW3_er35w-bIg-UlxdT7raeMIJpZuKAG5XZO8euR6V0I4QQ2hRRdiAq95PrMS1IhXOzOR95ch4oV3NhbWIEJUT5y974o79d4MICy0ZCALCj4Harim_FCYsbzEwFf2ALZoJd-kB8yVmAFm6M5Wym9YiRw00E4uVMEs9JxqjQ1bY3dA8dIcKyHmWT8ZxgmcmrhmTrvBGx0pmaxNHJoCrFJggHaUThYO2KR1q8tczN4fdkog5H1KJ_C2OimLtVxjz2Cwe-TiXD0sGavN1vxZFu7jd046B2jpLGhslvqvdVZ9QY3pwSYK-3bUYkFT8KKxghFoJx58vHZNzS_z3WBqa10mIfN-2QvIGYdpdPQMLZxK_NX4GA1wtQ4dw3_Meriaq8NmeHS9mvLfbU7urkaBcrKpckdXoprU2pbRl5KXK3J1kFEiWecNLXJF7ySIz6FLCQqIlM8kDFu8oMTdcwgfNKKSpIIueEocjEMijzPrMia_fEn3jHNet9leoMwxQD2rd0ETlIZhQUq09-ug9ktCy-z32-fL_yzNpUERPUDxOHugzHcYKsbHIZ_1KKcTEAn1rC1HRcGR4Cnl8r6AFsFxy4nyF8aPmE8MeyIEA221lkjcQFG6Cea1XYeMt8dTVyAN2bT2YoYfKB0CSYB3tO3ifhqOdtpzvFaYI5gkHT6dilYmZnqO85dM2SErS1Rq005JhnXpfWoo9kX9d8A3GPSs7EsEeJGZf7gdnVEHPzE6hDt4lWi8skHaiu70m5gldXI-EkWsqgnOdbn9wjpRX37d_pXSkpAHQg7-FrSX8hLcA95CNLbw_ELaAJ3FCE-t7_s3BcSKajudWHrdIEp1vqdvKMvfdfTnzxUUzffjt6z-fsGhUmTlswIV0z_yK4FMgZuaBzG4yeAXU58ENvCyhp5w3paYuvyS2ivMJBbZioU70_SosMlOPRCdiiFV0oQbuHQwVC9SMK2fA2TNwLMF7Tvny_1Uf0ZpjvR63esWKqoqlEqX8gaxre-lx9SujlQ0bnEvlt3Uq-DpCM3gqU-OMnzQve96_TjXjXHYSxQ3MgFN1sALUhP7HcOCbkQWyHPHNo-gcE9dbWOruTeyXS8kTPPhzv6zrHDy2L5xUOEi8F9WUgvqxV6bF6OZAkK_FX29IP3-pBwv1bMzrYITnrFa8xOBb8dFukhEA64AOGgA9YcRKGsNG7aRstZnFu7qc47hOgd-90AMmpNv6XKRxOrK_spgj36eVUC2H42f8tzK-A5eCgZPI0j-PWjoZNSJ0HlfIbvdNEaneSv47ZaPAkCWnqlambiePTqtjo5rcfCm31ameS6zZohNxZW0kq3_e5RipJKCXHZT6vlDZdt2pVsTnyzCE27lsH0_JzrPQq2C1v-BD3iAAdaSAp4KBhguqA9CWTMK43Bk4G9kCkjairICaNidqQQIa-k2pUQloleXWEHrh1_RrI_WSyoOcOXT3FDd4bnGq7SlKgZLIsuTtUF1SFKxlVkY01G8rxYptPgNkpdHIEFj4GulMdR16SO3A8RLgFp0sa2bS7TBuSpupaJsprZ6V5wiXndneIIzHg0Wsoeo8gbEujSpttqigejE3nSaERz5vuoPWHVRZyZoFm7DevLLOMF0xjuzU2GZbetymkDs-85ZctVhDqRjBG9jSLRUC5SurDS7LIHlTlmr4LKYXoDyuDnJ1AU_9c4MQ85s9dMsQrV9LkzBTem6LNQsaIkeoGdr6pXjQQNbil01jFl9Uotd-NXEDiQImUQZQnWqiaTSz9qDvcFIF9B96tD99p1_JT9feyRcYzBjcGhQ6Xpv4XBv8Hn6Y1Fpy54p3X8oajqSPYrp3OHpaBW8GRKyv2dXrIcvj0sb9bF7YcyCFQQfoG-UUUB2x1d7L0yk9yL3I7MtCCVciI8LiKkvfle7t_iy5Yvk0tYngor3JWpwS3s7fHRaFP7-wv-5RtdDUUkOiL4AtbpwvhZs4LI3Oxgw6rPtu463ApJRZsCcMk1U6&cid=CAASJeRo_-F1TIKRejXQbwHbQP4Ee1dJ39kRe1s1KYZddTRQAqL-EXM&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:44:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3181
x-xss-protection
0
server
cafe
etag
18418590997839133011
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 06:44:14 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/ Frame 857D 		30 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220818/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BOFGrNspRZCuAirezyKLL9B_AOMkC4zwXbgHEuxi2ELlxZNOGbAaHALiYJ-X0tp00NdnWT0dN-vhZaW3BGGDUnnEFk9g&cry=1&dbm_d=AKAmf-AlvgYf_le1tk1PesaqWRV4QynFmkNNM1iAYDmQAUEU29geZeqU_UVQX9TK0OYSgiqTPVunMS6zaSEqL2mfcezr8pBuscG5Xygcn-9U0CrN52VAabsWOwXQI3VqettezszbA33eHHjaM3eF6rww3alIxzQ7bQrCl7g5mssKu__1WZvS-ojxs1amVpBUQpK_LXQH2emK2rSgRDXHj2TzCrDvWq2An4TPVWTVOtkWLOTuFv-4rsJZw7nWBEw7BG-FoMgRkMaHbJiPBxHj3gMYX-RU96DpK1y9U4Fac5IgLgcFPJ1_i7SyP9mLWO-g9EopO3WzwqjOwH_Ua9Fa0A-z_Rw_5fdkl0r5tyNW1eF_DqqqmiOK3bOtjZmVrHByXJmFE1gWMa_ql0R20_VAKBw_2wvyD06qS_EKRaUoM6n1FUMFizcb2lLkSey2-uA16q1zYBkR9rsCyGS4JfKbfFkmS5eIuIzSmzclLHZ0iW-GGfpyMbrIYOtQYyTKrTG1izB_7k5J5bGG2zrGoO8jT1WZDYol5316s0kfRifkfme9HcvEYP4fIfvwrsydGCs1IWcKj4uh57Z13M6nnGG8VfwIat0Gw9Fc4zLPaaE8j0Bp00wmmME20R5a1PdbWYPFPXBoqwVfMz7p-ZWtkz-0Fec_hKFZGiuW02q_DsmynVqps0z7m3jTASWRc0c7ndSkfDhZpiwYFxCDL4YNisKVrJQY1FDIUaofvtqyJ_Fs9kpklrn4e9Bh0jzsCCCb10CxYminXs-eq6Lby-er21PCWLsYX5No2PsRwUZor7P97HOqEXBqtCLYnzqOaE47FgN4p0PdGsWrowF3R7n6C32rioIv7o0nO6m16eX3Pp98DvBRTUoXQ65GVVYKWrZxxAnCcp9iWXuvbNtDqKz1d3eNCgbV55grIkkIbdOTvP91YOEQgsDKnJY4BrFdSbchFh8ysHUohHoFLpGo82t-_p9bdxXHYFiJm4VjF6Fjmc28go7IWtsRtRTicwYdmKXk_6LuHq9RQQl-IoPQhzmfnCWQzENgkcabFI9TQEpsz8_tqVEnFtHM_ifvGO-oKxkPmuiswmi5PmRnxl62A4vLAfqlej6tWXaMhPbGRWaE-fGk3x2qL2xPncqhMlUaq4anrbfem0Hm9xs3bcbeljCBHCW9DPkDo9LFKznaZt50tIcY2dhumF8DXr719jrCJDir3UhG6zQQN3tu3Y9Wb7QAd2ypJ-D72fYRiEksjR9d1QcnyzstaLbASq0absIbsIMQDnDAIEMW3_er35w-bIg-UlxdT7raeMIJpZuKAG5XZO8euR6V0I4QQ2hRRdiAq95PrMS1IhXOzOR95ch4oV3NhbWIEJUT5y974o79d4MICy0ZCALCj4Harim_FCYsbzEwFf2ALZoJd-kB8yVmAFm6M5Wym9YiRw00E4uVMEs9JxqjQ1bY3dA8dIcKyHmWT8ZxgmcmrhmTrvBGx0pmaxNHJoCrFJggHaUThYO2KR1q8tczN4fdkog5H1KJ_C2OimLtVxjz2Cwe-TiXD0sGavN1vxZFu7jd046B2jpLGhslvqvdVZ9QY3pwSYK-3bUYkFT8KKxghFoJx58vHZNzS_z3WBqa10mIfN-2QvIGYdpdPQMLZxK_NX4GA1wtQ4dw3_Meriaq8NmeHS9mvLfbU7urkaBcrKpckdXoprU2pbRl5KXK3J1kFEiWecNLXJF7ySIz6FLCQqIlM8kDFu8oMTdcwgfNKKSpIIueEocjEMijzPrMia_fEn3jHNet9leoMwxQD2rd0ETlIZhQUq09-ug9ktCy-z32-fL_yzNpUERPUDxOHugzHcYKsbHIZ_1KKcTEAn1rC1HRcGR4Cnl8r6AFsFxy4nyF8aPmE8MeyIEA221lkjcQFG6Cea1XYeMt8dTVyAN2bT2YoYfKB0CSYB3tO3ifhqOdtpzvFaYI5gkHT6dilYmZnqO85dM2SErS1Rq005JhnXpfWoo9kX9d8A3GPSs7EsEeJGZf7gdnVEHPzE6hDt4lWi8skHaiu70m5gldXI-EkWsqgnOdbn9wjpRX37d_pXSkpAHQg7-FrSX8hLcA95CNLbw_ELaAJ3FCE-t7_s3BcSKajudWHrdIEp1vqdvKMvfdfTnzxUUzffjt6z-fsGhUmTlswIV0z_yK4FMgZuaBzG4yeAXU58ENvCyhp5w3paYuvyS2ivMJBbZioU70_SosMlOPRCdiiFV0oQbuHQwVC9SMK2fA2TNwLMF7Tvny_1Uf0ZpjvR63esWKqoqlEqX8gaxre-lx9SujlQ0bnEvlt3Uq-DpCM3gqU-OMnzQve96_TjXjXHYSxQ3MgFN1sALUhP7HcOCbkQWyHPHNo-gcE9dbWOruTeyXS8kTPPhzv6zrHDy2L5xUOEi8F9WUgvqxV6bF6OZAkK_FX29IP3-pBwv1bMzrYITnrFa8xOBb8dFukhEA64AOGgA9YcRKGsNG7aRstZnFu7qc47hOgd-90AMmpNv6XKRxOrK_spgj36eVUC2H42f8tzK-A5eCgZPI0j-PWjoZNSJ0HlfIbvdNEaneSv47ZaPAkCWnqlambiePTqtjo5rcfCm31ameS6zZohNxZW0kq3_e5RipJKCXHZT6vlDZdt2pVsTnyzCE27lsH0_JzrPQq2C1v-BD3iAAdaSAp4KBhguqA9CWTMK43Bk4G9kCkjairICaNidqQQIa-k2pUQloleXWEHrh1_RrI_WSyoOcOXT3FDd4bnGq7SlKgZLIsuTtUF1SFKxlVkY01G8rxYptPgNkpdHIEFj4GulMdR16SO3A8RLgFp0sa2bS7TBuSpupaJsprZ6V5wiXndneIIzHg0Wsoeo8gbEujSpttqigejE3nSaERz5vuoPWHVRZyZoFm7DevLLOMF0xjuzU2GZbetymkDs-85ZctVhDqRjBG9jSLRUC5SurDS7LIHlTlmr4LKYXoDyuDnJ1AU_9c4MQ85s9dMsQrV9LkzBTem6LNQsaIkeoGdr6pXjQQNbil01jFl9Uotd-NXEDiQImUQZQnWqiaTSz9qDvcFIF9B96tD99p1_JT9feyRcYzBjcGhQ6Xpv4XBv8Hn6Y1Fpy54p3X8oajqSPYrp3OHpaBW8GRKyv2dXrIcvj0sb9bF7YcyCFQQfoG-UUUB2x1d7L0yk9yL3I7MtCCVciI8LiKkvfle7t_iy5Yvk0tYngor3JWpwS3s7fHRaFP7-wv-5RtdDUUkOiL4AtbpwvhZs4LI3Oxgw6rPtu463ApJRZsCcMk1U6&cid=CAASJeRo_-F1TIKRejXQbwHbQP4Ee1dJ39kRe1s1KYZddTRQAqL-EXM&rfl=1%2Chttps%253A%252F%252Fwww.bg3.co%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 06:45:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1744
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11819
x-xss-protection
0
server
cafe
etag
10563440404697844360
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 06 Sep 2022 06:45:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 7763 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
197822
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sun, 21 Aug 2022 00:17:49 GMT
expires
Mon, 21 Aug 2023 00:17:49 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame A364 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f106.1e100.net
Software
GSE /
Resource Hash
d2ecf750217bed740415330478fa8c8278bae82c2f500d3cd6a4c45f6877cc61
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uZ07Jei_SBF26vK3FfSlqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-uZ07Jei_SBF26vK3FfSlqQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:51 GMT
expires
Tue, 23 Aug 2022 07:14:51 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
truncated
/ Frame 714A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8ddca9487cebf74aa09048c0dc3e192ec4ea3ec8ad2f79fbae6a9eff115718eb

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 714A 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 04:31:17 GMT
x-content-type-options
nosniff
age
96214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 04:31:17 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 714A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 01:49:40 GMT
x-content-type-options
nosniff
age
105911
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 22 Aug 2023 01:49:40 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 714A 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 11:13:09 GMT
x-content-type-options
nosniff
age
244902
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 20 Aug 2023 11:13:09 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 3C65 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 9EC0 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 15:07:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9178 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:20:24 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:20:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 9EC0 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7dffce0c0a5a77fbc36790ce9c159d8f7055e31b4ebe918c7eb03b2675a9b88d

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 857D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 15:07:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490020
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Aug 2023 15:07:51 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 9322 		1 KB
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
6867
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 05:20:24 GMT
etag
48472445140208031
expires
Wed, 24 Aug 2022 05:20:24 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 857D 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc116dea3dafaf456fdd9396d5c296fe954650fc6d4b7412716dd05d9d79a8d4

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame A364 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220818&jk=3874194803782175&rc=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 7763 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
bqi.php
lg3.media.net/ Frame 36FD 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=3281&lf=3&&vgd_hb_audit_1=8CU3SX34C&vgd_hb_audit_2=529820104&vgd_l2type=sca&pid=8PO15GP54&katbid=-103&katen=1&cme=2XUgY8XkSFiPh1tI3hcRY-M8gi1Kl9HgD2lJhEaumM45ExOeFqVPTP9DNob9SqPfbDrswz9JXXRaQgIMfJLeSeGynDnP14EunoDMmQxRIPWL47KmmNFvmeGHWufi-ah_hxZT5A8WvWL1-PgUREBU7Cz_0omvCS1ZDazP11lTGqMaI484xP_1mAPEK-o8GowCChbUsCod-Gpjsdhrf71a2g==||u8A6SM53vAdJjhazCSusZAnIl_9HqKRb|jyjVTouP1sOI3OR67jxweNSVYtHEv6HR|sj1-8fOEyOCcYyjx9FAvxCCsJeAEyD3U|eeuQL5oPz9zR5yXC_mdYbpa2a2-Y3gtKJGODKueDyv47WSgmloJYKFDWqAXAo4XkJqShDle39sB9kU9XGIboaZ4o4nJUj5B7RvpVtoWG8bqal4R1ktqXPku2vt5rEr1NMNhIzf_7I5A=|xrl5Md8q4-_ojEqJ-ZPqEDISFRG5d2jVLVnwjxF6eDM=|fQvNHJb4Ruw5DkHKrJTkqBOuHXVvxmWL4KjamFeBk_ENSkCRwiw57vUpEfSJVKjPr-3U_cO-5l5i9jWZkgbYUvCggEkUf0fQot-ATHFY8wnNoyxDDoIFPhngHNqFhBOuVr-q-IAvwjttjJAdKtrqsAdZbl4dKIxS0aOj6Iwl4jByqieIynbEyop28epna1OFHNfz76nxTVgFeJAIRtjMHiWX0qlkJg6YqpS8WkLHf74=|&gdpr=0&prid=8PRVCXX19&cid=8CUABW64L&crid=357234536&requrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&vi=1661238889571152418&ugd=4&cc=AU&sc=VIC&bdrid=313&subBdr=196&vgd_kwrf=https%3A%2F%2Fwww.bg3.co&startTime=1661238889659&l2type=sca&vgd_l1rakh=1661238889188636014&l1ch=1&cref=https%3A%2F%2Fwww.bg3.co%2F&sttm=1661238889668&upk=1661238890.15119&hvsid=00001661238889668017418153733328&acid=f57ce47be0e5436e8fe6c598a7f6aa57&verid=3111299&vgd_bdata=sd2%3Dnull~iurl_l%3D50~ogerpm%3D0.01~vw_exc%3D0.82~smm_bid%3D0.02~vis_sd%3D540~dc2%3D1~scd%3Dvic~v_asn%3D140952~vl2r_sd%3D2022082223~iurl_b%3D57836.9~url_tkc%3D0~std%3D~last%3D~vis_url_b%3D0.21~ip%3D1TStJ6~fbb%3D0~vis_url_l%3D30~riipua%3D117%2C117~et%3D14~rc%3D1~risuid%3D0%2C0~rps_sd%3D2022082222~vis_b%3D681.89~url_b%3D0.02~url_tvi%3D0~smm_wr%3D18.3581~url_l%3D50~gcat%3D-1~bb%3D196~vv%3D0~l2r_b%3D1000~erpm%3D0.01~bm%3D1~smm_sd%3D2022082221~sid%3D530814538d73e7b3f2af2a8e26eb3fc5~sd%3D1~uid%3DaQw4adiRxsleMojs1~btd%3D60213921828918993939732388397571773395023823289477437779030855491472977382674432~d2p_l%3D60~3pcf%3D15.19~uim%3D12964~dmm_strg%3Dno_strategy~d2p_b%3D0.92~ogd2p_b%3D0.85~vurl_b%3D0.1~ss%3DNA~uiw%3D98~ce%3D0~rps_b%3D13.43~vurl_l%3D50~CI%3D2723~nts%3D3~tb%3D-1~ct%3Dmelbourne~basis2%3D196~basis1%3D196~isRef%3D0~ivurl_b%3D9.81~isif%3D0~lc%3D3~bid%3D0.02~dc%3D8~vl2r_b%3D0.71~ivurl_l%3D50~supply_tag_id%3D%7Eviewability%3D0.82%7Eamp%3D1%7Ecbdp%3D0.020%7Edmm%3Dno_strategy%7Esuid%3DCAESECzbzMqV2Vo4X5neChvjTnY%7Esd%3D1%7Edtc%3Dapac_sg%7Exid%3DADX-pub-4485239425924787%7Edalg%3Dno_strategy%7Ehtml%3D1%7Eadblk%3D2365071409%7Esobp%3D%7Ectr%3D0.0015041453%7Ebdpcapd%3D0%7Edmm_erpm%3Dfalse%7Ebflr%3D0.010%7Eogbid%3D0.020%7Eac_type%3D1%7Eitype_id%3D17%7Eseller_tag_id%3D%7Edetected_tag_id%3D%7Edcut%3D1%7Edogb%3D0-1~ibc%3D1~ddt%3D-1~nsz%3D3~tgs%3D250x250%7C300x250%7C336x280~bsb%3D0~bsp%3D0~tmx%3D255&matchstring=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_matchstr=hr%3D0%7Cbcat%3D11%2C47%2Ch%2Cgo%2Ci2%7Ccsh%3D1&vgd_sc=VIC&infr=1&twna=1&stime=1661238888779&vgd_ecrid=1700080812610100250025000000500&l1hcsd=l1!A12|5535&vgd_l1rhst=contextual.media.net&vgd_uspa=0&vgd_isiolc=1&pvl=%7B%22dtc%22%3A%22apac_sg%22%2C%22mbr%22%3A1%2C%22l1rpth%22%3A%22%2Fnmedianet.js%22%2C%22pgids%22%3A1%7D&vgd_fcm_enc_mis=1&l2ch=0&vgd_pgid=p12085541629t202208230714&vgd_pgids=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.252.26 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-36-252-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=21600
server
Apache
date
Tue, 23 Aug 2022 07:14:51 GMT
ntcoent-length
15
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
max-age=20087
content-length
15
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 65D2 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
587958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 11:55:33 GMT
expires
Wed, 16 Aug 2023 11:55:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 6DC9 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
age
587958
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 16 Aug 2022 11:55:33 GMT
expires
Wed, 16 Aug 2023 11:55:33 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 24D6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=3030552095383672&bg=!iIuli8_NAAYUOm8VNDo7ACkAdvg8Wh2pPBywnExHwWsulXNbLwlfIKK0kJC55xN58EVPY7RZApPwOgIAAAE1UgAAAANoAQeZAtkXeexVLwZ9aZP3E5wWkwMc8H_fe1epeMiYgHQzUsTWZxFUdhCAa5FdFEqvwWLUbkZWzqv8RHX7Ifn-IcumWkt8ZSX91mqj3RTKzzXQfwg7cAr3--Dst3DBr-xVU-CU_cvsD7HBfqc7mD4Vf3j8E6m5n9ZbeZG3EB36ulmF54bdCJu5zP5nhcfG2zePJPeYeq-iRhsqWs0mt3R0UtMplrLVPIvQAxZpvfi836YwpvK-cqQPqsr4_tBavm9eMQ8ZC-6lcZ60rdbLsJzKxYDd_gaoAfQMiKb7o6w9Hxha5Dh6NZzzpgZgxU09Ip88aI3JAirjUVG1CDCgfOX4HnC9xGKgu_736tqtEUEw6tUfmJ2reh8WHzhQZGqsK0kHnprMwAP5gqVXn65wXDUEEt40-69L0ofUYrUMqSAaWgSc7PPRFALZTibaeSAgYZiI2pLJkFz3Psx_bsMa91WusDqI0SuaNPJWi7t_w2WIYLx_n1gF05n2Ke6jPKdhKBoltR-tyBShx3ptbNSWCawQwlqp73rahhdgHzezRlepnfutZHEOyO-PF-0s_Kl-zBdFpDLq72_oS4XmNgkWV5bWu_wdBAPKPHRLzuWd2Zgr_bC4IXOMp4aBaj-_dl_6qG9i7or23mSeiS05j0N1TGH4verRf6DyPIDzXIHBZAMNil7BG_5dEcxz4Z9yBxzJUmKiaKF_5tHw21r4z4YHa1yfK7HpT5C4RTYEa2K9BQtRWn8ISpiJFvINDVMkJ2kapzAMhmYOU1GwMuMBhd1VYXQbwaYUux4jDE7-oYum_GOwjpYd79C459s03Cyck5vMGGKl0gUWL99S-fn5xwqXnTeyCpM895rZ8_mXhQZYz3ukG42YfJ1_RSwEjKaPzqfBFo7Rg5phn_HIVx5quGv1CLo1aJPHvsWLVIvviAeXagggu4aLq4oVspl5WXA9NVuOgwjVWNvNt84igXgFKLm1xe4
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame A872 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=3031117260853865&bg=!6-il6KzNAAYUOm8VNDo7ACkAdvg8WmPDKohNUxmQbhJfYcigq83EObNdkXsjK2_iCYNA6uOfyFgIUgIAAAEsUgAAAANoAQeZAvRylfm_Nk8lISJl2CdPB0WrEyTtTAee1Gi7cHII3oex7lwlpkrsTseAQWdzEtdvwcXvnXCwcTyDt1vtKS9ZNPcOKCSXf6M9MuGdNoo9C-J_kj6PBroUysEzSQTAMUTflLDKExEmKDesiqRztnjRSiGfA4N-biluUcOtpFPQZa4R3CQCbvvaktQTETAd3swUMyEw6x84EPonW7_8-A5YR9pPB9St4TATf2t-A8VZUnfIvPWMSwRPT_2wKxZDWNPNEu2todxoqPEsyzG5rT_SYCK6xyDuBKPeakeqJfVYFgLAW-qRWPbIKPGdMCPzbztVqrDOHSxqoc1TWO9spVUT_-zFQoiKheglo5Nmz4oZ2K0VKTVAWWWJwFWu_p68jgu-2Jao_YIev9sfPkePzBNm3jRLClYvfnLF8iwcGzmZqSnZyLg0SyvNZMwbAo7hF7qgLBWZfsWHzvVCek-c0TOr__-TwyLxnvdOKh6fk24pxRzUGfwlwF3lvne2gGmZ-tcS0uHTvmINCwoN3Ibm2ai8kKekL6JEUp0wpCF4vaNTdoenGskY36ztYphqbMwijWH4PfVbbXRICbU2zqP1D5x64aHotKkT-COyjZV7fm0LQT0aGoUjrYJlJtaGBss-dfAsbggwN3As6_cdcAi5C8ABmD9jmToO9PGslVAcrHdGNl7hzZBS9_DkBuWENQvxFzBSe_o-SFImZYXqFTTw7bx3oIz4FONhLOrh4yTDfhXqi_N9f-IrMueJPx89wvQNASfBAQGL2u6JiZqZzOWO8klWPxmwwjaK8yY4fhKhL3qZxfie7Q1fZkMIFgVqtag03oxmckooAkAQxwQxaZxBvTf2yOQahgdWjBmHjbbEs4NuIWTm2gEfbc31rLd3cv16G6mwFcOLVuxYapk7HVq-T949KMd6fPr6bJoeFOWvyFLlkESZOYRQeKelezDAeGaGIivpxNFKxvjOOPFpFBFJElomNRHVfVKbzbo8tesXUWh0z9x7G7NMBmM
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://adx.holmesmind.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ Frame 3EC6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=2336590716747131&bg=!VValVhLNAAYUOm8VNDo7ACkAdvg8Wo0Z3gBSQcrXLKg46oo1c94yQiNS_brlEvXSTI4Ds_LfjsDOmQIAAAEjUgAAAANoAQcKAASZNj71mQKqsuNMzk9Cy9GugiMXAuTl0TLGO3X7AdZVK8YeJYFD9v5AqrbBPFHumFfWfvnuf0Mp110ALfBrrko2rLSv36R5J917HKbIRO4QWGY_LiLSdpuNJJ4ON58q0FNBwU2Gz5vAJhUAqUcT7uzoJD8_kZg4t_mTkQa6rX-Mdw7NxKLVCfvdYWy6kFtAF-oVerKAaZAPS_dEdqT1zV8b2DtigCF0IE7OkEeZXf51avq6SpaPYt22r40m2GTutTSQDD-TBZchm7ctpneIKhDzdFPbskbfNSsHZ-9N4d2Zs2f-EcGUhH_Mb12OE3HUSzWzPxS4nqwrPD238P3DyRMwuWw_MLASh9tMvaV5tqGFmDV2au0tW-rMfOUR-58xQ-NHf2P1yY_E903R-c8CayQnkdP86hWcyVxLtJTbhMZWW41IXR4tTfCQlwAvt_hvmNXbed45LHo2FxoIQalriGflDBbTPrd-IyXZN8AT7rmm60ICVk1v8zQOsO3O_j0kU4qyO1e3mUCpgXUzk8h7i3rcO619G4lcWQCW5fwOLZxuVFH330MOArXwd6gCTv-g07Jak3eVnFCsWe1YSE00K2lyy09GJ-7VJjo1mbZoL3Sqp8XjRNUFpksp2VUgcZVECs3cOaVz5cQZwAjPnC3DuFvq0UWSH8shI7y9oqGZYgKJYO9ful5DrlJOEsUPyWVPj6AyXYkuxhbfbqcowbFxohviGpl4WqWCnugRLZ8oaky2goHUthAaZ0Hq4jb6w_tntI6Nr412i6-KcNFOPvLZmJvygNaq5qvmxmmz-Kv1Ln0VkVzSFgA4CY42nvK8ys9YcZ-xWGA6Axew8d41DOvj9Y_hvxTJu8EtWmwwR6M0bj7Cwg3SyD6DqfiutIMTS2D63bK2qFzYNcobRGsPTyxLmK3PUw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 9178
Redirect Chain
  • https://ad.turn.com/r/cs?pid=3&google_gid=CAESEPSciNVoi5uw8jwYy0nvU50&google_cver=1&google_push=AehlK4DGotKmnZLBMtW2ueTTgBRWHhr86v3dBjdV_ckjh1U9twWcwREGSOWHevb98VBixDm_70d4_CP_F8JWOPdDyTQ0_0RZVxeK0A
  • https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=ODg5OTc1ODc2ODQ5NTY4MjA1Ng==&gdpr=&gdpr_consent=
  • https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSciNVoi5uw8jwYy0nvU50&google_cver=1
43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSciNVoi5uw8jwYy0nvU50&google_cver=1
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
50.116.239.135 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software
/
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type
image/gif
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEPSciNVoi5uw8jwYy0nvU50&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9178
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGXOgEBDvk8gDslOKwFB3JE&google_cver=1&google_push=AehlK4DcjaPqTyuM9YOkJiW4MPYY6ff1XApqcMyfoYD_8PZqPEBoOLiL9-5fu1PckZW18xRBgMjJ6jsDJxysB5tp...
  • https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DcjaPqTyuM9YOkJiW4MPYY6ff1XApqcMyfoYD_8PZqPEBoOLiL9-5fu1PckZW18xRBgMjJ6jsDJxysB5tphy63qQOqYnOv
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DcjaPqTyuM9YOkJiW4MPYY6ff1XApqcMyfoYD_8PZqPEBoOLiL9-5fu1PckZW18xRBgMjJ6jsDJxysB5tphy63qQOqYnOv
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Tue, 23 Aug 2022 07:14:51 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x12 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AehlK4DcjaPqTyuM9YOkJiW4MPYY6ff1XApqcMyfoYD_8PZqPEBoOLiL9-5fu1PckZW18xRBgMjJ6jsDJxysB5tphy63qQOqYnOv
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 Aug 2022 07:14:50 GMT
i.match
s.tribalfusion.com/z/ Frame 9178
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b6&u=CAESEJZnfkC9jS4N6ZYZa0qMg20&google_cver=1&google_push=AehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G&...
  • https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJZnfkC9jS4N6ZYZa0qMg20&google_cver=1&google_push=AehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1...
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJZnfkC9jS4N6ZYZa0qMg20&google_cver=1&google_push=AehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73f20dc27cff3776-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
2302
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73f20dc0b9f13776-MEL
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEJZnfkC9jS4N6ZYZa0qMg20&google_cver=1&google_push=AehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAehlK4Dek3y9wNm0MZPSqa0kIetyAzZTWWQtvRl5KJu2GVVs5HU1FEY1r19SdqNlkTJ2ksnE5cCc6gz83A4OOwrqaWU7I8SZhf1G%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control
no-cache, private
content-type
text/html
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9178
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4BkjL8L8rl1NlPuvmlIaMnPWdWjQBHbFz41-3ekV13wkohn4BOTbI...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4BkjL8L8rl1NlPuvmlIaMnPWdWjQBHbFz41-3ekV13wkohn4BOTbIO-ODgF4rRMWCe5nZJbgc762PdaOkPTvrcQhGdDsR7Ssg
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1661238892.682545,VS0,VE244
x-served-by
cache-bne12529-BNE
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4BkjL8L8rl1NlPuvmlIaMnPWdWjQBHbFz41-3ekV13wkohn4BOTbIO-ODgF4rRMWCe5nZJbgc762PdaOkPTvrcQhGdDsR7Ssg
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 9178
Redirect Chain
  • https://match.adsrvr.org/track/cmf/google?google_gid=CAESEAxGeehB6oUGABex5q7mlBw&google_cver=1&google_push=AehlK4CdXG_CLhauvssnfT5AHZKlvpruQ_zOJ9mK7pWXIp21871tpEx4sgcfww366GsQo3-3IUKmDX6l_WdF2DhnYA...
  • https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_hm=MjRkZTg3NTUtMWZkNS00OTk1LTg0ZGUtMTBjMzE2ZWJjOTBh&google_push&gdpr=0&gdpr_consent=&ttd_tdid=24de8755-1fd5-4995-84de-10c316ebc90a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
423
pixel
cm.g.doubleclick.net/ Frame 9178
Redirect Chain
  • https://cs.r-ad.ne.jp/2/cs?google_gid=CAESEO2k01kQB5wTw4fetZC9dOg&google_cver=1&google_push=AehlK4DjC5nZBV98SwWuVk-0kVFcFCCC9w4m-Zz-yi_h1TCzi1fpeyCe-H1OSOuKOgf5E-8z8Xd7wo-vGU-GwU67blK3v_fyovFVlQ
  • https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DjC5nZBV98SwWuVk-0kVFcFCCC9w4m-Zz-yi_h1TCzi1fpeyCe-H1OSOuKOgf5E-8z8Xd7wo-vGU-GwU67blK3v_fyovFVlQ&google_hm=NTA3N0VxMDBlQkRHYTAwN...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DjC5nZBV98SwWuVk-0kVFcFCCC9w4m-Zz-yi_h1TCzi1fpeyCe-H1OSOuKOgf5E-8z8Xd7wo-vGU-GwU67blK3v_fyovFVlQ&google_hm=NTA3N0VxMDBlQkRHYTAwN0F5Q2M
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-store, no-cache
Date
Tue, 23 Aug 2022 07:14:52 GMT
Server
nginx
P3P
CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
location
//cm.g.doubleclick.net/pixel?google_nid=rcrt&google_push=AehlK4DjC5nZBV98SwWuVk-0kVFcFCCC9w4m-Zz-yi_h1TCzi1fpeyCe-H1OSOuKOgf5E-8z8Xd7wo-vGU-GwU67blK3v_fyovFVlQ&google_hm=NTA3N0VxMDBlQkRHYTAwN0F5Q2M
cache-control
private, no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
0
X-SID
159f32b0
pixel
cm.g.doubleclick.net/ Frame 9178
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEFX0V-b-WBHPMqdjESNFEAY&google_cver=1&google_push=AehlK4A2Jl5CsjxrILJ68U3VpKzoIpPPzYIrTi88RGc6fZnroKrwZ_Q_qOE6UaMJe8MugCJ9kdX7j7XL_ebN1oO...
  • https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Fh6Ioex8QBlHokQAI89N2mfR_k0&google_push=AehlK4A2Jl5CsjxrILJ68U3VpKzoIpPPzYIrTi88RGc6fZnroKrwZ_Q_qOE6UaMJe8MugCJ9kdX7j7XL_ebN1o...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Fh6Ioex8QBlHokQAI89N2mfR_k0&google_push=AehlK4A2Jl5CsjxrILJ68U3VpKzoIpPPzYIrTi88RGc6fZnroKrwZ_Q_qOE6UaMJe8MugCJ9kdX7j7XL_ebN1oOgVELh7WQgst4JKA
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=Fh6Ioex8QBlHokQAI89N2mfR_k0&google_push=AehlK4A2Jl5CsjxrILJ68U3VpKzoIpPPzYIrTi88RGc6fZnroKrwZ_Q_qOE6UaMJe8MugCJ9kdX7j7XL_ebN1oOgVELh7WQgst4JKA
Date
Tue, 23 Aug 2022 07:14:52 GMT
Connection
keep-alive
Content-Length
244
Content-Type
text/html; charset=utf-8
attr
cm.g.doubleclick.net/pixel/ Frame 9178 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JepzgNVUhB62s3k7TO-fu3BbixnmHCOU7G7BJtyycIsOo1RrA_NHytQwn2WE-WutJsfe-q
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
/
google2waycm.netmng.com/cm/ Frame 9322 		0
0
pixel
cm.g.doubleclick.net/ Frame 9322
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
  • https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4CAJqzRSNI8xsG0yX5htRAu8JASUhPXKbYukym-egAuHHsauFyLTd...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4CAJqzRSNI8xsG0yX5htRAu8JASUhPXKbYukym-egAuHHsauFyLTdznG45UqLfR33Dgy30vf0fJjyTOBw7iND1W7yO7HqFvVDeFqkQsnnAiF92ayyOO-x4PMgOGpGvdV9m4EMWkDQU
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1661238892.682596,VS0,VE244
x-served-by
cache-bne12529-BNE
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESECyaQQOFVVqRs4KkyPEBj1Y&google_push=AehlK4CAJqzRSNI8xsG0yX5htRAu8JASUhPXKbYukym-egAuHHsauFyLTdznG45UqLfR33Dgy30vf0fJjyTOBw7iND1W7yO7HqFvVDeFqkQsnnAiF92ayyOO-x4PMgOGpGvdV9m4EMWkDQU
cache-control
no-cache
accept-ranges
bytes
access-control-allow-origin
*
content-length
0
x-cache-hits
0
pixel
cm.g.doubleclick.net/ Frame 9322
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEOB8ErzluWUaj7BdVudUIn0&google_cver=1&google_push=AehlK4B_478u7PPSXKoqzX9Sl900Pthu8T-LsVMW6UaNAHB9tnVnlDS0yRfn-RTgU-4fByt9EJH7WD_...
  • https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B_478u7PPSXKoqzX9Sl900Pthu8T-LsVMW6UaNAHB9tnVnlDS0yRfn-RTgU-4fByt9EJH7WD_t_UlOjn1PIV9SJ9M7j0ccnAzL83qtGMvRtdmG-gHep-G2PKPi...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B_478u7PPSXKoqzX9Sl900Pthu8T-LsVMW6UaNAHB9tnVnlDS0yRfn-RTgU-4fByt9EJH7WD_t_UlOjn1PIV9SJ9M7j0ccnAzL83qtGMvRtdmG-gHep-G2PKPiE3fDzl6ugqL71A&google_hm=FltEgARNR9yWWsJVfYd75U0
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
via
1.1 google
server
Apache-Coyote/1.1
status
302
p3p
CP="NOI DSP COR NID CUR OUR NOR"
location
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AehlK4B_478u7PPSXKoqzX9Sl900Pthu8T-LsVMW6UaNAHB9tnVnlDS0yRfn-RTgU-4fByt9EJH7WD_t_UlOjn1PIV9SJ9M7j0ccnAzL83qtGMvRtdmG-gHep-G2PKPiE3fDzl6ugqL71A&google_hm=FltEgARNR9yWWsJVfYd75U0
cache-control
no-cache, must-revalidate
content-type
text/html;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 9322
Redirect Chain
  • https://cr-p1.ladsp.com/cookiesender/1?google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQtDHQ&goo...
  • https://cr-p1.ladsp.com/cookiesender/1?cr=true&google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQ...
  • https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2Plx...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQtDHQ&google_hm=Ab9mphfIXJK_ks8ADsWuCeMFxsA
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
via
1.1 61726f6e6656624f90145ef79b7954ea.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://cm.g.doubleclick.net/pixel?google_nid=sonet&google_push=AehlK4AzybGtcYmZRQeUHK55niZQ9Hn6ehP1kgFODRj4BN7zyjtLomkknqLq8hjG_gTuE-Bnt6-6IkpTz5UeQ_OBytYLHQjegFNnSgyFYvOYZdSBlZxktickNDEghrTPR2PlxHq-wQtDHQ&google_hm=Ab9mphfIXJK_ks8ADsWuCeMFxsA
cache-control
no-cache
content-length
0
x-amz-cf-id
e3zMtYwZyNtqsAybHtAP3incWPfHXy-Uep-vVe54YuVdAgueCNQwEg==
expires
-1
pixel
cm.g.doubleclick.net/ Frame 9322
Redirect Chain
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEK-qccGEr2irjMeSNRNMUTg&google_cver=1&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3v...
  • https://c.eu1.dyntrk.com/adx/ga/us.php?dynk=ga2ex&google_gid=CAESEK-qccGEr2irjMeSNRNMUTg&google_cver=1&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3v...
  • https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3vq-YuHX3kt6ZGx7UKV0kSfTfxaa7d-7N2SecrcJ7SjelBMRuZ...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3vq-YuHX3kt6ZGx7UKV0kSfTfxaa7d-7N2SecrcJ7SjelBMRuZEAMj-SkLKTig&google_hm=MDMwMzAwMDJfNjMwNDdlNmM0M2FjZA%3D%3D
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Tue, 23 Aug 2022 07:14:52 GMT
server
nginx
access-control-allow-origin
*
transfer-encoding
chunked
access-control-allow-methods
POST, GET, OPTIONS
p3p
CP="NOI DEV OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_nid=dynadmic&google_push=AehlK4DzSnhEPQ-PXL7v4a4t-0j8TUoBYzisSD6iB5JBijAmCOU-WEkrTOMtLr0efy_467tLGqDGUaHk3vq-YuHX3kt6ZGx7UKV0kSfTfxaa7d-7N2SecrcJ7SjelBMRuZEAMj-SkLKTig&google_hm=MDMwMzAwMDJfNjMwNDdlNmM0M2FjZA%3D%3D
cache-control
no-cache
content-type
text/html; charset=UTF-8
access-control-allow-headers
Origin
keep-alive
timeout=10
dot.gif
s0.2mdn.net/ Frame 9322 		43 B
586 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/dot.gif?google_gid=CAESEN4qezojv-uGE0Jv-S5k2gY&google_cver=1&google_push=AehlK4D73dNtr6tdAAVM5h7R6ecmbhSZZUFpRZIhlxEgi28lYTK2GE3KgtpeROtF--ThOfpR_NRYszaCueLpam0E4VO3zWTVR4rOcGH-f7fKrRqQRkDpT2m2TfBGaFnGtUYo_1Uscd7MWPk
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 01 Feb 2009 08:00:00 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 07:14:51 GMT
pixel
cm.g.doubleclick.net/ Frame 9322
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEO...
  • https://sync.targeting.unrulymedia.com/csync/RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAehlK4BkPjgRfOTbxcq1d9gNM...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BkPjgRfOTbxcq1d9gNMoHEJzLloCYZsJxZbpVnNrFVYqEVEKHKW-iRjfDbR-fhnRdPBjtOqHF1Mgz3TXsaZGCMV8JFi7iOR1AIbs6VWEhLPzdezIwC-cs4nrw12X15F6MD...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BkPjgRfOTbxcq1d9gNMoHEJzLloCYZsJxZbpVnNrFVYqEVEKHKW-iRjfDbR-fhnRdPBjtOqHF1Mgz3TXsaZGCMV8JFi7iOR1AIbs6VWEhLPzdezIwC-cs4nrw12X15F6MDkwuhBUw&google_hm=BGJSZBS8KUJ2v-_O_58colo
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AehlK4BkPjgRfOTbxcq1d9gNMoHEJzLloCYZsJxZbpVnNrFVYqEVEKHKW-iRjfDbR-fhnRdPBjtOqHF1Mgz3TXsaZGCMV8JFi7iOR1AIbs6VWEhLPzdezIwC-cs4nrw12X15F6MDkwuhBUw&google_hm=BGJSZBS8KUJ2v-_O_58colo
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX62526414bc294276bfefceff9f1ca25a004
content-type
text/html
attr
cm.g.doubleclick.net/pixel/ Frame 9322 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IgbR6FnVxBJOa5Wlh2ZX4FANG0y9EPC4ADMmXKwURZrKwdhv9Jnvl0fVyt5nfraz2HoNIa
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:51 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
generate_204
tpc.googlesyndication.com/ Frame 7763 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?vNaBqQ
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f132.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:51 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 65D2 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
pagead2.googlesyndication.com/bg/ Frame 6DC9 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/932hlcctLOJRtLoo5sJe2QKRhL1SnC_Hox4lZlMNfoI.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
sffe /
Resource Hash
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 07:15:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
518364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14036
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 08:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 17 Aug 2023 07:15:27 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 36FD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst3VIyRwZdjPdExzfwyb6sw5QrPAPmji75k_Vravk_XmPLqQ2v24mdvvqfLDodKzXUdoklLUk_WDEF3qIT6EMl1CLbW&sig=Cg0ArKJSzJF8hz0CN3WCEAE&cid=CAASFeRoUQweUIKg3cRF8CXC_EEB7MC4uw&id=lidar2&mcvt=1000&p=0,0,254,250&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=0.98&if=1&vu=1&app=0&itpl=20&adk=2365071409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661238888741&rpt=1886&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		85 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
2c64cf7ee5f81d959886e39e1a58f7dcf963419be91a86664c5d8147abc51774
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
361875
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20008
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 19 Aug 2022 02:43:37 GMT
expires
Sat, 19 Aug 2023 02:43:37 GMT
last-modified
Fri, 13 May 2022 01:13:34 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 857D 		0
304 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTLXr2cq5LBcIM4bGyVYlbMnblDet6Y9HiVltWWreZuw7YUNsZ4YO2mr5-FYzco2LxGyqL16H-R9-aXOvFbuLlnpuJ8zAkeQdouGiAkV144RGNFuT2wuqycmYk4Hr_5sTU_PWhNtHvFNa6HB9oR3RkOW0SI3D6n6dMq5NC8HUg70KgaCcpK_azqo_8DmSJ7n98RGJDL9rXVgo4Qxka4IvSedFigghnfOKxXKMc_yeX9NEoxfNWsvzJt5aUIUxVtcBnHKZkiod_Jgj75KQh94wCsO0lzhtlvdmAKEL9Y5mXHmZqcEHJlQtSmv6bINtSQ9LOUSqZWXp0Z5KSsKihBDzSCpwxjXAdyPq8CFJWvho6p1jc8jEoIcWHJVgHVxEjPSGzE3MyUSqGRFnp4Hyrs1AInuNdYI2lneoygMoDi3BPueC3N6FXUzorTfPkt5a4zv4SfRSdD4y8nUHwBc4NLuEFC_mxvuapmDlOYpDiEmpJz5q_H2xYPzSUA17KSOsKChN2ocEQmDeBZlGEjVSFdj9j_ctXni-NZRMTE-zFPxV2KrmxnCDeDIExKCrspRuJUQlarPTT6qRrOUkXJhu8ZawR7f0BSmCSTklHMyR9GLMENan0Zz8Gc-7U_okFyblmtakgG7gf_REgovSqkSrUm0fW2J2-iviAI0gOl47QpXsfmEtvo7bDpG_lF4Bz9paIhIU8804KZhn48rnY3GabO_MiZv-oYJiU4xOnkyNrU28rryGUC7eVgqhi11YHttK81RAz9h5cXUtgMouPwR7u4-m7WSyh5QgfGjA-J0s3JK-YCRoLc89XHpW1QtcMXN2GKbX3al6kaQZjxL6-EqAw4IwA8c39ehyASQQzNepUXQ-9MIt98_4JM25eGfkfjVZFUf543BE0OsqMTpxybGPZiqr4BtCxrC6d9fDZBld3JwLXPavXeN5EBwGtV390TwqnL_WFAQrHkrz6rvdbp3XItB5RJPG1zLKMgaIKOE-U2jf9PDL8pxnZqJlzPAhfSaa4vyvqb56DaKYO2hMK9XINBXMiHYW_onlBRgGt5AUlJjqPgwa-MFGFoK2wWK4wFfAYrY2JOzsbNlLjahwS1XtsNwbQH0zlJMPnv7VGdFHtwM7Q6IcM4Euwu9X4h-FbvxXUhC3R9GJMcyfm9nyEODwbYTV3BaAOOivqWpAPs7CqRgdQEKrkBXi_AzCMx3ZWQ-tq7agTzzZ_ZJbQARTwjZf4cpB7zVaWHX6xMxylWCYmXh1EDNn6WgvcExE&sai=AMfl-YTzzTsuNHKjfJ5kBuuc7QbQ-QQ48NDu5o-W40QDX9SmzbESi5So4BjhdawS93rfdrpBW82QjRmFkS9dbqX9iImuy6yq4LZDTcsit453x7NaPmDBEMcdNC6i4x5AVt8osmVYvWynB1mg5JdS82A-sYhQt6601bGULoM7TlkCPyDhRXOEp6V-3A6FSfvLhv6nYLrxbmiZTsH8ytPBt_sXKtiV&sig=Cg0ArKJSzGWKSEcppO6JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=861&cbvp=1&cstd=858&cisv=r20220818.22255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 23 Aug 2022 07:14:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 857D 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:52 GMT
Server
MMBD/3.361.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
nrt-router-x13, nrt-bidder-x16
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 23 Aug 2022 07:14:51 GMT
index.html
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		86 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
9cf0e66bf931b70e3ac5dfc3ba698ec9f497790b5045ba5422b9209806c02a3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
372665
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
20027
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Thu, 18 Aug 2022 23:43:47 GMT
expires
Fri, 18 Aug 2023 23:43:47 GMT
last-modified
Fri, 13 May 2022 01:12:45 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 9EC0 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9THBTDjCHlGS1wb9Of_gcdvnKdF2xWT3A-Dqc5KDo8DxDwcMKBgXgAwftuAU3_V9mZVLvYn7onBkueqyewBVanzZhXcXRAg6FRDHjNP3-3q_tnpletcGVwMO6awFQyfFtci4V4xsZNH6BTtQaClGt8tP_MGoMvgPMDuntcyWR8FRDt6ZVJ23dd-5SeE2HUv66MJOTqdmFxEP6okcS2Jw20s6wPayma3MbPx09Q9G-O3JdeWzwyNZjh_z4YWKiXPju7Pt2f3SygVG5n5oRjLWaDdl5UxoVetcE4gfIx_bwF31-Dha1Xsi3OmGZW7lVYdGXo6jGbOmTdIFpAcmMAwbE_e_2y_xzxv5NzxXrut_bH1ZhY_MtdAR4RIOLL8deeOh5IpxlWMCbk3LhG7Wb2mcDpbW8AxcHr1D_kecoqYJDXKvvN6JKEPZ0i_--FaH8SA3FLfgaNu1VWTHCjcMYxxstG48OQvBpChqrV7dyU9juqtGOGf79CvFIUwhrpw9JvBqrHBbZ3mWNzoUVKPRNAZAhzb0f6AQfxGM8-623Fd4nu2qgK62nkAIsauwKAUo1C_qqG3mApk_AI1qxzZ42DMDRM1KnKXpCempaYfSYqlBOCAjbRro1dxZgqIU0shiGcwi_R61mT7360IZzAjCMsx2DFOELm9Mn0x_Mg-KOJr6IIzx8MltKdfxfF7AL6o974NzHZ471fEOwqFohL3p-kvt8rq3o75svAUpVQeshrF-gNYUyIXhew-ahLDe8FYUt0t1yMK8OCbqrcaW57fQBD7-_OMlSiTk_pKQujXVlNrtK_qRybl0azSdfcCtkYRT9DNTX9ZgPmKkbIXwF49Kw4L-dkOR4XK7YVkQbkeo-fI7fSIQqHGqIPRWBYw5BDcYp-JkWx0UEQQBXIOagCIEHfotnfjpJbnCeiLYVd4vutTKL_fk0RNm6OC6z2X-7XsCHreOZvxImmd2Yk_8Nk10bGo_jVzZXmkemvTBjMh51IO-Kw80tDuu5U5EORqgOeL3sjUSE7iCZvGWbI9p0hnL-efuxYyXtaBO-oqkCQpqjc9CvyBIMS2yj9-KGwBKK7mMfEQhhdwDXdO7bdA9kI69Wv_-Qdrtc4H1NVXmAy6UWFCdF3KeVCTJWP7gRsyx7e0meOskl1PrS-MARqX-o-O6wf9A9QgHeNc6D_jAI34UuRz5b8ZNmliBIN9QlpyvOt0FoS5vI4mkN_S3yQCSTWZm25bQXzSF047f71dw9Nx0Y5_Q-lAtLILTR&sai=AMfl-YRLe-n25WpjWuxJeaAk8p2JjsoU8Du0F-aO1MWF6yFbldyP2tgf4kia43Z8cm5vkDpbPnLfzQwgCEKio-9JfIJtmwrMYjSs-bYinmPhvWVkg6quT-DKViLBIV1FNaq3VrHtw302cwVLUDsJNEUX4ctXCgvhaJdA4Rgi7T2lPfyrvBIuIALIpD-7TM64SHvutCQw1mre1Xvcdesi65w4n689&sig=Cg0ArKJSzCuyG59zWqF8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=913&cbvp=1&cstd=908&cisv=r20220818.76754&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Tue, 23 Aug 2022 07:14:51 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
img
tags.mathtag.com/view/ Frame 9EC0 		49 B
329 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.mathtag.com/view/img?strat=3750455&cr=6028144&pr=5.00&txn=&rfr=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.229.205.242 , Singapore, ASN30419 (MEDIAMATH-INC, US),
Reverse DNS
Software
MMBD/3.361.1 /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:52 GMT
Server
MMBD/3.361.1
Content-Type
image/gif
Cache-Control
no-cache
x-mm-host
nrt-router-x15, nrt-bidder-x16
Connection
keep-alive
Keep-Alive
timeout=360
Content-Length
49
Expires
Tue, 23 Aug 2022 07:14:51 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 65D2 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B5Z9Man4EY5fpHsKkz7sP6_C74AQAAAAAOAHgBAI&bg=!7O-l76vNAAYUOm8VNDo7ACkAdvg8WiSefEEl6njghyT84J1P2BFHI553Ud3ezeotBoUEbODhTmcbGQIAAACqUgAAAAJoAQeZAuX2P9x4cGukFgtxyabLK6TYjjGSt_ym6zKi9emFGA_CD54bBR46I13FXErnG9kGGOd05s3cY-rpN5GBpjp5qlblUboYwHIkSnUMZc9T3S02cClC_9WSVl1HGTZ-D6qoOYLV2BmOS-yYuLvXfCeuNSw7wWfSy6cl1ngCJ7zME9n0vpu0BNOqLAGfY_4U1s4mMbB-RPhw_yhdQOulFTCF6rUwQfzYVWPM47eR2A26qAhNk55rRW9ItWBCi1B1_jA-Yo90NBCT3eG-niwOVqtzLQjpq9juxNAhSE1evgmvkTRdMYhhr0GAp8tsrZJCjycCCr48OxKi0P1q30TtvbJcNibJfKsWaL9Je8c4h_BbJHOBiKu6sVIyDLwGN2cNWtTJ5CgLjJO-BreqMPwaxjM3PZggqLSFea2LOKcwOIlQWk4l1ZvjC32QLAlOFdJF7G_SFmEbP8q-5tdVSxpoA5PvkoAlVLGHqV5Q7uSVps8GNtMQVapYY5y_fS64BFbnAhK3xWJSNDwPos41MA9epaT1_sYAZVtY1O5zIiDKD-mBugtYATg6R5xhloCnlbU6hSp6w6UaQuD2eiL0_AP060bnM2jl2Lxt37MJswBv4ZwQq9bMPV3nj_JTf0RQm20qn-1RN-OPxU-LXgQzQPL6GRxwjISHrSD8bQyDe8f8WMXQOTmYq6YmbSoKZbqvV11gOWMFidRK8YOx2URxRzp0vO-yHYQjASgsCLmsKDubSgOXeMUw_5vy3AaWKz_N74cX2YMf2-7W7h5v82zVENGF1vft7E0TYNDkWyl-02WzcSZtlqMNCQo8HHuLIZerJjE4kpiS6Hzx7x6t7jIfPXunPPwl1pGzPCrPbA0cJfoekXyX_Af9GHOkkRNtjvgpmnuyXi8rqje_l08PGxK3q8c6TujyvRI-wQ6TeUMxK7zwt-YNNUoHUyzMo0qykEcWytxhceCY5KA537ItWVaVyqBGcIpSUNrUMKU6Rj8
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 6DC9 		0
22 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BQhEhan4EY5bdIPOM8QP-trawBAAAAAA4AeAEAg&bg=!hYalhsLNAAYUOm8VNDo7ACkAdvg8WizfixR2QJZul6jNBGRO_j-vcnrCQg0HWp27OiGafoG-5dCGNQIAAACZUgAAAANoAQeZAu7GJ8KsBORUSxsfdHoVpKCZ7hwD0RLTRf5lQXQsY4FK0i1RtMRD4Dz6WuDlFEyM47FmZece0O_0ap5EQMjZJ7faiVHhbI4TVyv2EktO8qdjNloW-WsEqekpYBeSLaIUQ-AYqnEamdQ9hcmMYargRV4aDT3tZmkRx6m14Dzfrc78BZJh2WSx5ARzHbYpDXqVRgC_rrwXMVG4Z_vZU5xtxNPebvSmWOFHHezMrguPD5gVmDGzgj718G_sPjP6jaTx217NUHeHKocgNiiGBZhBGyZoowZXifL2i_HYS6w7QuRE6pLzbHK7eCeeynijpyzD0gOC4p7o9eAlwOZwcr-EgcA3i0g0GvmZ8udV_ZppEhnKSCBsZzDvb1XCu5ibrR1vB-02PZxubJW7yQXx29mqtkRrnxwyS07F3-eXMQc_4BkNb00TesLXtbTHq390oLqhyJ6vdyi6rZUTroDhO_2-CQVkukHn6_dzkQOnAZxG1Jzu2kE7-TjqpqwVkbPJXjMHQcdnueW0igRMcTNhzQiC82Gkp8EYGLBbxR9YzGU5qahPeubTbBYuUkWV3tYFhrat2TYgFsdxqGDX59jB4ZkP2ccAH-6oMWD_UvHobCx19aeVKrjmVz5bobENkYa1fdJDLcD0yyUZ_pxPcYxdZzf2Id8lLxDWUEuZ2kpniFgKg-aM70A3UYLerIRHDpNGwqT0s3OshokQsgEJexskORbINxjSO7AvLIHD5vmvkiUdmp0Emzc_BDyDsjmgdaj5uXVHZuraQeOGet48Dq45QX_d7Lk6uJ3MwJptfksw4Ffauj4ld3UGzgtJEs65ILMsc3lE8kfYXUMolvWZzpDsoiS03suifHa7TYAf_bGiKuADCACzirZ7UdRVlnpO1g9A6Mp-H97uB6JWRQtBaPk0HefYp_NVVa6jCsuGNqgIjTuSe1uUkecsHayOTrSWr0FrP88m4Uq5EuK03yqzEfcj13W9ZOyLr0ajita9QDthq5Hxf_M
Requested by
Host: 8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
URL: https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 3B05 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220818&jk=3874194803782175&bg=!a2ilaCzNAAYUOm8VNDo7ACkAdvg8Wnu9IsljeGB6zARSgxvkqgRP7Q2kreujp0NjCQTs3EtPeXzRyQIAAABXUgAAAANoAQcKAFuYkKB6RWoJhH1IMQhVOlrPqokC_ZIANsnpcf2oWBbE6DE-6tNKwh-F2id4VZBxc9VDsgF_0rmN9F89RAAvc9M5f3-CSWvLstYzHaFWiTmqSt6Oy3Mbhj2aIPn7mQKjjqKNW5Tei3_-II6crQMiLKqLD6lFodXPtXunNzeVErnLqTHFQq7IPa0ubDTiVpon7FOpMkMofunLXwNj1EsVgJbRD99tX9Q29DDUjP6LCj8KIsC2020pOtIIYZXVn9kam5x9pCKHbNHqwEdU2MZo_ipcp72KERbsdzAZKuuzH7dI6dREA_6DkBhIU9O3nKEohW_98fz3m9wqTqdemz5WVHW701BUWPBMoCtrJvtaqE9zzTO-Clbtn3ms_fg7tUdE8iBN8b2u3fJzssNjmrWLTU4jsMzICHLS3bk9CfaVQPWptlzfE0DXcD69f_kmniV7bFZI461PVLHynuYG4fgQXCIC8xGE7ozmg2wR-xN0j3Z79zpuZlGQn1NcwMLU8NHPSRxKcUEybaxfxP-SzFn8p0U8QWJiG9_aCZjqlt_J7nLPuWmRmn5nAUlLW1f2ipZF3k2iIewFYZO8Kj4sf-GYKv2XAT-6bBn-wSyG2sB1AjWh78hsc8HgL7Fo5V-M_dw7mBhuwreqLpQPiXvGNplEds1ufZWoPoqEXvHfMG21eBZQ3mXrQ3KeTzeOUyvVasrNeCWf1b9ycKWeyTXFx0JEg3vOU3OQGtA34gOcRnsRrwb3q4eQwPpiIZdnqSb2b_tGkZbQsq508nidg9dfqX3ASSvkE-iTDSrdEkgkxp2nRbf_4OTXjKn5tAWDqCRpknvKyguUne18L7hDzS19cBPppYYwfpTbejzoh5t3AnuvCqhTyb2tDjmU73HwyvplSwCTfIhRioszofBwmwmT47bA2rR8N1tP1S8T2-0my6mP2Mz3ttTUIu_5TKHSA1cWrEosKuakwrzv8-ad2xKjoMstdaJJBd-KchlsUfileR4AV-37pozpu0u2CBB5KdAWCiN4wNrB
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 714A 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRnh3ICimt7iSWltmoOkJ5rSZjyjmvMjHZqwH9kGvKL15QSzvZQOFSC3R8dVJvXpTlUnKONlL_MvGlrlFDobpD3bO2A4NYHd4_FxPEhysY7uAvA4oPLC-VMwHuft01dEFGVAhr_q5Ztg&sai=AMfl-YT0U8rGUkAV6jo-1KlgGzULpBp30oC1ldcZwqGyYzUpNVgVQOyBRVzfLrCxCX7t9tu78r6fhMOTwAKDRRMSo2ehrvnjp5fyrDLqmjMTY0e0xmAoBP_6_3cpqDXf&sig=Cg0ArKJSzF41SsX3JPqQEAE&cid=CAASFeRo1sXKio6ukkuQKlDpKF40I5mWng&id=lidar2&mcvt=1000&p=300,5,900,125&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=4082231052&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661238889938&rpt=1164&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rid
match.adsrvr.org/track/ 		108 B
672 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
ae908b18f52be43bdee7fb90dd1aefe4d1473e2bc980da342acc846dffe2a58b

Request headers

Referer
https://www.bg3.co/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 23 Aug 2022 07:14:52 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bg3.co
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
108
expires
Thu, 22 Sep 2022 07:14:52 GMT
pd
u.openx.net/w/1.0/ Frame AD5B 		532 B
639 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
fb822981f1f1ccefef19a5d89f47ba2472af885684ff84e1c0320f60aca82ac4

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
327
content-type
text/html
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
sync.html
public.servenobid.com/ Frame 326E 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.161.111.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-161-111-41.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

age
28235
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 01:08:18 GMT
etag
W/"3b058e9cd661ca6990301a82cf5d448f"
last-modified
Wed, 17 Aug 2022 23:23:08 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 cbd845ea8169138e8f0aa84dded5f0fa.cloudfront.net (CloudFront)
x-amz-cf-id
5rIo_iVyNKTJdvb4oaRaINW8hL0Ff2GjXlQvmaQ_aVY_eFra9Cq86Q==
x-amz-cf-pop
MRS52-P4
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:049b4e88-3480-44ce-bc71-9207efe847a1
x-amz-meta-codebuild-content-md5
77e8f986028c7819a018b65a51e4d1c5
x-amz-meta-codebuild-content-sha256
4cf0411e60b9185dacd3ae0196e3adabe45eed1b64ea27e89ed58c43c33d4297
x-cache
Hit from cloudfront
async_usersync.html
acdn.adnxs.com/dmp/ Frame 661C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
8799
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 23 Aug 2022 07:14:52 GMT
ETag
W/"623de86a-cf34"
Expires
Wed, 03 Aug 2022 04:41:10 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
3, 47294
X-Served-By
cache-lga21930-LGA, cache-bne12521-BNE
X-Timer
S1661238892.412107,VS0,VE0
/
onetag-sys.com/usync/ Frame E799 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1661238887863
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
0e6bcb56ea393c51840735172a81daa99b4b255c25b01a7785ca14b9d9173cae
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1374
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
eb2.3lift.com/ Frame F6E2
Redirect Chain
  • https://eb2.3lift.com/sync?
  • https://eb2.3lift.com/sync?&ld=1
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?&ld=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
50ec9576568dd17b15250e2c02ac2b5c1e76948a06a922c881618bc8e341b6ab

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-length
455
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
date
Tue, 23 Aug 2022 07:14:52 GMT
location
/sync?&ld=1
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ixmatch.html
js-sec.indexww.com/um/ Frame FC7D 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.239 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-239.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1387
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 07:14:52 GMT
ETag
"e20015-b68-5e4a60c97afb7"
Last-Modified
Mon, 25 Jul 2022 19:18:30 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
checksync.php
contextual.media.net/ Frame 0E5B 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6504fceb4326d8ac227e4403f0fda47214692c5a22afed356fc7cf45a3f87e31
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
11782
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 07:14:52 GMT
expires
Thu, 25 Aug 2022 07:14:52 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
usync.html
eus.rubiconproject.com/ Frame 6A6F 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.adpushup.com
URL: https://cdn.adpushup.com/prebid/pb.42753.1660729490688.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.bg3.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 07:14:52 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
magnite
prebid.a-mo.net/setuid/
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-adaptmx&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://prebid.a-mo.net/setuid/magnite?uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1---
0
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/magnite?uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1---
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
2
server
envoy
vary
Accept-Encoding

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://prebid.a-mo.net/setuid/magnite?uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1---
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Expires
0
yahoo
prebid.a-mo.net/setuid/
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=61d46240-18b0-4449-9aac-69a56f22fd95
  • https://ups.analytics.yahoo.com/ups/58570/occ?gdpr=0&gdpr_consent=&uid=61d46240-18b0-4449-9aac-69a56f22fd95&verify=true
  • https://prebid.a-mo.net/setuid/yahoo?uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A&gdpr=0&gdpr_consent=
0
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid/yahoo?uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A&gdpr=0&gdpr_consent=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Server
145.40.88.5 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
vary
Accept-Encoding

Redirect headers

location
https://prebid.a-mo.net/setuid/yahoo?uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A&gdpr=0&gdpr_consent=
date
Tue, 23 Aug 2022 07:14:52 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/
Redirect Chain
  • https://onetag-sys.com/usync/?tag=img
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=&gdpr_consent=
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://a.sportradarserving.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=onetag
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=abb6c59d-886a-4e5e-a6b1-9f2e25e02662&ssp=onetag
  • https://onetag-sys.com/match/?int_id=30&uid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&us_privacy=
0
0
cookie
cm.adform.net/
Redirect Chain
  • https://prebid.a-mo.net/cchain?cb=https%3A%2F%2Fib.adnxs.com%2Fprebid%2Fsetuid%3Fbidder%3Damx%26uid%3D61d46240-18b0-4449-9aac-69a56f22fd95&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F646%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D61d46240-18b0-4449-9aac-69a56f...
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F646%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D61d46240-18b0-4449-9aac-69a56f22fd95%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD02MWQ0NjI0MC0xOGIwLTQ0NDktOWFhYy02OWE1NmYyMmZkOTU%253D%26uid%3D%24UID
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H2
Server
37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
server
nginx
content-length
43
content-type
image/gif

Redirect headers

location
https://cm.adform.net/cookie?gdpr=1&gdpr_consent=&redirect_url=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F646%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1---%26A%3D61d46240-18b0-4449-9aac-69a56f22fd95%26bidder%3Dadform%26cbx%3DaHR0cHM6Ly9pYi5hZG54cy5jb20vcHJlYmlkL3NldHVpZD9iaWRkZXI9YW14JnVpZD02MWQ0NjI0MC0xOGIwLTQ0NDktOWFhYy02OWE1NmYyMmZkOTU%253D%26uid%3D%24UID
date
Tue, 23 Aug 2022 07:14:51 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 9EC0 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIOw9E1KJskS0dsmYmF8YCdZ1rKFAIWVBUQfj6ySTyLAs1A1fRKKouTD7zV39zXEOOB1-5UH_mu6IIEV2Uy6YsrP9uUtp3Qmi5btpQmeEFQNOCi2a8V60xF1JpbJROqg2kgUo8icGEJQ&sai=AMfl-YSYtg23lAeKtOOKlISkaTAwkNNizRMi_My5uBUe94OFYsyeGwXrAR4Dm1U08KmbeezZmqPJGyX0jwKIIrm8FAWLscNA88Epjwn9Uc3ijwmogGnGloAY7ybtfws1&sig=Cg0ArKJSzPyToZWa1aFvEAE&cid=CAASJeRohzAj16LXcIXJg7IZR3mb_FXJ94TjROT9zaSEMSonghUsblA&id=lidar2&mcvt=1000&p=60,450,310,750&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1420297610&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661238889921&rpt=1222&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 857D 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvMIrpEb6m9YceV_jaCo-AiuLq_Em9QAldATvpTDeFeT9QGSWEDxtE05_SU7ttzJ5yQONxMS2kiwg4HJlc2Q_o49eL6n_Bq9w7QgGKTj9P0eVjBy8VHI2G7kuP5kyo4lYu323dHeR2oug&sai=AMfl-YTjZFfRUVKVMK8G5DsAKEG49QgX82DMZi2a9FwwbvTlHySkZuNt82MM9bBWePG85ZlseDZjXBsXtzMzZ7JeNepE0BDH-MIcoyYfGqhzFtT8nZdJf7uU9IdrJNT9&sig=Cg0ArKJSzBfsPEKgAPvvEAE&cid=CAASJeRo_-F1TIKRejXQbwHbQP4Ee1dJ39kRe1s1KYZddTRQAqL-EXM&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220822&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2857874404&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1661238889933&rpt=1237&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.68.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AD5B
Redirect Chain
  • https://ad.turn.com/r/cs?pid=9&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537073061&val=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?id=537073061&val=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:51 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
sd
us-u.openx.net/w/1.0/ Frame AD5B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/openx?oxid=cfd54a14-41d2-7ff6-d65c-4fb8c73389a4&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072971&val=24de8755-1fd5-4995-84de-10c316ebc90a&ttd_puid=cfd54a14-41d2-7ff6-d65c-4fb8c73389a4&gdpr=0&gdpr_consent=
43 B
62 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072971&val=24de8755-1fd5-4995-84de-10c316ebc90a&ttd_puid=cfd54a14-41d2-7ff6-d65c-4fb8c73389a4&gdpr=0&gdpr_consent=
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072971&val=24de8755-1fd5-4995-84de-10c316ebc90a&ttd_puid=cfd54a14-41d2-7ff6-d65c-4fb8c73389a4&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
335
sd
jp-u.openx.net/w/1.0/ Frame AD5B
Redirect Chain
  • https://tg.socdm.com/rtb/sync_before?proto=openx
  • https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwR.bMCo8YUAAItRBh0AAAAA
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwR.bMCo8YUAAItRBh0AAAAA
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

X-SO-Cluster-ID
9
Date
Tue, 23 Aug 2022 07:14:52 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync_before?proto=openx","cluster_id":9,"gdpr":false,"ipv4":"103.209.254.77","key":"YwR.bMCo8YUAAItRBh0AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40325"}
X-SO-Ads-Time
5
X-SO-Key
YwR.bMCo8YUAAItRBh0AAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40325
P3P
CP="See also http://www.scaleout.jp/privacy/"
Location
https://jp-u.openx.net/w/1.0/sd?id=537072335&val=YwR.bMCo8YUAAItRBh0AAAAA
Cache-Control
private
X-SO-HostName
a-ad40325.dc2p.scaleout.jp
Connection
keep-alive
Content-Length
0
X-SO-LB-Hostname
m-tgng33.dc4p.scaleout.jp
X-SO-IP
103.209.254.77
sd
jp-u.openx.net/w/1.0/ Frame AD5B
Redirect Chain
  • https://cr-p3.ladsp.jp/cookiesender/3
  • https://cr-pall.ladsp.com/cookiesender/3
  • https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AR0QHPQBrGxLks8ADsWuCeMFxs8AAAGCyY3Z_Q
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AR0QHPQBrGxLks8ADsWuCeMFxs8AAAGCyY3Z_Q
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
via
1.1 61726f6e6656624f90145ef79b7954ea.cloudfront.net (CloudFront)
server
Logicad
x-amz-cf-pop
SIN52-C3
x-cache
Miss from cloudfront
p3p
CP="NOI DEVo TAIo PSAo PSDo OUR IND UNI NAV", policyref="http://cd.ladsp.com/xml/w3c/p3p.xml"
location
https://jp-u.openx.net/w/1.0/sd?id=537072451&val=AR0QHPQBrGxLks8ADsWuCeMFxs8AAAGCyY3Z_Q
cache-control
no-cache
content-length
0
x-amz-cf-id
0ZAjA7BVFRMlIhGp9InH1elxzxokveJgztRU8YlSo4LJ0PlxH9YRtA==
expires
-1
pixel
cm.g.doubleclick.net/ Frame AD5B 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTNiYTk5ZGUtODhhNS0yMTUyLWMzYmMtMTUwMTBkZDE0N2M0
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame AD5B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
Requested by
Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd
Protocol
H3
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEARzDt6y9c02RmjCmSEXvGo&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ Frame 0E5B 		61 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?r=2&c=321&gdpr=0&gdpr_pd=0&gdpr_consent=&us_privacy=&j=window.advBidxc.mnetRtusId
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
/
Resource Hash
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
1571
strict-transport-security
max-age=31536000; preload;
content-length
175
expires
60
usync.html
eus.rubiconproject.com/ Frame 1148
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
  • https://eus.rubiconproject.com/usync.html?p=medianet
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=medianet
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 07:14:53 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Aug 2022 07:14:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=medianet
server
AkamaiGHost
cksync.html
contextual.media.net/ Frame 30FE
Redirect Chain
  • https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Drkt%26refUrl%3D%26vid%3D123889238930424048915373890...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=rkt&refUrl=&vid=12388923893042404891537389000V10&ovsid=1991787313928468380
219 B
651 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=rkt&refUrl=&vid=12388923893042404891537389000V10&ovsid=1991787313928468380
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
219
content-type
text/html;charset=UTF-8
date
Tue, 23 Aug 2022 07:14:53 GMT
expires
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E

Redirect headers

Content-Length
0
Date
Tue, 23 Aug 2022 07:14:53 GMT
Location
https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=rkt&refUrl=&vid=12388923893042404891537389000V10&ovsid=1991787313928468380
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.3.29.v20201019)
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 382C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://contextual.media.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91729
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 07:14:52 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 24 Aug 2022 08:43:41 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
cksync.php
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dapx%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D%24UID
  • https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=apx&refUrl=&vid=12388923893042404891537389000V10&ovsid=7212820068730442693
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=apx&refUrl=&vid=12388923893042404891537389000V10&ovsid=7212820068730442693
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:52 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:52 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
065f483b-9cc4-4020-9ddb-a1601a951cce
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=apx&refUrl=&vid=12388923893042404891537389000V10&ovsid=7212820068730442693
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.html
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D3042404891537389...
  • https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=opx&refUrl=&vid=12388923893042404891537389000V10&ovsid=07f9238b-ead2-4516-b513-31d675dc1b78
219 B
219 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=opx&refUrl=&vid=12388923893042404891537389000V10&ovsid=07f9238b-ead2-4516-b513-31d675dc1b78
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:52 GMT
vary
Accept-Encoding
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
text/html;charset=UTF-8
content-length
219
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:52 GMT

Redirect headers

date
Tue, 23 Aug 2022 07:14:52 GMT
content-encoding
gzip
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://contextual.media.net/cksync.html?cs=8&vsid=3042404891537389000V10&type=opx&refUrl=&vid=12388923893042404891537389000V10&ovsid=07f9238b-ead2-4516-b513-31d675dc1b78
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
cksync.php
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmp1r1?sub=medianet&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dr1%26refUrl%3D%26vid%3D12388923893042404891...
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=7739512854
  • https://sync.1rx.io/usersync/tradedesk/24de8755-1fd5-4995-84de-10c316ebc90a
  • https://sync.targeting.unrulymedia.com/csync/RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004?redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dr1%2...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=r1&refUrl=&vid=12388923893042404891537389000V10&ovsid=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004
45 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=r1&refUrl=&vid=12388923893042404891537389000V10&ovsid=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:53 GMT

Redirect headers

location
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=r1&refUrl=&vid=12388923893042404891537389000V10&ovsid=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004
date
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX62526414bc294276bfefceff9f1ca25a004
content-type
text/html
cksync.php
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=MEDIANET&rurl=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Ddxu%26refUrl%3D%26vid%3D12388923893042404891537...
  • https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=dxu&refUrl=&vid=12388923893042404891537389000V10&ovsid=1UmzCIQq1Oqo7E5
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=dxu&refUrl=&vid=12388923893042404891537389000V10&ovsid=1UmzCIQq1Oqo7E5
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:52 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:52 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:51 GMT
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
Location
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=dxu&refUrl=&vid=12388923893042404891537389000V10&ovsid=1UmzCIQq1Oqo7E5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=115&p=259&cp=medianet&cu=1&url=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D1%26type%3Dcrt%26ovsid%3D%40%40CRITEO_USERID%40%40
  • https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bc7d5c35-5191-4276-945f-151cce41f324
45 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bc7d5c35-5191-4276-945f-151cce41f324
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:53 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location
https://contextual.media.net/cksync.php?cs=1&type=crt&ovsid=bc7d5c35-5191-4276-945f-151cce41f324
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1318484
content-length
0
expires
Tue, 23 Aug 2022 00:00:00 GMT
cksync.php
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=medianet&gdpr=0&gdpr_consent=&gdpr_pd=1
  • https://cm.g.doubleclick.net/pixel?google_nid=bidswitch_dbm&google_cm&google_sc&ssp=medianet&bsw_param=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&google_hm=OWU1ZmMyNjAtMGU1Yi00MTcxLWE3ZWQtYTBkYmU5MWRkMjRj
  • https://x.bidswitch.net/sync?dsp_id=16&user_id=CAESEMLpubEIKvjJ4RQ7ZLpDBMI&google_cver=1&ssp=medianet&bsw_param=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c
  • https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=
45 B
464 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:53 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?cs=1&type=bs&ovsid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=
Date
Tue, 23 Aug 2022 07:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame 0E5B
Redirect Chain
  • https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dzem%26refUrl%3D%26vid%3D12388923893042404891537389...
  • https://stags.bluekai.com/site/23178?id=wRWUbjlXkwITcYHQCR_0&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TD...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXKJLVKYTKNRMGW52JKRRVSSCRINJF6...
0
0
cksync.php
contextual.media.net/ Frame 0E5B
Redirect Chain
  • https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=3042404891537389000V10
  • https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=3042404891537389000V10
  • https://contextual.media.net/cksync.php?type=mf&ovsid=8fa55afc-8635-4292-95dd-e95e9087ec97&cs=1
45 B
465 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=mf&ovsid=8fa55afc-8635-4292-95dd-e95e9087ec97&cs=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:54 GMT

Redirect headers

Location
//contextual.media.net/cksync.php?type=mf&ovsid=8fa55afc-8635-4292-95dd-e95e9087ec97&cs=1
Date
Tue, 23 Aug 2022 07:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
um
cs.emxdgt.com/ Frame 0E5B 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Demx%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3D%24UID
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUPEPKI9&prvid=2034%2C2033%2C2031%2C2030%2C2029%2C233%2C2028%2C2027%2C236%2C237%2C117%2C51%2C97%2C55%2C99%2C3012%2C2043%2C2040%2C244%2C201%2C2039%2C3007%2C246%2C4%2C203%2C9%2C2055%2C172%2C173%2C251%2C175%2C132%2C178%2C255%2C3018%2C3017%2C214%2C3016%2C337%2C338%2C70%2C77%2C2021%2C141%2C186%2C222%2C345%2C10000%2C80%2C108%2C229%2C307&itype=PREBID&purpose1=1&gdprconsent=1&gdpr=0&coppa=0&usp_status=0&usp_consent=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.75.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-75-132.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 894D 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 03:16:21 GMT
async_usersync
ib.adnxs.com/ Frame 661C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:52 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2d2a0235-3da9-426b-8ad3-e4bcf2aee0bf
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame 0985 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 03:16:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14311
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 24 Aug 2022 03:16:21 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 857D 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvTLXr2cq5LBcIM4bGyVYlbMnblDet6Y9HiVltWWreZuw7YUNsZ4YO2mr5-FYzco2LxGyqL16H-R9-aXOvFbuLlnpuJ8zAkeQdouGiAkV144RGNFuT2wuqycmYk4Hr_5sTU_PWhNtHvFNa6HB9oR3RkOW0SI3D6n6dMq5NC8HUg70KgaCcpK_azqo_8DmSJ7n98RGJDL9rXVgo4Qxka4IvSedFigghnfOKxXKMc_yeX9NEoxfNWsvzJt5aUIUxVtcBnHKZkiod_Jgj75KQh94wCsO0lzhtlvdmAKEL9Y5mXHmZqcEHJlQtSmv6bINtSQ9LOUSqZWXp0Z5KSsKihBDzSCpwxjXAdyPq8CFJWvho6p1jc8jEoIcWHJVgHVxEjPSGzE3MyUSqGRFnp4Hyrs1AInuNdYI2lneoygMoDi3BPueC3N6FXUzorTfPkt5a4zv4SfRSdD4y8nUHwBc4NLuEFC_mxvuapmDlOYpDiEmpJz5q_H2xYPzSUA17KSOsKChN2ocEQmDeBZlGEjVSFdj9j_ctXni-NZRMTE-zFPxV2KrmxnCDeDIExKCrspRuJUQlarPTT6qRrOUkXJhu8ZawR7f0BSmCSTklHMyR9GLMENan0Zz8Gc-7U_okFyblmtakgG7gf_REgovSqkSrUm0fW2J2-iviAI0gOl47QpXsfmEtvo7bDpG_lF4Bz9paIhIU8804KZhn48rnY3GabO_MiZv-oYJiU4xOnkyNrU28rryGUC7eVgqhi11YHttK81RAz9h5cXUtgMouPwR7u4-m7WSyh5QgfGjA-J0s3JK-YCRoLc89XHpW1QtcMXN2GKbX3al6kaQZjxL6-EqAw4IwA8c39ehyASQQzNepUXQ-9MIt98_4JM25eGfkfjVZFUf543BE0OsqMTpxybGPZiqr4BtCxrC6d9fDZBld3JwLXPavXeN5EBwGtV390TwqnL_WFAQrHkrz6rvdbp3XItB5RJPG1zLKMgaIKOE-U2jf9PDL8pxnZqJlzPAhfSaa4vyvqb56DaKYO2hMK9XINBXMiHYW_onlBRgGt5AUlJjqPgwa-MFGFoK2wWK4wFfAYrY2JOzsbNlLjahwS1XtsNwbQH0zlJMPnv7VGdFHtwM7Q6IcM4Euwu9X4h-FbvxXUhC3R9GJMcyfm9nyEODwbYTV3BaAOOivqWpAPs7CqRgdQEKrkBXi_AzCMx3ZWQ-tq7agTzzZ_ZJbQARTwjZf4cpB7zVaWHX6xMxylWCYmXh1EDNn6WgvcExE&sai=AMfl-YTzzTsuNHKjfJ5kBuuc7QbQ-QQ48NDu5o-W40QDX9SmzbESi5So4BjhdawS93rfdrpBW82QjRmFkS9dbqX9iImuy6yq4LZDTcsit453x7NaPmDBEMcdNC6i4x5AVt8osmVYvWynB1mg5JdS82A-sYhQt6601bGULoM7TlkCPyDhRXOEp6V-3A6FSfvLhv6nYLrxbmiZTsH8ytPBt_sXKtiV&sig=Cg0ArKJSzGWKSEcppO6JEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1685&vt=11&dtpt=824&dett=3&cstd=858&cisv=r20220818.22255&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
disclaimer_common.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		224 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/disclaimer_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 20 Aug 2022 10:32:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
247330
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36700
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sun, 20 Aug 2023 10:32:42 GMT
stefan_img1.png
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan_img1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
85062b5209b79a0b711d328194138c961240353508cb691244a1745abda72591
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 23:57:12 GMT
x-content-type-options
nosniff
age
285460
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27036
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Aug 2023 23:57:12 GMT
stefan_img2.png
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan_img2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
f60470b418489678f52a25d72e9bdd7fe0479d57e62f49d28b499423773460fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 08:31:36 GMT
x-content-type-options
nosniff
age
427396
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28006
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 08:31:36 GMT
stefan1.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		44 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
94d0f58d59d47ce925f66c6884938e43e9b9e4361682f863e0ba88c102883517
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 15:15:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
143947
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11265
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 15:15:45 GMT
stefan2.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		42 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/stefan2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
b703e463206e557fbb495c56ceefa60fdeec10f0f3026a61e056c1a2032cd6d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 10:44:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
73836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13830
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 10:44:16 GMT
cta_common.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/cta_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 15:12:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144172
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3188
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 15:12:00 GMT
frame3_common.svg
s0.2mdn.net/sadbundle/15195109931553881176/ Frame 894D 		34 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/15195109931553881176/frame3_common.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/15195109931553881176/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 23:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
461192
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10443
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:13:34 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 23:08:20 GMT
usync.js
eus.rubiconproject.com/ Frame 6A6F 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
243506277e64a9ce1cc92b117b4991f1b80c14c2f56e8e95b397370a7f1450dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:52 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61612
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Wed, 24 Aug 2022 00:21:44 GMT
/
onetag-sys.com/match/ Frame E799
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=1&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Date
Tue, 23 Aug 2022 07:14:52 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x18 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 Aug 2022 07:14:51 GMT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame E799 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
Content-Type
image/gif
/
onetag-sys.com/match/ Frame E799
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D1%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7212820068730442693
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7212820068730442693
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:52 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
da4f2ed8-0a6e-4a1c-a7f0-4f416fcbba63
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://onetag-sys.com/match/?int_id=98&gdpr=1&gdpr_consent=&uid=7212820068730442693
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame E799 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=c9k53ayWTAxbGk96q4d19BnT0pNsbGxPd5gdKWQLZMQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
6690dc791bf02dde8c4051a04cfd7bb8
Content-Type
image/gif
pixel
cm.g.doubleclick.net/ Frame E799
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN2sg2_f1RpS9V9heomGH8LUu85zyVcQ
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN2sg2_f1RpS9V9heomGH8LUu85zyVcQ
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN2sg2_f1RpS9V9heomGH8LUu85zyVcQ
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
sync
ssbsync-global.smartadserver.com/api/ Frame E799 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=1&gdpr_consent=&us_privacy=&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
content-length
0
/
onetag-sys.com/match/ Frame E799
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://id.rlcdn.com/1000.gif?memo=COy5KxoNCO38kZgGEgUI6AcQAEIASgA
  • https://onetag-sys.com/match/?int_id=110&uid=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=110&uid=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

date
Tue, 23 Aug 2022 07:14:53 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://onetag-sys.com/match/?int_id=110&uid=
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
s.amazon-adsystem.com/ Frame E799
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Mf6u5BUTLNdlSNSEYPOQBFO3ayWCehbM3lkx_lMAPDM
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Mf6u5BUTLNdlSNSEYPOQBFO3ayWCehbM3lkx_lMAPDM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
PASDWV5PG19QC8XSCPTK
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=Mf6u5BUTLNdlSNSEYPOQBFO3ayWCehbM3lkx_lMAPDM
strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
ImgSync
image8.pubmatic.com/AdServer/ Frame E799 		0
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=1&gdpr_consent=&us_privacy=&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.82 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
content-length
0
/
onetag-sys.com/match/ Frame E799
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
298
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
occ
ups.analytics.yahoo.com/ups/58488/ Frame E799 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.74.13.196 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-13-196.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:52 GMT
server
ATS/9.1.10.25
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
onetag-sys.com/match/ Frame E799
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=1&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
sync
x.bidswitch.net/ Frame E799 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=onetag&gdpr=1&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?cb=1661238887863
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:53 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
googleads4.g.doubleclick.net/pcs/ Frame 9EC0 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu9THBTDjCHlGS1wb9Of_gcdvnKdF2xWT3A-Dqc5KDo8DxDwcMKBgXgAwftuAU3_V9mZVLvYn7onBkueqyewBVanzZhXcXRAg6FRDHjNP3-3q_tnpletcGVwMO6awFQyfFtci4V4xsZNH6BTtQaClGt8tP_MGoMvgPMDuntcyWR8FRDt6ZVJ23dd-5SeE2HUv66MJOTqdmFxEP6okcS2Jw20s6wPayma3MbPx09Q9G-O3JdeWzwyNZjh_z4YWKiXPju7Pt2f3SygVG5n5oRjLWaDdl5UxoVetcE4gfIx_bwF31-Dha1Xsi3OmGZW7lVYdGXo6jGbOmTdIFpAcmMAwbE_e_2y_xzxv5NzxXrut_bH1ZhY_MtdAR4RIOLL8deeOh5IpxlWMCbk3LhG7Wb2mcDpbW8AxcHr1D_kecoqYJDXKvvN6JKEPZ0i_--FaH8SA3FLfgaNu1VWTHCjcMYxxstG48OQvBpChqrV7dyU9juqtGOGf79CvFIUwhrpw9JvBqrHBbZ3mWNzoUVKPRNAZAhzb0f6AQfxGM8-623Fd4nu2qgK62nkAIsauwKAUo1C_qqG3mApk_AI1qxzZ42DMDRM1KnKXpCempaYfSYqlBOCAjbRro1dxZgqIU0shiGcwi_R61mT7360IZzAjCMsx2DFOELm9Mn0x_Mg-KOJr6IIzx8MltKdfxfF7AL6o974NzHZ471fEOwqFohL3p-kvt8rq3o75svAUpVQeshrF-gNYUyIXhew-ahLDe8FYUt0t1yMK8OCbqrcaW57fQBD7-_OMlSiTk_pKQujXVlNrtK_qRybl0azSdfcCtkYRT9DNTX9ZgPmKkbIXwF49Kw4L-dkOR4XK7YVkQbkeo-fI7fSIQqHGqIPRWBYw5BDcYp-JkWx0UEQQBXIOagCIEHfotnfjpJbnCeiLYVd4vutTKL_fk0RNm6OC6z2X-7XsCHreOZvxImmd2Yk_8Nk10bGo_jVzZXmkemvTBjMh51IO-Kw80tDuu5U5EORqgOeL3sjUSE7iCZvGWbI9p0hnL-efuxYyXtaBO-oqkCQpqjc9CvyBIMS2yj9-KGwBKK7mMfEQhhdwDXdO7bdA9kI69Wv_-Qdrtc4H1NVXmAy6UWFCdF3KeVCTJWP7gRsyx7e0meOskl1PrS-MARqX-o-O6wf9A9QgHeNc6D_jAI34UuRz5b8ZNmliBIN9QlpyvOt0FoS5vI4mkN_S3yQCSTWZm25bQXzSF047f71dw9Nx0Y5_Q-lAtLILTR&sai=AMfl-YRLe-n25WpjWuxJeaAk8p2JjsoU8Du0F-aO1MWF6yFbldyP2tgf4kia43Z8cm5vkDpbPnLfzQwgCEKio-9JfIJtmwrMYjSs-bYinmPhvWVkg6quT-DKViLBIV1FNaq3VrHtw302cwVLUDsJNEUX4ctXCgvhaJdA4Rgi7T2lPfyrvBIuIALIpD-7TM64SHvutCQw1mre1Xvcdesi65w4n689&sig=Cg0ArKJSzCuyG59zWqF8EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1880&vt=11&dtpt=967&dett=3&cstd=908&cisv=r20220818.76754&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 23 Aug 2022 07:14:52 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
xuid
eb2.3lift.com/ Frame F6E2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=3658&xuid=24de8755-1fd5-4995-84de-10c316ebc90a&dongle=0cfd
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3658&xuid=24de8755-1fd5-4995-84de-10c316ebc90a&dongle=0cfd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://eb2.3lift.com/xuid?mid=3658&xuid=24de8755-1fd5-4995-84de-10c316ebc90a&dongle=0cfd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
209
ebda
eb2.3lift.com/ Frame F6E2
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODg2NDg0MDE1NjE0MzQ5MTg3Mjg2
  • https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/ebda?gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
248
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xuid
eb2.3lift.com/ Frame F6E2
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE1TvKpZktWLQ5bC3aB_PBg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE1TvKpZktWLQ5bC3aB_PBg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEE1TvKpZktWLQ5bC3aB_PBg&dongle=c627&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame F6E2
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODg2NDg0MDE1NjE0MzQ5MTg3Mjg2
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODg2NDg0MDE1NjE0MzQ5MTg3Mjg2
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=0&gdpr_consent=&us_privacy=&google_hm=ODg2NDg0MDE1NjE0MzQ5MTg3Mjg2
date
Tue, 23 Aug 2022 07:14:52 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
p.adsymptotic.com/d/px/ Frame F6E2
Redirect Chain
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=886484015614349187286&dbredirect=true&gdpr=0&consent=
  • https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=886484015614349187286&dbredirect=true&gdpr=0&consent=&cookiesTest=true
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e8603767-a080-4ed4-8b35-1b7e2d3a336f&_noobservation=1
  • https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e8603767-a080-4ed4-8b35-1b7e2d3a336f&_noobservation=1&_expected_cookie=1996aba...
43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e8603767-a080-4ed4-8b35-1b7e2d3a336f&_noobservation=1&_expected_cookie=1996aba7fbc7600e192000149c70117a
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
104.18.101.194 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
73f20dce3cd9fe9d-MEL
p3p
CP='NON DSP COR CONi OUR BUS CNT'
content-type
image/gif
content-length
43

Redirect headers

location
https://p.adsymptotic.com/d/px/?_pid=16218&_psign=0aa5badf92527f7732e22463d6fa4dbc&coopa=0&gdpr=0&gdpr_consent=&_puuid=e8603767-a080-4ed4-8b35-1b7e2d3a336f&_noobservation=1&_expected_cookie=1996aba7fbc7600e192000149c70117a
date
Tue, 23 Aug 2022 07:14:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
73f20dcd0b41fe9d-MEL
content-length
0
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
v2
odr.mookie1.com/t/ Frame F6E2
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=triplelift&user_id=886484015614349187286&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&ssp=triplelift&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26...
  • https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c4f96cd0-0c1f-4938-b591-0fbf02111cad&ssp=triplelift&gdpr_consent=&gdpr=0
0
0
c.gif
c.bing.com/ Frame F6E2 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=886484015614349187286&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:52 GMT
etag
"6fa9befc56b2d81:0"
last-modified
Wed, 17 Aug 2022 16:32:48 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 18248A51950F4FCCA9DBD7413ADB1D60 Ref B: MEL01EDGE1119 Ref C: 2022-08-23T07:14:53Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame F6E2
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/886484015614349187286?gdpr=0&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-102jfxlE2oSgnRV5iY3_K8rLn9P_On7duzp0oddFLg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-102jfxlE2oSgnRV5iY3_K8rLn9P_On7duzp0oddFLg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Tue, 23 Aug 2022 07:14:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-102jfxlE2oSgnRV5iY3_K8rLn9P_On7duzp0oddFLg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
iu3
s.amazon-adsystem.com/ Frame F6E2
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=0&gdpr_consent=&uid=886484015614349187286
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=886484015614349187286&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=886484015614349187286&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?&ld=1
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:53 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
4C0AVT9JR7RAP7XAP8FN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=0&gdpr_consent=&uid=886484015614349187286&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame F6E2
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=0&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=CK143zJNumpPsunND2RL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLE...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5INFTCNBTPJFE4...
0
0
Disclaimer.svg
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		225 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/Disclaimer.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Aug 2022 22:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
376155
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29254
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 18 Aug 2023 22:45:37 GMT
stefan_img1.png
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/stefan_img1.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
75aaa6282f495e3ff4953fb2a46541549963bb72a43d0a9466d7c92e510d8dd2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 22 Aug 2022 18:18:06 GMT
x-content-type-options
nosniff
age
46606
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53460
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 22 Aug 2023 18:18:06 GMT
stefan_img2.png
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/stefan_img2.png
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4e4511255249a63b4101c63f6c91885bc36887c8cc636569cbfc935026ff8c49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Aug 2022 21:33:22 GMT
x-content-type-options
nosniff
age
294090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56020
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 19 Aug 2023 21:33:22 GMT
Stefan1.svg
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		44 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/Stefan1.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
825cc80902f9af3dbf552cf0818b2b7db587af77bcd77ab6db82c4d661123180
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 00:50:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
195887
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11928
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 00:50:05 GMT
Stefan2.svg
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		42 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/Stefan2.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4eaf086101efbf5310adfc867314d7005ea3986547b8611dcb5a33a751c161ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 05:13:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
180090
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12967
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 05:13:22 GMT
CTA.svg
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/CTA.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 21 Aug 2022 20:39:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
124493
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3171
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 21 Aug 2023 20:39:59 GMT
Frame3.svg
s0.2mdn.net/sadbundle/5395108804705366200/ Frame 0985 		34 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/5395108804705366200/Frame3.svg
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.149 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f149.1e100.net
Software
sffe /
Resource Hash
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://s0.2mdn.net/sadbundle/5395108804705366200/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Aug 2022 22:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
462263
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10826
x-xss-protection
0
last-modified
Fri, 13 May 2022 01:12:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 17 Aug 2023 22:50:29 GMT
usermatch
ssum-sec.casalemedia.com/ Frame CF07 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd568aa5c7864cae0406e325578009ad2888acc2b4b153aeaac3b76d0788c2d

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73f20dc9c90bdf8d-MEL
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 07:14:53 GMT
dropped-udsids
39|241|230|73|17|31|130|218
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=goE3pcGTbM5FdWH5oGxhKSuM7IpgiOOqPtUxhK2ReL8BqLIs0RXyYV1ZTMHK7kcBQczdrLWwNPIQxT3mK0%2FieLjIVTYUW40mCbJU%2FE0YL8HArw%2FikA17hxMPYv9OBjaI3PMgjv7ZywYasQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 382C 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=47393163&p=159463&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.81 Los Angeles, United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
49e2385cc0f6aab2f7c125d4867589f75d64863adffcdea0dea2cabc3dea7af4

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
tap.php
pixel.rubiconproject.com/ Frame 6A6F
Redirect Chain
  • https://match.adsrvr.org/track/cmf/rubicon
  • https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=&expires=30
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=&expires=30
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.rubiconproject.com/tap.php?v=8981&nid=2307&put=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=&expires=30
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
289
tap.php
pixel.rubiconproject.com/ Frame 6A6F
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJWDCZN94UHdt-7j7VYCbFM&google_cver=1
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJWDCZN94UHdt-7j7VYCbFM&google_cver=1
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
030b4ddd4a4f3e9891a065664f20c4bb
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEJWDCZN94UHdt-7j7VYCbFM&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
esync
token.rubiconproject.com/ Frame 6A6F
Redirect Chain
  • https://id.rlcdn.com/709414.gif
  • https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
0
214 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
808ed95536e7f55d8adbcb9fc76d309d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Tue, 23 Aug 2022 07:14:53 GMT
via
1.1 google
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://token.rubiconproject.com/esync?pid=28028&puid=&pt=e
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6A6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmE2M2ZhMDAwZWYxNzM2MWMzZmI1NTdkNTdjM2MyMmQwOTg1MWIyYw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmE2M2ZhMDAwZWYxNzM2MWMzZmI1NTdkNTdjM2MyMmQwOTg1MWIyYw
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=YmE2M2ZhMDAwZWYxNzM2MWMzZmI1NTdkNTdjM2MyMmQwOTg1MWIyYw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
0d2bd05215470efb17ae41aff76c3f98
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
token
pixel.rubiconproject.com/ Frame 6A6F
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VGY16v7ISPaE9q6LPoNREw&rk=usync-na
0
0
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6A6F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
0
0
pixel
cm.g.doubleclick.net/ Frame 6A6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc1VVFQNDYtMTgtQU9PUg==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc1VVFQNDYtMTgtQU9PUg==
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
H3
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDc1VVFQNDYtMTgtQU9PUg==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 6A6F
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/vjCbWg7-ULPX4IqFbr57b8n5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3279108649440249905
42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3279108649440249905
Requested by
Host: www.bg3.co
URL: https://www.bg3.co/a/chao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html
Protocol
HTTP/1.1
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4b9b5fe4fdc8ed94e0f7cdc225df187a
Content-Type
image/gif

Redirect headers

date
Tue, 23 Aug 2022 07:14:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3279108649440249905
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1EEC 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91728
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 07:14:53 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 24 Aug 2022 08:43:41 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
13926
g2.gumgum.com/usync/ Frame FEFB 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.79.50.48 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
028db0946a28c2a7fb1205af80b28e1960e1b470045996973b9a1b1f016c5447

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Tue, 23 Aug 2022 07:14:53 GMT
etag
W/"0131f28a5250f7d7043131d904460a5c5"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 249B 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
c03309508167a8437687b3e06918ffb9427be6b3e34f1f020a11f02bbc584941
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
1397
content-type
text/html
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 2E03 		887 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.39 Singapore, Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
813b2bb63932da3d76e4aa0c5a75653344b87a154a2aeb07cad162a25aca59b5

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
887
content-type
text/html
date
Tue, 23 Aug 2022 07:14:53 GMT
usermatch
ssum-sec.casalemedia.com/ Frame DF0E 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
557aac1b02f125286102fdd0d5b9cfb7116d9e9cd6dfa2474ee2b0d5d2c94aac

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
73f20dcaaa83df8d-MEL
content-encoding
br
content-type
text/html
date
Tue, 23 Aug 2022 07:14:53 GMT
dropped-udsids
46|88|206|3|176|41|24|65
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B21gO%2F4WHMDjQgbORQahmUCMwMomIpjJRw7oaBGEixgBRnuDat4pgwW0z%2FwRQWgOgyVIKwnYpVmW0QY%2FS3S%2Fy9qybnGH91XIF3osMLRFZsi19Yr2qPc5arHguuYdsFfDyuh1zBU1kZdqDA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Is-Traffic-Usersync, Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 4F54
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 07:14:53 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Aug 2022 07:14:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
setuid
x.yieldlift.com/ Frame 326E
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
  • https://x.yieldlift.com/setuid?bidder=rubicon&uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1YN-
0
0
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=7212820068730442693
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=7212820068730442693
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:53 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
92560d1f-add3-4502-a563-c6cf62bc5bc9
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=7212820068730442693
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:54 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3sfo1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
  • https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID&sovrn_retry=true
  • https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
0
0
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZTYxODc1NDYtZTNhZC00NTZiLTgwMWEtN2Q0OGE0MjAwZDgzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yM1QwNzoxNDo1NC4yMjMzNjVaIn0=
0
0
9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c
sync.1rx.io/usersync/bidswitch/ Frame 326E
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=2340869888
  • https://a.sportradarserving.com/sync?ssp=bidswitch&bidswitch_ssp_id=adconductor
  • https://x.bidswitch.net/sync?dsp_id=409&expires=14&user_group=1&user_id=abb6c59d-886a-4e5e-a6b1-9f2e25e02662&ssp=adconductor
  • https://sync.1rx.io/usersync/bidswitch/9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c?gdpr=&gdpr_consent=
0
0
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=1978557990575788388
0
0
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
  • https://ads.servenobid.com/sync?pid=332&uid=9bde90f4-d27a-48f1-8a8f-295ce804e756
0
0
pixel
ap.lijit.com/ Frame 326E
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F231%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D61d46240-18b0-4449-9aac...
0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F231%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D61d46240-18b0-4449-9aac-69a56f22fd95%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Server
209.191.163.208 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 23 Aug 2022 07:14:54 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2sfo1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT

Redirect headers

location
https://ap.lijit.com/pixel?gdpr=1&gdpr_consent=&us_privacy=1YN-&redir=https%3A%2F%2Fprebid.a-mo.net%2Fcchain%2F0%2F231%3Fgdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26A%3D61d46240-18b0-4449-9aac-69a56f22fd95%26bidder%3Dsovrn%26cbx%3DaHR0cHM6Ly9hZHMuc2VydmVub2JpZC5jb20vc3luYz9waWQ9MzI3JnVpZD0%253D%26uid%3D%24UID
date
Tue, 23 Aug 2022 07:14:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ads.servenobid.com/sync?pid=337&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
date
Tue, 23 Aug 2022 07:14:53 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-b2512687-4128-3554-914e-191ef655ff02
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-b2512687-4128-3554-914e-191ef655ff02
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-b2512687-4128-3554-914e-191ef655ff02
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
no-store
content-length
0
vary
origin
expires
0
sync
ads.servenobid.com/ Frame 326E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58632/occ
  • https://ads.servenobid.com/sync?pid=339&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=339&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=339&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
date
Tue, 23 Aug 2022 07:14:53 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
usync.js
eus.rubiconproject.com/ Frame 1148 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
243506277e64a9ce1cc92b117b4991f1b80c14c2f56e8e95b397370a7f1450dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61611
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Wed, 24 Aug 2022 00:21:44 GMT
rum
dsum-sec.casalemedia.com/ Frame CF07
Redirect Chain
  • https://match.adsrvr.org/track/cmf/casale
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24de8755-1fd5-4995-84de-10c316ebc90a&expiration=1663830893&gdpr=0&gdpr_consent=
43 B
912 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24de8755-1fd5-4995-84de-10c316ebc90a&expiration=1663830893&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dcc5e6d5a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6N3V6u9WlcBESH%2BlZ%2FCUHDiSnaCcOQYh31y7x7Q6sZ0tQNNmXc5vFGSkrofGW%2F4RvFPsfKys3QlG%2B%2BIj5ocgcQdDMGpFUj1arOfhpsDETGb7xl%2F5MlDmL0HOtadzo6lFV1xhNQkJDmjPw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=39&external_user_id=24de8755-1fd5-4995-84de-10c316ebc90a&expiration=1663830893&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
323
dcm
s.amazon-adsystem.com/ Frame CF07
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&dcc=t
43 B
932 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.46.155.104 -, , ASN (),
Reverse DNS
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
GWXYND8XRMBV31SMAJV0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:54 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
M6ERE2BVQ35FPVK7Z1V7
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame CF07
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOibwBtNeQegsUdZ0GCIQeQ&google_cver=1
43 B
944 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOibwBtNeQegsUdZ0GCIQeQ&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dcd6db65a98-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3QschgZGShcW1K50p6ATbnVkCHQiBUAr72k8pQpazw6cFTCmr96kB2PtS%2FTTA%2FlxzYWQInEVZaNFlehyH8WOBa0i%2F7YB0X0j7S6Nj5zE1O%2Baauw7y6uwrGFAzlnK1eQwSi9qizhdr4GBxA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&google_gid=CAESEOibwBtNeQegsUdZ0GCIQeQ&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
342
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame CF07 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB?gdpr_consent=&us_privacy=&gdpr=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.19.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-19-43.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
/
b1sync.zemanta.com/usersync/bluekai/callback/ Frame CF07
Redirect Chain
  • https://b1sync.zemanta.com/usersync/index/?us_privacy=&gdpr=&gdpr_consent=
  • https://stags.bluekai.com/site/23178?id=5xvKKHPLjLFxeh4ne40b&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3S...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NLYOZFUW...
0
0
crum
dsum-sec.casalemedia.com/ Frame CF07
Redirect Chain
  • https://px.owneriq.net/eucm/p/cc?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D31%26external_user_id%3D(OIQ_UUID)
  • https://px.owneriq.net/ecc?redir=https%3a%2f%2fdsum-sec.casalemedia.com%2fcrum%3fcm_dsp_id%3d31%26external_user_id%3dQ7145252931160927258&uid=Q7145252931160927258&ref=%2Feucm%2Fp%2Fcc
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7145252931160927258
0
0
crum
dsum-sec.casalemedia.com/ Frame CF07
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/ie
  • https://match.prod.bidr.io/cookie-sync/ie?_bee_ppp=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHwkE7GCP0AAA_STV2ynw&expiration=1662448494
0
0
demconf.jpg
dpm.demdex.net/ Frame CF07
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YwR.ak-wLMs5-uM0uZ1hzwAA%26857?gdpr_consent=&us_privacy=&gdpr=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
0
0
htw-pixel.gif
cdn.indexww.com/ht/ Frame CF07 		43 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?YwR.ak-wLMs5-uM0uZ1hzwAA%26857
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.bg3.co%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.13.76 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
cf-cache-status
HIT
age
201
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
content-length
43
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
etag
"761e21-2b-546dc3a097100"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
73f20dccdfa35ab0-MEL
expires
Tue, 23 Aug 2022 11:14:53 GMT
cksync.php
contextual.media.net/ Frame 1148
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=medianet&khaos=L75UQP46-18-AOOR
  • https://contextual.media.net/cksync.php?type=rbcn&ovsid=L75UQP46-18-AOOR
45 B
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L75UQP46-18-AOOR
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol
H2
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
server
Apache
date
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control
max-age=0, no-cache, no-store
content-type
image/gif
content-length
45
x-mnet-hl2
E
expires
Tue, 23 Aug 2022 07:14:53 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://contextual.media.net/cksync.php?type=rbcn&ovsid=L75UQP46-18-AOOR
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
Expires
0
match
c1.adform.net/serving/cookie/ Frame F304
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.84.60.20 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Tue, 23 Aug 2022 07:14:54 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
date
Tue, 23 Aug 2022 07:14:54 GMT
expires
-1
location
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D705
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
42 B
553 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Tue, 23 Aug 2022 07:14:53 GMT
Expires
Tue, 23 Aug 2022 07:14:52 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4494 7cf1da7 master hkg-pixel-x21 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame BD76
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
1 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Tue, 23 Aug 2022 07:14:53 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-bne12529-BNE
x-timer
S1661238894.531446,VS0,VE0
send
sync-dsp.ad-m.asia/dsp/api/sync/ Frame 54FA 		43 B
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-dsp.ad-m.asia/dsp/api/sync/send?s=pubmatic&rd=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyNTMmdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
202.131.200.84 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Cache-Control
no-store,no-cache
Connection
close
Content-Length
43
Content-Type
image/gif
Date
Tue, 23 Aug 2022 07:14:54 GMT
Pragma
no-cache
Server
nginx
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame F4D4
Redirect Chain
  • https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCooki...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
42 B
95 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

cache-control
no-cache
content-length
0
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:52 GMT
expires
Tue, 23 Aug 2022 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=0&gdpr_consent=
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
5667091
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
/
onetag-sys.com/match/ Frame 0327
Redirect Chain
  • https://cm.ambientdsp.com/cm/send?vc=pmj
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzQ0OSZ0bD00MzIwMA==&piggybackCookie=ws4zfx9llln
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame BEDF
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1UmzCIQq1Oqo7E5&gdpr=0&gdpr_consent=
42 B
196 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1UmzCIQq1Oqo7E5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Tue, 23 Aug 2022 07:14:52 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:1UmzCIQq1Oqo7E5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/9853e75#9853e75792b29505864c0b7c23889ef441e21f3f i-04d2d43691b0ba1ae@ap-southeast-1a@dxedge-app-ap-southeast-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
sync
dsp.nrich.ai/bidswitch/ Frame D2D7
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=924108502
  • https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
0
0
pxd
dps.jp.cinarra.com/ Frame 4493 		95 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dps.jp.cinarra.com/pxd?PLATFORM_ID=D&USER_ID=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.113.231.86 -, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Connection
keep-alive
Content-Length
95
Content-Type
image/png
Date
Tue, 23 Aug 2022 07:14:54 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 8962
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
  • https://cm.adgrx.com/bridge.gif?AG_PID=pubmatic&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=492aed34-22b3-11ed-8d50-b1ea5d048eea
0
0
/
onetag-sys.com/match/ Frame 24C4
Redirect Chain
  • https://gocm.c.appier.net/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDImdGw9MTI5NjAw&piggybackCookie=nWVhSbTmD92Rzn2-bX4EYw
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 7DD9
Redirect Chain
  • https://ipac.ctnsnet.com/int/cm?exc=14&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA%3D%26piggybackCookie%3D%5Buser_id%5D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=165b4480044d47dc965ac2557d877be5
42 B
205 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=165b4480044d47dc965ac2557d877be5
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html;charset=UTF-8
date
Tue, 23 Aug 2022 07:14:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=165b4480044d47dc965ac2557d877be5
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
status
302
via
1.1 google
x-xss-protection
1; mode=block
Pug
simage2.pubmatic.com/AdServer/ Frame A238
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
73f20dcdea2f5ab4-MEL
content-length
0
date
Tue, 23 Aug 2022 07:14:54 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={viewer_token}&gdpr=0
server
cloudflare
cookiesync
core.iprom.net/ Frame 1D23 		0
0
i.match
a.tribalfusion.com/ Frame 964E 		43 B
732 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.35.11 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
73f20dcd5fcb5a85-MEL
content-length
43
content-type
image/gif; charset=utf-8
date
Tue, 23 Aug 2022 07:14:53 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302
141
match.deepintent.com/usersync/ Frame 343E 		0
0
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 4961
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93c687e3-316c-474c-8a4b-a702beb6378b-tuct9fe03ed&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
77 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93c687e3-316c-474c-8a4b-a702beb6378b-tuct9fe03ed&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.44 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Tue, 23 Aug 2022 07:14:54 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12522-BNE
x-timer
S1661238894.014109,VS0,VE145

Redirect headers

accept-ranges
bytes
content-length
0
date
Tue, 23 Aug 2022 07:14:53 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=93c687e3-316c-474c-8a4b-a702beb6378b-tuct9fe03ed&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-bne12522-BNE
x-timer
S1661238894.781421,VS0,VE108
x-vcl-time-ms
108
cksync.php
contextual.media.net/ Frame 19E2 		45 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/cksync.php?cs=8&vsid=3042404891537389000V10&type=pba&refUrl=&vid=12388923893042404891537389000V10&ovsid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.195.152.23 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-195-152-23.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-length
45
content-type
image/gif
date
Tue, 23 Aug 2022 07:14:53 GMT
expires
Tue, 23 Aug 2022 07:14:53 GMT
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
pragma
no-cache
server
Apache
strict-transport-security
max-age=31536000
x-mnet-hl2
E
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 382C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=ULs9_Tg0SSCqnryNR7WB5g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=91728
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5549
expires
Wed, 24 Aug 2022 08:43:41 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ddp
pippio.com/api/sync/ Frame 382C
Redirect Chain
  • https://idsync.rlcdn.com/420486.gif?partner_uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f77493b8d39e856e7ca20f0364973e0a1b3910cb2744911825130da4ae8c1bde791426b5417dce21&_=2
  • https://cm.g.doubleclick.net/pixel?google_nid=pippio_dmp&google_cm&google_no_sc&m=CMwpElsKVwgBEJInGlBmNzc0OTNiOGQzOWU4NTZlN2NhMjBmMDM2NDk3M2UwYTFiMzkxMGNiMjc0NDkxMTgyNTEzMGRhNGFlOGMxYmRlNzkxNDI2YjU...
  • https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNzc0OTNiOGQzOWU4NTZlN2NhMjBmMDM2NDk3M2UwYTFiMzkxMGNiMjc0NDkxMTgyNTEzMGRhNGFlOGMxYmRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7vyRmAYSBAgCEABCAEoA&goog...
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=004f6304-7e6b-4b00-a26e-aa0f898bca5d
0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=004f6304-7e6b-4b00-a26e-aa0f898bca5d
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Tue, 23 Aug 2022 07:14:53 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x21 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=004f6304-7e6b-4b00-a26e-aa0f898bca5d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 Aug 2022 07:14:52 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NTBCQjNERkQtMzgzNC00OTIwLUFBOUUtQkM4RDQ3QjU4MUU2&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHouKwWMjjh7xCMeCTwTO1c&google_cver=1
42 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHouKwWMjjh7xCMeCTwTO1c&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHouKwWMjjh7xCMeCTwTO1c&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ImgSync
image8.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:6B0FC4D757894CECAB2A9E4B67E678A3
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
50BB3DFD-3834-4920-AA9E-BC8D47B581E6
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 382C 		43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/50BB3DFD-3834-4920-AA9E-BC8D47B581E6?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.179.19.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-19-43.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=24de8755-1fd5-4995-84de-10c316ebc90a
42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=24de8755-1fd5-4995-84de-10c316ebc90a
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=24de8755-1fd5-4995-84de-10c316ebc90a
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7212820068730442693&gdpr=0&gdpr_consent=
42 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7212820068730442693&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:53 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
6c925177-d2e4-4334-b58c-4079533bce18
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7212820068730442693&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=88ICXfKUBF7olAAP9ckfWKDIV1DoxgJao5IIuBS9
42 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=88ICXfKUBF7olAAP9ckfWKDIV1DoxgJao5IIuBS9
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=88ICXfKUBF7olAAP9ckfWKDIV1DoxgJao5IIuBS9
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync
x.bidswitch.net/ Frame 382C
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=433&user_id=1r2xk7oqbsk2&ssp=pubmatic
0
0
SPug
image4.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1pefsRpE2uW5skhRTQfX3z0FNUqI9cc-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1pefsRpE2uW5skhRTQfX3z0FNUqI9cc-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
67.199.150.85 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1pefsRpE2uW5skhRTQfX3z0FNUqI9cc-~A&gdpr=0&gdpr_consent=
date
Tue, 23 Aug 2022 07:14:53 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ImgSync
image8.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3891991464737702653
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
1 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Server
103.231.98.194 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cache-control
no-store, no-cache, private
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=3448151419563696648&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&gdpr=0&gdpr_consent=
  • https://pubmatic-match.dotomi.com/match/bounce/current?DotomiTest=6b3f0024daaf2260&is_secure=true&networkId=17100&version=1&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNmll1gqYWQN4sp9nAAAAAAA&expiration=1661325294&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&...
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame 382C
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7212820068730442693
0
0
d1ba4609
rtb.gumgum.com/getuid/ Frame 382C 		35 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D3042404891537389000V10%26type%3Dpba%26refUrl%3D%26vid%3D12388923893042404891537389000V10%26ovsid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.74.137.60 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:54 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
async_usersync
ib.adnxs.com/ Frame 661C 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.254.148.252 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:53 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 894.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
142a6b59-7f4b-4d86-8780-70abcc1ccf9d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame DF0E
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7212820068730442693
43 B
911 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7212820068730442693
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dd179925a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B4FGJQk4EvyN8Jxb9gGST3h2hYchOpb8Sl34WnldDCTrGPFjlZdWiSyp7jn7bXnDwxPWCwfGGX8LU%2FIGBB93%2FJR7hLYwE5NFdMO%2BI41x8FbMykiZLoupObzgk3x2QnOQ6aP854dKMhSj2w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:54 GMT
X-Proxy-Origin
103.209.254.77; 103.209.254.77; 907.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
AN-X-Request-Uuid
48c5505e-276b-4fdd-8b34-172a5841c9e4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=7212820068730442693
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DF0E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwR_awABwDl4EwBN
43 B
906 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwR_awABwDl4EwBN
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dcdda0b5a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oxjnCrWZGGNHJUp%2FiJpNxphAw63M8cbAVo2%2BciM3t7q8s02ABBr7D52dwhkzhhzde2tFMmtc7JLnQMnEwvGDBr78VqrcRUKFFjcK%2Bwo8UcEdYEZ3q9vIYfWzwTR04aTltYzd2Y826XL32g%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1661238894.638315,VS0,VE0
x-served-by
cache-bne12529-BNE
x-cache
HIT
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwR_awABwDl4EwBN
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame DF0E
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB&gdpr_consent=&us_privacy=&gdpr=
  • https://pr-bh.ybp.yahoo.com/sync/casale/YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
43 B
993 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Server
54.179.19.43 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-179-19-43.ap-southeast-1.compute.amazonaws.com
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff

Redirect headers

location
https://pr-bh.ybp.yahoo.com/sync/casale/YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
date
Tue, 23 Aug 2022 07:14:53 GMT
server
ATS/9.1.10.25
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame DF0E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=004f6304-7e6b-4b00-a26e-aa0f898bca5d
43 B
916 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=004f6304-7e6b-4b00-a26e-aa0f898bca5d
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dcf1c955a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BXFCRE0V%2BEiEx%2BjQ7hk9H2wXp1DP5THs0QSLQMYYav9VfKk30G8u0n14gLmPyiHhwrwYT3N3q%2FI%2BKgNy8%2Bvqk0ttu7jvMqTmc%2F6s7uGWens4v8y52l%2FpYS70v8oq5pqGUT9RCWsI%2BwvYg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Date
Tue, 23 Aug 2022 07:14:53 GMT
Server
MT3 4494 7cf1da7 master hkg-pixel-x7 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=004f6304-7e6b-4b00-a26e-aa0f898bca5d
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Tue, 23 Aug 2022 07:14:52 GMT
113
match.deepintent.com/usersync/ Frame DF0E 		0
0
crum
dsum-sec.casalemedia.com/ Frame DF0E
Redirect Chain
  • https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
  • https://cm.adgrx.com/bridge.gif?AG_PID=casale
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=492aed34-22b3-11ed-8d50-b1ea5d048eea
43 B
905 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=492aed34-22b3-11ed-8d50-b1ea5d048eea
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dd1ba185a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lCmKueglhKU%2B3f7ubuYqbJXHUpt98UpSPG0e9y5Sw4lzCXeTkLPbuVWSarCuhilwB5XdjDoho8QJ6aAmXKfiRDa8vjcxa6tkoU30OjjpNZAmpUKfg8mDxLWZWFv2hfkaOonBZEMu9LSKqg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

Pragma
no-cache
Date
Tue, 23 Aug 2022 07:14:54 GMT
server
Cowboy
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=41&external_user_id=492aed34-22b3-11ed-8d50-b1ea5d048eea
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
aws-apsoutheast1c-delivery-3
Content-Length
0
Expires
Thu, 23 Sep 2004 17:42:04 GMT
rum
dsum-sec.casalemedia.com/ Frame DF0E
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D24%26external_user_id%3D%7Bviewer_token%7D&us_privacy=&gdpr=&gdpr_consent=
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7f3cf545-6bec-4997-9754-f06e33eec8ea&us_privacy=null&gdpr_consent=null&gdpr=null
43 B
918 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7f3cf545-6bec-4997-9754-f06e33eec8ea&us_privacy=null&gdpr_consent=null&gdpr=null
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H3
Server
104.18.19.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray
73f20dd03ee35a61-MEL
pragma
no-cache
date
Tue, 23 Aug 2022 07:14:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ddF0XfNKFhcUP6FuoGEFBZm%2FWKJhN1NlZhwzfPngwS9oVbRB%2F%2BNu9ANJGxsplDakPZRCzvLkGy6Rc4q87SuRigCUlVkrjnGT%2BY2E8Ji9w2BNYpl%2BVJfF4%2Fe0%2FD%2FThWy95Ft2zWCo%2FGKNLA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control
no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Tue, 23 Aug 2022 07:14:54 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=24&external_user_id=7f3cf545-6bec-4997-9754-f06e33eec8ea&us_privacy=null&gdpr_consent=null&gdpr=null
cf-ray
73f20dcdea325ab4-MEL
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
current
casale-match.dotomi.com/match/bounce/ Frame DF0E 		0
0
sync
ads.servenobid.com/ Frame DF0E 		0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 4F54 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
243506277e64a9ce1cc92b117b4991f1b80c14c2f56e8e95b397370a7f1450dc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 23 Aug 2022 07:14:53 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 Aug 2022 13:55:35 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=61611
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9442
Expires
Wed, 24 Aug 2022 00:21:44 GMT
sync
ads.servenobid.com/ Frame 2E03 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=3611329998867518103&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 2E03
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?CC=1&party=10&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D22%26partneruserid%3DYOUR_USER_ID&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1258785339656606146&gdpr=0&gdpr_consent=
0
0
rtset
bh.contextweb.com/bh/ Frame 2E03 		0
0
sync
x.bidswitch.net/ Frame 2E03
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=smartadserver&gdpr=0&gdpr_consent=
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=6&t=pixel&ssp_id=smartadserver
  • https://x.bidswitch.net/sync?dsp_id=433&user_id=1bf1c5ctg819&ssp=smartadserver
0
0
us.php
gu.dyntrk.com/adx/sma/ Frame 2E03
Redirect Chain
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
  • https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdp...
0
0
pixel
cm.g.doubleclick.net/ Frame 249B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=106&redir=1&ot_initiated=1
  • https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN3tLFQPxlCJ3OGRZHG0N3b0-Bzw6WxA
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://id.rlcdn.com/711916.gif?ct=4&cv=
  • https://onetag-sys.com/match/?int_id=110&uid=
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=75&redir=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D1%26uid%3D%5BMM_UUID%5D%26gdpr%3D0%26gdpr_consent%3D
  • https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=onetag&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=2&uid=L75UQP46-18-AOOR&gdpr=0
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D98%26gdpr%3D0%26gdpr_consent%3D%26uid%3D$UID
  • https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7212820068730442693
0
0
tap.php
pixel.rubiconproject.com/ Frame 249B 		42 B
679 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=223352&nid=4584&put=Mf6u5BUTLNdlSNSEYPOQBFO3ayWCehbM3lkx_lMAPDM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 Singapore, Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
0ed95c36ed1932be3ba76fc523a6e179
Content-Type
image/gif
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://ssbsync-global.smartadserver.com/api/sync?callerId=5&gdpr=0&gdpr_consent=&us_privacy=1YN-&redirectUri=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D107%26uid%3D[ssb_sync_pid]
  • https://onetag-sys.com/match/?int_id=107&uid=3611329998867518103
0
0
ecm3
s.amazon-adsystem.com/ Frame 249B
Redirect Chain
  • https://onetag-sys.com/match/?int_id=113&gdpr=0&gdpr_consent=&callback=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Donetag.com%26id%3D%24%7BUSER_TOKEN%7D&ot_initiated=1
  • https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KIPifx4vWQIPq95dwn5sTiI6nYiEhafJ7i6GU15rIuQ
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=159706&gdpr=0&gdpr_consent=&us_privacy=1YN-&pu=https%3A%2F%2Fonetag-sys.com%2Fmatch%2F%3Fint_id%3D114%26uid%3D%23PMUID
  • https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=onetag_eb&google_cm
  • https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58488/occ?&gdpr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=92&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
0
0
/
onetag-sys.com/match/ Frame 249B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=vw6iyrn&ttd_tpi=1&gpdr=0&gdpr_consent=
  • https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
0
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Server
139.99.49.250 Singapore, Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip250.ip-139-99-49.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
cache-control
no-transform, no-cache
alt-svc
h3=":443"; ma=900, h3-29=":443"; ma=900
content-length
0
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:53 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://onetag-sys.com/match/?int_id=29&uid=24de8755-1fd5-4995-84de-10c316ebc90a&gdpr=0&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
233
receive
pixel.tapad.com/idsync/ex/ Frame 249B
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=onetag&gdpr=0&gdpr_consent=
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&ssp=onetag&gdpr=0&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.vi...
0
0
sync
ads.servenobid.com/ Frame 249B 		0
366 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=318&uid=Mf6u5BUTLNdlSNSEYPOQBFO3ayWCehbM3lkx_lMAPDM
Requested by
Host: onetag-sys.com
URL: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://onetag-sys.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 4F54 		0
0
usersync
usersync.gumgum.com/ Frame FEFB
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=7212820068730442693
0
0
sync
pool.admedo.com/ Frame FEFB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=a_87179a4f-7e60-46e5-a05d-3effcdd85999&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c
0
0
redirectObuid
sync.outbrain.com/ Frame FEFB 		0
0
usersync
usersync.gumgum.com/ Frame FEFB
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=38e8ee64-69c7-47a0-b127-5f550f6388e2
0
0
usersync
usersync.gumgum.com/ Frame FEFB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-161e88a1-ec7c-4019-47a2-440023cf4dda$ip$103.209.254.77
0
0
usersync
usersync.gumgum.com/ Frame FEFB
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-cdY.cU5E2pdxUiGE7.xOUShWFCkzrYF7W_Gu~A
0
0
generic
sync.ipredictive.com/d/sync/cookie/ Frame FEFB 		0
0
services
sync.technoratimedia.com/ Frame FEFB 		0
0
142
match.deepintent.com/usersync/ Frame FEFB 		0
0
23178
stags.bluekai.com/site/ Frame FEFB
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=a_87179a4f-7e60-46e5-a05d-3effcdd85999&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=CK143zJNumpPsunND2RL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
0
0
server_match
ad.360yield.com/ul_cb/ Frame FEFB
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
0
0
sync
x.bidswitch.net/ Frame FEFB
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=1359365653
0
0
rtset
bh.contextweb.com/bh/ Frame FEFB 		0
0
sync
ssbsync.smartadserver.com/api/ Frame FEFB 		0
0
sync
ads.servenobid.com/ Frame FEFB 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=a_87179a4f-7e60-46e5-a05d-3effcdd85999
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.53.23 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-53-23.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 23 Aug 2022 07:14:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usersync
usersync.gumgum.com/ Frame 1FE5
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
0
0
usersync
usersync.gumgum.com/ Frame D558
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
0
0
pixel
cm.g.doubleclick.net/ Frame F099 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=YV84NzE3OWE0Zi03ZTYwLTQ2ZTUtYTA1ZC0zZWZmY2RkODU5OTk=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
HTTP server (unknown) /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Tue, 23 Aug 2022 07:14:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9E2A 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.72.44.196 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-72-44-196.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=91727
content-encoding
gzip
content-length
5549
content-type
text/html; charset=UTF-8
date
Tue, 23 Aug 2022 07:14:54 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Wed, 24 Aug 2022 08:43:41 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache/2.2.15 (CentOS)
vary
Accept-Encoding
usersync
usersync.gumgum.com/ Frame D77B
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=ttd&i=24de8755-1fd5-4995-84de-10c316ebc90a
0
0
um
cs.emxdgt.com/ Frame 97A2 		0
66 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.75.132 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-75-132.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

content-length
0
content-type
text/plain; charset=utf-8
date
Tue, 23 Aug 2022 07:14:54 GMT
server
awselb/2.0
usersync
usersync.gumgum.com/ Frame A1EE
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=YwR.bsCo8YUAAItRBr4AAAAA
0
0
usersync
usersync.gumgum.com/ Frame A955
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
  • https://usersync.gumgum.com/usersync?b=iex&i=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
0
0
cm-notify
creativecdn.com/ Frame ABBA 		0
0
usync.html
eus.rubiconproject.com/ Frame 955F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.75.85.227 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-75-85-227.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Tue, 23 Aug 2022 07:14:54 GMT
ETag
"402b2-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Tue, 23 Aug 2022 07:14:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-Z0TZ7TDHS1&gtm=2oe8m0&_p=5795&cid=37497361.1661238889&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1661238888&sct=1&seg=0&dl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&dt=%E8%B6%85%E5%B8%82%E9%A9%9A%E8%A6%8B%E7%BF%B9%E8%87%80%E6%AD%A3%E5%A6%B9%20%E5%A5%BD%E5%A5%87%E8%B7%9F%E7%9C%8B%E3%80%8C%E5%81%B4%E9%9D%A2%E6%AF%94%E8%83%8C%E9%9D%A2%E6%AE%BA%E3%80%8D%EF%BC%9A%E5%A4%AA%E9%8A%B7%E9%AD%82%20-%20%E5%A4%A9%E5%A4%A9%E8%A6%81%E8%81%9E&en=link_preview&_ee=1&epn.value=1&epn.siteid=42753&ep.error_msg=no_mapping_failed&_et=3
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z0TZ7TDHS1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.24.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f138.1e100.net
Software
Golfe2 /
Resource Hash

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.bg3.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 Aug 2022 07:14:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bg3.co
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 955F 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hb-api.omnitagjs.com
URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEO-OHtW1411WOomJ7JGzrio&google_cver=1&google_push=AehlK4DpvXFtlWnH8M09gbYWJ5XflIb-Qml2EjGwl9AS6T4hzAsK8FLDPicdRB_ZJ118A8qW6oqIVC8Sc7mCYh3DUwwy5f3UzhI
Domain
pix.impdesk.com
URL
https://pix.impdesk.com/csync/google?google_gid=CAESEKShdGffcOui4dAuOJfDcCs&google_cver=1&google_push=AehlK4DRI3bRdOyNh2obbhVrWzNY0tAp5eFiRuJb57mvdontOkqriEn0uMFz87gOaMJXa3zFwtczGmwn2ZT7c7kV6bTXwm_7fcg
Domain
google2waycm.netmng.com
URL
https://google2waycm.netmng.com/cm/?google_gid=CAESEO-OHtW1411WOomJ7JGzrio&google_cver=1&google_push=AehlK4DNKCofN3EyLbtasU2G4t27kNqZbWtoq7fqCcAALN8Uc_7OX5iw6PFOUevyRu__-lfQzIHeLV5QDBkpWtJ1kZche25DgvISfEZWztJSVMZ-JgR4IoNABSEker2uY_ZO8Hno1wz3k04
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=30&uid=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&us_privacy=
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6Y3PNZ2GK6DUOVQWYLTNMVSGSYJONZSXIL3DNNZXS3TDFZYGQ4B7MNZT2OBGMV4GG2DBNZTWKPLNMVSGSYLOMV2CM33WONUWIPLXKJLVKYTKNRMGW52JKRRVSSCRINJF6MBGOJSWMVLSNQ6SM5DZOBST26TFNUTHM2LEHUYTEMZYHA4TEMZYHEZTANBSGQYDIOBZGE2TGNZTHA4TAMBQKYYTAJTWONUWIPJTGA2DENBQGQ4DSMJVGM3TGOBZGAYDAVRRGA
Domain
odr.mookie1.com
URL
https://odr.mookie1.com/t/v2?tagid=V2_948118&src.visitorid=c4f96cd0-0c1f-4938-b591-0fbf02111cad&ssp=triplelift&gdpr_consent=&gdpr=0
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZLCGIXDG3DJMZ2C4Y3PNUXXQ5LJMQ7WI33OM5WGKPLEMJQTQJTFPBRWQYLOM5ST25DSNFYGYZLMNFTHIJTHMRYHEPJQEZWWSZB5GI2DMMBGPB2WSZB5INFTCNBTPJFE45LNOBIHG5LOJZCDEUSM
Domain
pixel.rubiconproject.com
URL
https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=VGY16v7ISPaE9q6LPoNREw&rk=usync-na
Domain
aax-eu.amazon-adsystem.com
URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&dcc=t
Domain
x.yieldlift.com
URL
https://x.yieldlift.com/setuid?bidder=rubicon&uid=L75UQP46-18-AOOR&gdpr=0&us_privacy=1YN-
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=310&uid=FMVSCLZHk9iHd1P9S7S_Xjs6
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiZTYxODc1NDYtZTNhZC00NTZiLTgwMWEtN2Q0OGE0MjAwZDgzIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wOC0yM1QwNzoxNDo1NC4yMjMzNjVaIn0=
Domain
sync.1rx.io
URL
https://sync.1rx.io/usersync/bidswitch/9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c?gdpr=&gdpr_consent=
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=324&uid=1978557990575788388
Domain
ads.servenobid.com
URL
https://ads.servenobid.com/sync?pid=332&uid=9bde90f4-d27a-48f1-8a8f-295ce804e756
Domain
b1sync.zemanta.com
URL
https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS6ZDTOVWS243FMMXGGYLTMFWGK3LFMRUWCLTDN5WS6Y3SOVWT6Y3NL5SHG4C7NFSD2MJXEZSXQY3IMFXGOZJ5NFXGIZLYEZSXQ5DFOJXGC3C7OVZWK4S7NFSD2NLYOZFUWSCQJRVEYRTYMVUDI3TFGQYGE
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=31&external_user_id=Q7145252931160927258
Domain
dsum-sec.casalemedia.com
URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=130&external_user_id=AAHwkE7GCP0AAA_STV2ynw&expiration=1662448494
Domain
dpm.demdex.net
URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Domain
dsp.nrich.ai
URL
https://dsp.nrich.ai/bidswitch/sync?bidswitch_ssp_id=adconductor&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c&gdpr=&gdpr_consent=&gdpr_pd=&us_privacy=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=492aed34-22b3-11ed-8d50-b1ea5d048eea
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Domain
core.iprom.net
URL
https://core.iprom.net/cookiesync
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Domain
pippio.com
URL
https://pippio.com/api/sync/ddp?pid=2&m=CMwpElsKVwgBEJInGlBmNzc0OTNiOGQzOWU4NTZlN2NhMjBmMDM2NDk3M2UwYTFiMzkxMGNiMjc0NDkxMTgyNTEzMGRhNGFlOGMxYmRlNzkxNDI2YjU0MTdkY2UyMRAAGgwI7vyRmAYSBAgCEABCAEoA&google_gid=CAESEPjAunF1TnYYpmAyLqMcv1Q&google_cver=1
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=433&user_id=1r2xk7oqbsk2&ssp=pubmatic
Domain
image8.pubmatic.com
URL
https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAMNmll1gqYWQN4sp9nAAAAAAA&expiration=1661325294&nuid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6&is_secure=true&gdpr_consent=&gdpr=0
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7212820068730442693
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/113
Domain
casale-match.dotomi.com
URL
https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
Domain
rtb-csync.smartadserver.com
URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=22&partneruserid=1258785339656606146&gdpr=0&gdpr_consent=
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?dsp_id=433&user_id=1bf1c5ctg819&ssp=smartadserver
Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/sma/us.php?dynk=sma4rt4bt4fg&sspurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D69%26partneruserid%3DPARTNER_USER_ID%26gdpr%3D$GDPR%26gdpr_consent%3D$GDPR_CONSENT&gdpr=0&gdpr_consent=&prevuid=03030002_63047e6c43acd&knw=1
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=AAABgsmN3tLFQPxlCJ3OGRZHG0N3b0-Bzw6WxA
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=110&uid=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=1&uid=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=2&uid=L75UQP46-18-AOOR&gdpr=0
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=98&gdpr=0&gdpr_consent=&uid=7212820068730442693
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=107&uid=3611329998867518103
Domain
s.amazon-adsystem.com
URL
https://s.amazon-adsystem.com/ecm3?ex=onetag.com&id=KIPifx4vWQIPq95dwn5sTiI6nYiEhafJ7i6GU15rIuQ
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=114&uid=50BB3DFD-3834-4920-AA9E-BC8D47B581E6
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=106&google_gid=CAESEOJhdAhQZYXu4ySVyfnQJGA&google_cver=1
Domain
onetag-sys.com
URL
https://onetag-sys.com/match/?int_id=92&uid=y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
Domain
pixel.tapad.com
URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2910&partner_device_id=10527375236654871984&gdpr=0&gdpr_consent=&partner_url=https%3A%2F%2Fodr.mookie1.com%2Ft%2Fv2%3Ftagid%3DV2_948118%26src.visitorid%3D%24%7BTA_DEVICE_ID%7D%26ssp%3Donetag%26gdpr_consent%3D%26gdpr%3D0
Domain
pixel-us-east.rubiconproject.com
URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=L75UQP46-18-AOOR
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=apn&i=7212820068730442693
Domain
pool.admedo.com
URL
https://pool.admedo.com/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_custom_parameter=9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c
Domain
sync.outbrain.com
URL
https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=opx&i=38e8ee64-69c7-47a0-b127-5f550f6388e2
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sta&i=0-161e88a1-ec7c-4019-47a2-440023cf4dda$ip$103.209.254.77
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=oth&i=y-cdY.cU5E2pdxUiGE7.xOUShWFCkzrYF7W_Gu~A
Domain
sync.ipredictive.com
URL
https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D
Domain
sync.technoratimedia.com
URL
https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
Domain
match.deepintent.com
URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Domain
stags.bluekai.com
URL
https://stags.bluekai.com/site/23178?id=CK143zJNumpPsunND2RL&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2Q2LGE2DG6SKJZ2W24CQON2W4TSEGJJEYJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1---
Domain
ad.360yield.com
URL
https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
Domain
x.bidswitch.net
URL
https://x.bidswitch.net/sync?ssp=adconductor&user_id=RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004&rndcb=1359365653
Domain
bh.contextweb.com
URL
https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
Domain
ssbsync.smartadserver.com
URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=mmh&i=004f6304-7e6b-4b00-a26e-aa0f898bca5d&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=atm&i=YwR_awABwDl4EwBN&gdpr=0&gdpr_consent=
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=ttd&i=24de8755-1fd5-4995-84de-10c316ebc90a
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=sus&i=YwR.bsCo8YUAAItRBr4AAAAA
Domain
usersync.gumgum.com
URL
https://usersync.gumgum.com/usersync?b=iex&i=YwR.ak-wLMs5-uM0uZ1hzwAA%26857
Domain
creativecdn.com
URL
https://creativecdn.com/cm-notify?pi=gumgum
Domain
eus.rubiconproject.com
URL
https://eus.rubiconproject.com/usync.js

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| adpushup object| ucfad_async object| AMP_CONFIG object| AMP_EXP object| AMP object| __AMP_LOG function| HTMLElementOrig object| __AMP_ERRORS object| __AMP_MODE function| __AMP_REPORT_ERROR object| __AMP_TOP object| __AMP_SERVICES object| __AMP_URL_CACHE object| __AMP__EXPERIMENT_TOGGLES boolean| __AMP_TAG object| __AMP_EXTENDED_ELEMENTS function| __AMP_BASE_CE_CLASS object| adRecover object| ucf object| request string| paramsString function| setImmediate function| clearImmediate number| ampAdSlotIdCounter undefined| $ undefined| jQuery function| jqAlias object| __AMP_EXPERIMENT_BRANCHES object| goog_identity_prom string| __AMP_DEFAULT_BOOTSTRAP_SUBDOMAIN number| ampAdGoogleIfiCounter string| currentState object| google_reactive_ads_global_state object| gaGlobal number| ampAdPageCorrelator object| listeningFors number| 3pla object| googletag object| _apPbJs object| hbAnalytics object| adpTags object| google_ad_modifications number| google_global_correlator object| google_prev_clients function| _apPbJsChunk object| _pbjsGlobals object| mnet string| nobidVersion object| nobid object| Criteo object| _qevents object| ap_link_preview_states object| apLinkPreviewUtils object| apEuCountries object| ggeac object| google_tag_data object| google_js_reporting_queue function| quantserve function| __qc object| ezt object| _qoptions function| qtrack undefined| google_measure_js_timing boolean| noPreviewPage object| dataLayer function| gtag object| google_tag_manager function| onYouTubeIframeAPIReady object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_127 object| Criteo_prebid_127

128 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIoQEQqLG3zKwwCgoIgQIQqLG3zKwwCgoI4gEQqLG3zKwwCgoI5gEQqLG3zKwwCgoIhwIQqLG3zKwwCgkICRCosbfMrDAKCQg6EKixt8ysMAoJCAsQqLG3zKwwCgoIjAIQqLG3zKwwCgkIXxCosbfMrDA=
.aralego.com/ Name: sspid
Value: b0926590-3b47-3883-b159-68aff32736f8
.aralego.com/ Name: euconsent-v2
Value:
.aralego.com/ Name: gdpr
Value: 1
www.bg3.co/ Name: __AP_SESSION__
Value: cc939e0b-bbe2-49ea-b09e-5d7fe8d6c747
www.bg3.co/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bg3.co/ Name: _pubcid
Value: 1c79754d-e855-4001-8c8a-8750a314ba59
.bg3.co/ Name: __gpi
Value: UID=000008ec8b987d9b:T=1661238886:RT=1661238886:S=ALNI_Ma4nH3DL0cp-ZkUodsNh8YOcY-hLg
.adpushup.com/ Name: ap_uid
Value: 44ebae20-22b3-11ed-b4c1-000d3ac7f2f6
.adpushup.com/ Name: ap_usid
Value: 44ebae21-22b3-11ed-b4c1-000d3ac7f2f6
.openx.net/ Name: i
Value: 1c79754d-e855-4001-8c8a-8750a314ba59|1661238886
.teads.tv/ Name: tt_viewer
Value: 07a9b0f0-67bc-42fb-a430-16d9455f18a9
.adnxs.com/ Name: icu
Value: ChgIm_VtEAoYASABKAEw5_yRmAY4AUABSAEQ5_yRmAYYAA..
.adnxs.com/ Name: uuid2
Value: 7212820068730442693
.rubiconproject.com/ Name: khaos
Value: L75UQP46-18-AOOR
www.bg3.co/ Name: cto_bidid
Value: Xopex19aeWVZenppcU93bFBITUZ5RVJtZzlNbFBkbjZreDNlS1JCOWp1c0clMkZ5VjVaeURoWTJ6SnclMkJTWHFydjBITlNQN0taVzZ5UVl0UzYxV05aWGtvRERYUGclM0QlM0Q
www.bg3.co/ Name: cto_bundle
Value: c7B4EF9xMm5GOEx2MTBrc3RmTzhtdVM3SmZ2a2tRMWVjTFp2M0pFVWNhdnJyQ1dwR3RYRkgyWm00SDdSNUVhdXU2MHhYTEo0R1VYaDVKNDVpY2diNGwyNFUlMkJNOVZoSHV3QSUyRk1tVmZCOWEwYkFkRHMlM0Q
.prebid.a-mo.net/ Name: __amc
Value: 1_1661238887_1661238887
.a-mo.net/ Name: amuid2
Value: 61d46240-18b0-4449-9aac-69a56f22fd95
.prebid.a-mo.net/ Name: sd_amuid2
Value: 61d46240-18b0-4449-9aac-69a56f22fd95
.quantserve.com/ Name: mc
Value: 63047e67-e2f08-1e9e9-703fc
.bg3.co/ Name: __qca
Value: P0-421761949-1661238887832
.doubleclick.net/ Name: IDE
Value: AHWqTUncAyibl_Axdki2BvOLWGLr1tTrudjoVtJJ5i3Re6FPrjQAqpbzGmwDT1cxxRg
.bg3.co/ Name: _ga_Z0TZ7TDHS1
Value: GS1.1.1661238888.1.0.1661238888.0.0.0
.bg3.co/ Name: _ga
Value: GA1.1.37497361.1661238889
.bg3.co/ Name: __gads
Value: ID=fd889806d20ccb7e:T=1661238886:S=ALNI_MbocE3pgO9d5GteuixAf6eWi9GHiw
.adsrvr.org/ Name: TDID
Value: 24de8755-1fd5-4995-84de-10c316ebc90a
.media.net/ Name: visitor-id
Value: 3042404891537389000V10
.media.net/ Name: data-ttd
Value: 24de8755-1fd5-4995-84de-10c316ebc90a~~1
.adingo.jp/ Name: ID
Value: cce47bd3168de2bf8e1a261fc9aab341
.w55c.net/ Name: wfivefivec
Value: 1UmzCIQq1Oqo7E5
.media.net/ Name: data-g
Value: CAESEPYPU5tnQoFeNXrqYOma8Y0~~6
.w55c.net/ Name: matchgoogle
Value: 5
.casalemedia.com/ Name: CMID
Value: YwR.ak-wLMs5-uM0uZ1hzwAA
.casalemedia.com/ Name: CMPS
Value: 857
.casalemedia.com/ Name: CMPRO
Value: 857
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E?jpQhv8!]tbPl1M>e)ZlrFUfJ+tGXxo3ZTXaZQNMtUE]0N1SEWO4U_8tqOz!#A)8.SD3If)y3KL9D3I?+X[ywTT
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&093622d9-746f-42b2-8944-1dce0906b997"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2794:u=1:x=1:i=1661238891:t=1661325291:v=2:sig=AQFzP16RKjmNtLcBdrQ9OLJhUKWlByQs"
.ladsp.com/ Name: cr
Value: 1
.mathtag.com/ Name: mt_mop
Value: 4:1661238891
.bidswitch.net/ Name: tuuid
Value: 9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c
.bidswitch.net/ Name: c
Value: 1661238891
.bidswitch.net/ Name: tuuid_lu
Value: 1661238891
.mathtag.com/ Name: uuid
Value: 004f6304-7e6b-4b00-a26e-aa0f898bca5d
.uncn.jp/ Name: t
Value: v_b6cc2e43-2fd6-45ba-b863-6a2627a8a231
fksnk.com/ Name: AWSALBCORS
Value: neKNtFJVAo0urjcMeIULnI0+y0XNfMGaMF775BtSRbyS9+fpcYk9lzKxZivnr05hfHcZP5cieBfMqyaDPS6XW4ipumowucyXs564GtXAmMMsqGUJHmYO5NZ5vb+w
.fksnk.com/ Name: f_001
Value: 3EEC9E428D04BA23
.fksnk.com/ Name: g_001
Value: 1
.bidswitch.net/ Name: google_push
Value: AehlK4And0S28j8jKbpzzQsXeghJwmsnZ8eqvoGtJN41ZtO60rJVsoNJSN6sCtpL87Idj6ecPy8odHyxzoTUFnCYzjonHBHLtoyw
.ctnsnet.com/ Name: gid_CAESEOB8ErzluWUaj7BdVudUIn0
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YwR_awABwDl4EwBN
.ladsp.com/ Name: smn_uid
Value: 4NDyw7jhGahNnCj4xAbsFg7FrgnjBcY
www.bg3.co/ Name: pbjs-unifiedid
Value: %7B%22TDID%22%3A%2224de8755-1fd5-4995-84de-10c316ebc90a%22%2C%22TDID_LOOKUP%22%3A%22TRUE%22%2C%22TDID_CREATED_AT%22%3A%222022-07-23T07%3A14%3A52%22%7D
.openx.net/ Name: pd
Value: v2|1661238892|jElYiuvOiahI
.r-ad.ne.jp/ Name: r_ad_token
Value: 5077Eq00eBDGa007AyCc
.prebid.a-mo.net/ Name: _sv3_8
Value: 1
.dyntrk.com/ Name: dyn_u
Value: 03030002_63047e6c43acd
.turn.com/ Name: uid
Value: 3448151419563696648
.w55c.net/ Name: matchmedianet
Value: 5
.openx.net/ Name: univ_id
Value: 537072971|24de8755-1fd5-4995-84de-10c316ebc90a|1661238892504683
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-161e88a1-ec7c-4019-47a2-440023cf4dda.R8vMBiPwderdwqEnYG9nIH%2BSodn07pdYCABmvPdKt5I
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AFh6Ioex8QBlHokQAI89N2mfR_k0.A7Nfs0v03GVrh3yAfk%2Br19gOV6w%2FLJAjceZPF0khOMQ
.3lift.com/ Name: tluid
Value: 886484015614349187286
.yahoo.com/ Name: A3
Value: d=AQABBGx-BGMCEI2V1s8nH0xKp6NJBN4yl_0FEgEBAQHPBWMOYwAAAAAA_eMAAA&S=AQAAAlREEybtAjqDv7LrNuFP7Uk
.media.net/ Name: data-o
Value: 07f9238b-ead2-4516-b513-31d675dc1b78~~8
.media.net/ Name: data-xu
Value: 1UmzCIQq1Oqo7E5~~8
.media.net/ Name: data-a
Value: 7212820068730442693~~8
.criteo.com/ Name: uid
Value: bc7d5c35-5191-4276-945f-151cce41f324
.ads.pubmatic.com/ Name: KCCH
Value: YES
.socdm.com/ Name: SOSYNC
Value: anNvbjp7Im9wZW54IjoxNjYxMjM4ODkyfQ
.linkedin.com/ Name: li_sugr
Value: e8603767-a080-4ed4-8b35-1b7e2d3a336f
.media.net/ Name: data-c
Value: bc7d5c35-5191-4276-945f-151cce41f324~~1
.media.net/ Name: data-c-ts
Value: 1661238893
.prebid.a-mo.net/ Name: _sv3_9
Value: 1
.ladsp.com/ Name: lum
Value: CP2zt8ysMBIFCAEQqAESBQgDEKgE
.bing.com/ Name: MUID
Value: 3A1BBFC7ECCB65493000ADCEED216425
.c.bing.com/ Name: MR
Value: 0
.casalemedia.com/ Name: CMST
Value: YwR+bWMEfm0A
.pubmatic.com/ Name: KADUSERCOOKIE
Value: 50BB3DFD-3834-4920-AA9E-BC8D47B581E6
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 1
.pubmatic.com/ Name: pi
Value: 159463:2
.pubmatic.com/ Name: DPSync3
Value: 1661817600%3A164%7C1661299200%3A174%7C1662422400%3A197_201
.pubmatic.com/ Name: SyncRTB3
Value: 1662508800%3A35%7C1661817600%3A15_223_2%7C1662076800%3A63%7C1662422400%3A22_3_234_5_54_8_56_209_176_21_179_165_96_71_247_222_107_99_204_189_238_13_220_7_231
.prebid.a-mo.net/ Name: _sv3_3
Value: 1
.prebid.a-mo.net/ Name: _sv3_7
Value: 1
.casalemedia.com/ Name: CMRUM3
Value: b063047e6d05a00&1f63047e6d05a00&2963047e6d05a00&e663047e6d2760&1163047e6d05a0&2763047e6d0b40&4963047e6d05a0&8263047e6da8c0&da63047e6d2760&ce63047e6d05a0&f163047e6d05a0&0363047e6d05a0&5863047e6d05a0&4163047e6d05a00&1863047e6d05a0&2e63047e6d05a0&2d63047e6b05a0CAESECNsZurVjPZsHgENiii5xnQ
.sportradarserving.com/ Name: zuuid
Value: abb6c59d-886a-4e5e-a6b1-9f2e25e02662
.sportradarserving.com/ Name: c
Value: 1661238893
.sportradarserving.com/ Name: zuuid_lu
Value: 1661238893
.w55c.net/ Name: matchpubmatic
Value: 5
.quantserve.com/ Name: d
Value: EJABCwH2JvijAA
.servenobid.com/ Name: pid_339
Value: y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
.servenobid.com/ Name: pid_337
Value: y-RldGOTFE2uHa88tBBpEX.tDZrSMnwXvpEVChEic-~A
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNrQ0tzA1Nbe0NDA1NzW3sDC2sBDiM9Q19nXLCnDULS4vji8CALll1QIlAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNrQ0tzA1Nbe0NDA1NzW3sDC2sBDiM9Q19nXLCnDULS4vji8CALll1QIlAAAA
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_zslzmtoZmZoZGxhYWlsam4CABPpm8EQAAAA
.mfadsrvr.com/ Name: tuuid
Value: 8fa55afc-8635-4292-95dd-e95e9087ec97
.mfadsrvr.com/ Name: c
Value: 1661238893
.mfadsrvr.com/ Name: tuuid_lu
Value: 1661238893
.adsymptotic.com/ Name: U
Value: 1996aba7fbc7600e192000149c70117a
.media.net/ Name: data-bs
Value: 9e5fc260-0e5b-4171-a7ed-a0dbe91dd24c~~1
.media.net/ Name: data-rk
Value: 1991787313928468380~~8
.rlcdn.com/ Name: rlas3
Value: SXBXb7UXRI1qcnhL03W2sTpEp/7oqeHpBrxCpV3AiSU=
.rlcdn.com/ Name: pxrc
Value: CO38kZgGEgUI6EcQABIGCJC8KxAA
.analytics.yahoo.com/ Name: IDSYNC
Value: "196y~26qv:196n~26qv:175w~26qv"
.smartadserver.com/ Name: pid
Value: 3611329998867518103
.rubiconproject.com/ Name: audit
Value: 1|WD0cx+9RTMLjXYrcogOWHyKB0+A8/5OajB2P7pkii5JFaygRI1j8zCtzQEqEF9Fp0EDmZOSFlB1gEJ9oO5p1Ev0exc+f0IZt
.servenobid.com/ Name: pid_312
Value: 7212820068730442693
.ctnsnet.com/ Name: cid
Value: 165b4480044d47dc965ac2557d877be5
ads.playground.xyz/ Name: connect.sid
Value: s%3AwQ1QkZbyK0ioKDVYHqR9DXzs5GHpJb6O.2xTwfq0nTLRp1G%2BwjtfNeD3xrD6Gsg%2BMH4nSR8zZUfg
.onetag-sys.com/ Name: OTP
Value: KIPifx4vWQIPq95dwn5sTiI6nYiEhafJ7i6GU15rIuQ
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004%22%7D
.media.net/ Name: data-pba
Value: 50BB3DFD-3834-4920-AA9E-BC8D47B581E6~~8
.mookie1.com/ Name: id
Value: 10527375236654871984
.mookie1.com/ Name: mdata
Value: 1|10527375236654871984|1661238893743
.mookie1.com/ Name: ov
Value: e0187627ecf5fd7c2554ef2afc0c243d
.casalemedia.com/ Name: CMTS
Value: 844
.tribalfusion.com/ Name: ANON_ID
Value: aGnvfMoNIvbpmVrCJIl0UvZdFYZcYA4g7IXYehmIEhRhZd61oPs5aWoXyvqeZa0BZbJ0FiDnhAeZbCk1LZcjX46Zbf1EptD9HX7w2MZbWoBQSTd5hde5KTCXhsiTe
.media.net/ Name: data-r
Value: L75UQP46-18-AOOR~~1
.gumgum.com/ Name: vst
Value: a_87179a4f-7e60-46e5-a05d-3effcdd85999
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-62526414-bc29-4276-bfef-ceff9f1ca25a-004%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adsrvr.org/ Name: TDCPM
Value: CAESFQoGZ29vZ2xlEgsIlrSIwqa4gjsQBRIWCgdydWJpY29uEgsIkr2A0qa4gjsQBRIVCgZjYXNhbGUSCwjKwabUpriCOxAFEhcKCHB1Ym1hdGljEgsI2orv1aa4gjsQBRgBIAEoAjILCI6jgYa9uII7EAU4AVoHdnc2aXlybmAC
.lijit.com/ Name: ljt_reader
Value: FMVSCLZHk9iHd1P9S7S_Xjs6
.taboola.com/ Name: t_gid
Value: 93c687e3-316c-474c-8a4b-a702beb6378b-tuct9fe03ed
.zemanta.com/ Name: zuid
Value: 5xvKKHPLjLFxeh4ne40b
.servenobid.com/ Name: pid_333
Value: YwR-ak_wLMs5_uM0uZ1hzwAAA1kAAAIB

6 Console Messages

Source Level URL
Text
network error URL: https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&CanonicalUrl=https%3A%2F%2Fwww.bg3.co%2Fa%2Fchao-shi-liang-jian-qiao-tun-zheng-mei-hao-qi-gen-kan-ce-mian-bi-bei-mian-sha-tai-xiao-hun.html&PublisherDomain=https%3A%2F%2Fbg3.co%2F
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network error URL: https://cdn.adpushup.com/42753/L2EvY2hhby1zaGktbGlhbmctamlhbi1xaWFvLXR1bi16aGVuZy1tZWktaGFvLXFpLWdlbi1rYW4tY2UtbWlhbi1iaS1iZWktbWlhbi1zaGEtdGFpLXhpYW8taHVuLmh0bWw=.json
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://rtb.adxpremium.services/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&adk=1812271804&adf=2253520748&plat=1%3A520%2C2%3A520%2C8%3A512%2C9%3A520%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C26%3A512%2C27%3A512%2C30%3A1049088%2C32%3A32&format=0x0&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238889104&bpp=3&bdt=379&idt=314&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&nras=1&correlator=8280574251330&frm=8&ife=1&pv=2&ga_vid=175170663.1661238889&ga_sid=1661238889&ga_hid=944145834&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767166%2C31068957%2C31067825&oid=2&pvsid=3031117260853865&tmod=1731377135&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=4&bc=31&ifi=1&uci=1.m96a59vykwd0&fsb=1&dtd=327
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4126554779393986&output=html&h=280&slotname=4923695364&adk=3446667921&adf=552093736&pi=t.ma~as.4923695364&w=336&fwrn=16&psa=0&format=336x280&url=https%3A%2F%2Fadx.holmesmind.com%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1661238889107&bpp=2&bdt=382&idt=331&shv=r20220818&mjsv=m202208160101&ptt=9&saldr=aa&prev_fmts=0x0&nras=1&correlator=8280574251330&frm=8&ife=1&pv=1&ga_vid=175170663.1661238889&ga_sid=1661238889&ga_hid=944145834&ga_fc=0&nhd=3&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=336&ish=280&ifk=713434785&scr_x=-12245933&scr_y=-12245933&eid=44759875%2C44759926%2C44759842%2C44767166%2C31068957%2C31067825&oid=2&pvsid=3031117260853865&tmod=1731377135&uas=0&nvt=1&top=https%3A%2F%2Fwww.bg3.co%2F&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C336%2C280&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=31&ifi=2&uci=2.lsridnvki5zn&fsb=1&dtd=336
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://pix.impdesk.com/csync/google?google_gid=CAESEKShdGffcOui4dAuOJfDcCs&google_cver=1&google_push=AehlK4DRI3bRdOyNh2obbhVrWzNY0tAp5eFiRuJb57mvdontOkqriEn0uMFz87gOaMJXa3zFwtczGmwn2ZT7c7kV6bTXwm_7fcg
Message:
Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

419c83856cef3131b93df5b3f3d1074a.safeframe.googlesyndication.com
8f8d8f9b0e83793bec47f82b460251c6.safeframe.googlesyndication.com
a.teads.tv
a.tribalfusion.com
aa48c0e92f538c1bacc05d3abdd2fd6d.safeframe.googlesyndication.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
adpushup-d.openx.net
ads.aralego.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.com.au
adx.holmesmind.com
ap.lijit.com
aplogger.adpushup.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.bing.com
c.eu1.dyntrk.com
c1.adform.net
casale-match.dotomi.com
cc.adingo.jp
cdn.adpushup.com
cdn.ampproject.org
cdn.aralego.net
cdn.indexww.com
cdn.jsdelivr.net
ce.lijit.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
code.jquery.com
contextual.media.net
core.iprom.net
cr-p1.ladsp.com
cr-p3.ladsp.jp
cr-pall.ladsp.com
creativecdn.com
cs.emxdgt.com
cs.media.net
cs.r-ad.ne.jp
csync.loopme.me
d-40317529472723931178.ampproject.net
delivery.adrecover.com
dis.criteo.com
dpm.demdex.net
dps.jp.cinarra.com
ds.uncn.jp
dsp.nrich.ai
dsum-sec.casalemedia.com
e3.adpushup.com
eb2.3lift.com
eus.rubiconproject.com
fastlane.rubiconproject.com
fksnk.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
google2waycm.netmng.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gu.dyntrk.com
gum.criteo.com
hb-api.omnitagjs.com
hblg.media.net
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
ipac.ctnsnet.com
jp-u.openx.net
js-sec.indexww.com
lg3.media.net
match.adsrvr.org
match.deepintent.com
match.taboola.com
odr.mookie1.com
onetag-sys.com
p.adsymptotic.com
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
pippio.com
pix.impdesk.com
pixel-eu.rubiconproject.com
pixel-us-east.rubiconproject.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
pm.w55c.net
pool.admedo.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
public.servenobid.com
px.ads.linkedin.com
qsearch-a.akamaihd.net
r.turn.com
rtb-csync.smartadserver.com
rtb.adxpremium.services
rtb.gumgum.com
rtb.mfadsrvr.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssbsync-global.smartadserver.com
ssbsync.smartadserver.com
ssp.disqus.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.bg3.co
static.criteo.net
sync-dsp.ad-m.asia
sync-tm.everesttech.net
sync.1rx.io
sync.aralego.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.teads.tv
sync.technoratimedia.com
tags.mathtag.com
tg.socdm.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
trc.taboola.com
u.openx.net
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
warp.media.net
www.bg3.co
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
x.yieldlift.com
aax-eu.amazon-adsystem.com
ad.360yield.com
ads.servenobid.com
b1sync.zemanta.com
bh.contextweb.com
casale-match.dotomi.com
cm.g.doubleclick.net
core.iprom.net
creativecdn.com
dpm.demdex.net
dsp.nrich.ai
dsum-sec.casalemedia.com
eus.rubiconproject.com
google2waycm.netmng.com
gu.dyntrk.com
hb-api.omnitagjs.com
image8.pubmatic.com
match.deepintent.com
odr.mookie1.com
onetag-sys.com
pippio.com
pix.impdesk.com
pixel-us-east.rubiconproject.com
pixel.rubiconproject.com
pixel.tapad.com
pool.admedo.com
rtb-csync.smartadserver.com
s.amazon-adsystem.com
simage2.pubmatic.com
ssbsync.smartadserver.com
stags.bluekai.com
sync.1rx.io
sync.ipredictive.com
sync.outbrain.com
sync.technoratimedia.com
usersync.gumgum.com
x.bidswitch.net
x.yieldlift.com
103.229.10.171
103.229.205.242
103.229.206.240
103.231.98.194
103.254.153.160
104.16.88.20
104.18.101.194
104.18.13.76
104.18.18.126
104.18.19.126
104.18.35.11
104.19.173.108
104.211.156.162
104.254.148.252
104.254.150.228
104.26.5.103
124.146.215.50
13.107.42.14
13.113.225.250
13.224.250.50
13.227.254.129
13.227.254.2
13.76.45.37
139.99.49.250
142.250.4.132
142.250.4.94
142.251.10.155
142.251.12.106
142.251.12.154
142.251.12.157
142.251.12.97
145.40.88.5
148.251.121.152
151.101.1.108
151.101.1.44
151.101.2.49
162.19.80.91
172.217.194.95
172.67.72.16
18.140.14.88
18.159.205.245
18.161.111.41
18.176.234.133
18.178.238.48
182.161.73.129
182.161.73.136
182.161.73.145
182.161.73.146
185.84.60.20
198.8.71.128
202.131.200.84
204.79.197.200
209.191.163.208
209.191.163.209
209.58.188.181
23.106.127.39
23.195.152.23
23.195.153.54
23.36.252.26
23.41.65.80
23.44.4.232
23.44.5.232
23.53.160.138
23.72.44.196
23.72.44.239
23.75.85.227
3.1.14.27
3.113.231.86
3.228.99.19
34.107.148.139
34.236.59.179
35.186.193.173
35.186.253.211
35.190.60.146
35.213.12.39
35.244.159.8
35.74.137.60
35.79.50.48
37.157.3.29
42.99.128.160
50.116.239.135
52.193.82.11
52.2.211.96
52.203.75.132
52.223.2.229
52.223.40.198
52.46.155.104
52.48.53.23
52.74.13.196
52.84.251.114
54.169.94.38
54.179.19.43
67.199.150.81
67.199.150.82
67.199.150.85
69.16.175.10
69.173.144.138
69.173.158.64
69.173.158.65
74.118.186.45
74.125.24.132
74.125.24.138
74.125.24.149
74.125.24.156
74.125.24.94
74.125.68.157
74.125.68.94
84.17.37.44
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
019474417bcdd4decbdc75af7929d925f21400a77b43f28dc7190223bc1489ea
01c5cff4bce81711eb98387befd847f24f70610d1f19753f70bbd9a927b1543b
028db0946a28c2a7fb1205af80b28e1960e1b470045996973b9a1b1f016c5447
03b14184861a1442d9b7258bf4c6dc7ea78351be5179adda3857cd49dfc10272
090ac7fdf7912708bf6e3335fc6d3eb5da2be58c78c243e934b5e93512a6df35
0915fad60bc9b61b6dcd82d05da7ec4bc0232a647e75b8507c3cba6d4d6602f9
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e6bcb56ea393c51840735172a81daa99b4b255c25b01a7785ca14b9d9173cae
10f68de7fe506521cd04d1e633e7772e2c53bb8d7de0a67f2972e8a70805d3bc
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13c37b1ef76f0f4e129f78c5d9ea97f39d10c1767ed44a31f6d1377997fa0761
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
15a73accfd667e58445a7b0d1eabbd59df5e18f5b554f9805b713f49756044f7
17d2a9596b37d5d8c0e8b46eda67f51c04e05703e5619deff979d5ef50563e91
19cfd95f861bee0df79e7e79a7728655bee60c87b7bc7f3b193c7dc6bfe7c018
1ad729ac5b9b937840e8495d19033e9ae12b6d2100d4cad9aee3cfaa995c6cfe
1be00e223b2840fe8ac2d3a1aec0cf757088dd68f53a92275d0e1db6cb9afced
1c877b4b7e75bf2c8432415bb762ed9bfc73830abf68497eff686fcc9fa44f9f
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1f2296da7eb60b4b614ee00b9a30c6dde0c66d32ff0c57f265b6ec53ed075ab5
21902e4026c2f774fbd13f64845d6fd3a823c1ea64ee93e76a9fe06a49a74711
22da7fd90bee3d5a37570c9ed148dfa1a49fe0e2da62325a06ef8314f7822429
22e0c8d461f81e0f5ec0c6ddcdc7096ccea7f9ebfec3d9bb19d4a088b58e035c
24302eeb5b736bcc9f610299a37ac5dcf7e5b4c11591489fe9ad89f1533bd09b
243506277e64a9ce1cc92b117b4991f1b80c14c2f56e8e95b397370a7f1450dc
246c359f33b48f053a9bfdf66b736791cdf015e5c2288d388c87173e5de0508e
26914004d3a8d5ddde2202b642d7936eb61c9f195b5cd3c87e44ef8ad4d57c16
2836254d7fd088db3479666ed718600b4369158e75b500a75a3dddd91d335201
2c36344b8f26c0f0df4305dd596d17a34d754bbd5c74ad01aa016f9285e45b74
2c64cf7ee5f81d959886e39e1a58f7dcf963419be91a86664c5d8147abc51774
2ddd856293e292dd76897e078bd95b974306d6101404379aba6a01525d18f856
2e900fc15b08de961ba57697f07cb1458e8acc07bcd85e341604da3ff6b01274
30f243b091c86829a73615c320e9b1adbcc598dc05ac440fc266c45e8405e9d6
326c32d7ffbd04762a10cf5bb37441d418397959381d3893c9e9a48217aa5347
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334f93c83f162f7190b0b50cc5677b01aaa362a8b44473e69a176cacff11a940
3378135f525fc551ce49d2c117e9967735794757a4c71910d8c1b8fa38bf3f2c
356e5440c3d82fdbddc94875bb41e29b276d2c362c0cc6a9d19125e0ae172eb5
35e41cdaa36382c69454eac396fb24c28bd850f83e0b21436a213b0ae6a2409f
36a7d95f2760a813f3e782dfc125ea786174d581d6f6f896021d6994e9514bd6
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e8d1edbe8598395c7327ff1752c4a029e0b3789b0a044d231eeddc8c5fcb0fe
3f5a7b5f909e58b8dd7be1bb88a076a12e86780f89eafd3b994e6d4ceb4abcfd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
41edef94fa9634d734710c9c94b675266e13e4c2fabd3495b5e346db18beea45
41f36457d5ec5bd7d115c29bea53e0d1ff77de7418837ef39e897f3b7d497e8a
46099df616e91dfd4ed3de7cb1450caea1b1fbf933e8ed4117b8df48cb5eb062
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
485d5501e31383c2f409a4107825d23d85b34306aa37501c6930d91de2ac4b6c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49d1f8dfa733c0f01de9f41b1930e61afc8296071b5572526a48d26d0755571c
49e2385cc0f6aab2f7c125d4867589f75d64863adffcdea0dea2cabc3dea7af4
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf603ca4ee21ca9b766ccc5a6ebe86ac1c591f489fa03e2eac26a432c0c96f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e4511255249a63b4101c63f6c91885bc36887c8cc636569cbfc935026ff8c49
4eaf086101efbf5310adfc867314d7005ea3986547b8611dcb5a33a751c161ea
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fce4a9fb29d9f8c66fa609f77e869584b97c5a1def96fdd9c788445bf7d5cd5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50ec9576568dd17b15250e2c02ac2b5c1e76948a06a922c881618bc8e341b6ab
52a3b488422067bc7a4fb2d693693f0fcc743cff3334849f2a62581d960013b3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
554f83475d104e6d126d6141c6390ed0290858fd587c14d48a4bf06457e50997
557aac1b02f125286102fdd0d5b9cfb7116d9e9cd6dfa2474ee2b0d5d2c94aac
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57000ea03bfb53734d0858b8fe992e6742226f23f311eb0f9d2177e2a84a5621
57ba9c79273602051bd0fa9f6dcd52a3f199dc59f134308efeeaad35424b8311
596c2cc6655f271a7e1de2980e23a505da2bb8ff13efb746b1e0a60ac199db92
59b02f3e1a3e944e2dadfec22abca321222873c1bb4deb7ffc3d39a7455f1794
5c12e87c4fc3311ee49576c3a816aa5394671b7642611ce306713f73ddc7411d
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dc26664099fc3ed076210ca3fb9b8d5ba67c1a7d45363ca0da2f80489bdc28
6504fceb4326d8ac227e4403f0fda47214692c5a22afed356fc7cf45a3f87e31
6527e4cd14173fac2d981008d0d87378ee25fcc46b0b8bbfa6e5419489e95e7a
6537b8025364bd8ab573b927a3033a905eb3c7241f8c65ffcbde71db76cd73d8
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
672b52a518419085b090e36b2299db83c317229e35a653dc1e2205814d60d559
67aed7879e0c8d89941711779d2b4adb08639ef6bc984e612ef807669ddeac0f
69f2f64deee265e16cfce1655ea8a7f5c2dc399e50d1cb81d2224ee4c801b32b
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6d83b77c3d8c5c0ccc7078540a1fb0bd9fa43eeb82b89f83264d469aa100c088
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
75aaa6282f495e3ff4953fb2a46541549963bb72a43d0a9466d7c92e510d8dd2
775d5fb6acac04ef6d1ef99fcb13f66f6f49f6ee6275784057d047178a082af3
77a962500f35ac6074010441ea3f54299ccd012893bdbdb97f1b6be0bdab4fbb
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7dffce0c0a5a77fbc36790ce9c159d8f7055e31b4ebe918c7eb03b2675a9b88d
7e52b222c0ab53848fd101f8f256bdd34822fc1cd04659e29235b186f9d58b59
7efdca1ce8a8ee4fb50887d9f88bdace1026e0f76ea1e64a802b97402d825a79
813b2bb63932da3d76e4aa0c5a75653344b87a154a2aeb07cad162a25aca59b5
81f5a7091558670bff70c3e80511e3f24f1b2e377b89531966bcd6cde6e3362d
825cc80902f9af3dbf552cf0818b2b7db587af77bcd77ab6db82c4d661123180
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
83147c4cf00c61d77d068152fdb541e2ca7761e0990682db23e77fb7affdceb4
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8374dd11907f18ed2edaf39a51a5bd3f638e35120d821d6068d653afd8e76915
8492f3fc13f89700f09e8a96308911979a6289be084af2c497ea54dbd7dd7f5f
85062b5209b79a0b711d328194138c961240353508cb691244a1745abda72591
857e2ebcfaa681528084788a9e20e6d2da80ba89854199301c1124d4e0d823ea
85af3052d288ffd9157258dfe4daf5309f0b64d0067ab8221cd0c62909c18419
869b6eb33ba3347946da6a8105161515a17401aab915b44e96e5c2c3a4a6c635
87fbfeba737f5f8c702482812938f7c05d7fb7b41b012bb19d9d46ceb76c49af
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ae78cfe6ee6192120b022cb3c00d586542309c4b88076fe6f12c0f7ef65f015
8b7af2fec00cbf99c3fae07c2fb70511dda8d5e8e2ce8d9c9b0beda43701a836
8ddca9487cebf74aa09048c0dc3e192ec4ea3ec8ad2f79fbae6a9eff115718eb
91a8ea37de90c116390b167dfc281ce0ed7e8f324ff1fd834bb27aca9db191db
92476139419d60ba68a355035d2674a89d04a643b2738409e304840e61b0d828
9284d948e86d2e99f31483b5f4b3a4c3e65e0a6fbca9a8d2db8c6095f82ac3f5
94d0f58d59d47ce925f66c6884938e43e9b9e4361682f863e0ba88c102883517
952f65c3304c29b0eeb743b476cfebb9f4dfc57066a51f54a8a5f45d18fefa52
968012b3a49390a10d31c6d36b2aab796ec167a83378b5f9787756ee7cb035c5
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99d449712d5a8f936b9d3a8e381bd23ee663b98d0b8ca5bf4a4a2a09a3658b64
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c22f77404b69c55f5c66c1b762e22715a1552515a568c23437860afa5d96cca
9cf0e66bf931b70e3ac5dfc3ba698ec9f497790b5045ba5422b9209806c02a3f
9eae654a8e0aa0f026bb1996cea3a04436c05a266a3dff7b28bbc23d70ddc766
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1736f9b7eb1d8d82a793a449a1977304ace4f27f42ed26f3f015fb6953b3173
a1ed4fbf10ad677f9ad23db958dfa09a1b8181a9543031414d4e33581dec8ad0
a29f2cd392c7f9b75f34c68946a3c95b13d66ce1fd2942946e2f6b1744abf238
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f8d308a537be4d8442135addd3a1637ad70c831ec8d6fb21b460dc392031e3
a51abdc945bd68a425eddc829372fe5380aff8fe0343c7246784db121f65f994
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8993772c9eb591474f38d257bebc8c4286703e1af72d04c8c294be5fff7b649
aa05961c0b6903df6795439c22b3f7a49b0154bf524764fb61e1658693e7bb9b
ad8461c6fa7ab61f3a458881569a9b6ecf186f409ec6a93b14e678e9e98fa53c
adb515834cb0fb5ae90c907f1a800395776858d5c24ed71b8f80329ff22c8d1a
ae908b18f52be43bdee7fb90dd1aefe4d1473e2bc980da342acc846dffe2a58b
afac8c6114f00efef4356e4c4525d11d881145d709f9e82d8ee2c22f60eeb730
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15794d7b651b23f9d007f19a4b00e355d2906fd8057e93ae1bb141fc6dd5607
b703e463206e557fbb495c56ceefa60fdeec10f0f3026a61e056c1a2032cd6d4
b7d743060ebcc58d3905601ab73b2580904ce8c5594664b1d85d1dcca4c7f509
b811b194b5aae396d784586653ce575564fed5bede84da586853bac02f8ae179
ba7beca0f5402387b359ad40d2af0dda9632f6b81e2aa0c26336324c358c3e10
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb6c4af389ff03d7b0fbb9cf432598ee3b3a56246d5aa0ea3edfdb020aab1227
c03309508167a8437687b3e06918ffb9427be6b3e34f1f020a11f02bbc584941
c0d0b5ecf5aa2cd5475929aefcb44d67c5d5cc8cbcdb3991e45f0944f0344619
c1234f3361c8f2883c2713ae31e92a010cf2d8d369c797a26468413eba569dd2
c334ecbdd89a20d6a6baf6dee7e64657d40830672f405fb6a3dfecb299a84720
c33b10192b81770be2fe8111a90605381ea989da65bc97b457747fdb96a416f8
c5068652d2e91ff8a12bd334ea7ce87b7225f6da4a6a2841c8b51c24029a392b
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c9499ea51a2956fd2c1600591ae117fe9ad81065d625b1b2c593c7720e5b228f
caa92478664959545c65121f6bb4e48e3e0402039de9b6f0aa3ba745f38c525c
cb030b236e5184d342a50954b9febfbdb0556ff0b2572cef64ebd8802d40fb6f
cdc66d4e259bbcfb9e1c4b8531294385a863d04ea6b22e498a1e967124c7b571
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d13eef70c5960e5ebccdd001715bb8aedee3b6c0be3a028512eea8b8d0537493
d2ecf750217bed740415330478fa8c8278bae82c2f500d3cd6a4c45f6877cc61
d4af920697e66a45d52a593a34f7a2d60e6ae2a9b182f817560b1f4342a1efc1
d9cf383923250025f0946cf1fc305a3a066ef9741084174afcb6e55287e7a53e
da4085030009e98daf6eb2656f5fae35c7a3bb947e1a290ddbb20581cc2678b9
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
dab24ad7f0f2ec38bad3b0f961db6fe96dfd1fb14bd5cfb087cefa4f14f7ddf0
dc116dea3dafaf456fdd9396d5c296fe954650fc6d4b7412716dd05d9d79a8d4
dcd568aa5c7864cae0406e325578009ad2888acc2b4b153aeaac3b76d0788c2d
de317176fa6b64a8e89bbd45d20b6be2560bbfa96e7e53e63eb754e18bfe6c1f
deaeeee0f1ce49db07a70657e5910d3ec97d35efb9dc8e34b9dff9a365847a61
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
dfa729d82a3effadab1000181cb99108f232721e3b0af74cfae4c12704b35a32
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e2bcaa1a057d41a665402c26800748817ee8ef0c867cf3c45c1608da0820daf1
e37b29ddddf1ca555284cfe7ac528c7c424fc61da81ad386a33d5e41cb0b661d
e3849fdc1eab88579b20b1b56875d6ef8299c4ad165e03921400ccae69149861
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e813a8d8d41c0dbdc33020ad6ef27d16afd2b590ceeb998e267409c8f666b829
e840d901c827ce3644d87e5bd6ed2a7e020c06ceec7cb516ef2e1b78f3e669f0
e9f4c6b8a0babff8c615529d9d20414345c02fc2d16321119c65d6c13beffcad
eb27e6d5e41e67b47da040a4109466e455c252b0772b0f9f3a74954a5b0ec2ec
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
edc30a0e05622f71d52d07a0b7b5e94e654ee06854f893be1954336730eb0db6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f60470b418489678f52a25d72e9bdd7fe0479d57e62f49d28b499423773460fb
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f67d47baf39a87cc4da1eda8f3bd9b2f56f1553e40e7420f5f76574c18991b10
f7248f05ab2b77595f1640ee6dbc24d6d4ab069c538f63f634a613acaf501968
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f77da195c72d2ce251b4ba28e6c25ed9029184bd529c2fc7a31e2566530d7e82
f77f47058428a1c21dad5a75ac13fbfdeb9858947218fee2112fded5972a0b5d
f89279deaf8f2fbf354ded8854581f2b6f731d806e86870ff82c590c3d000ffc
fa200c0af6cfc8ad1c6d680dcb509143d3a94edc9ac2235087d98b351adb73dd
fb822981f1f1ccefef19a5d89f47ba2472af885684ff84e1c0320f60aca82ac4
fd55646df908cf289bfcd99e2f430b2600e15e16aed2fd0f02a1fab9f34b8241
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e